Select Page
Figure 1. Sample of an Azure Defender alert raised in response to a Dangle DNS record has been detected.

Azure Defender for App Service introduces dangling DNS protection

Resources hosted on Azure App Service are at the forefront as attackers are constantly on the lookout for vulnerabilities in web applications. Dormant domains are a permanent resident on the checklist of both opportunistic and target-oriented attackers. To reduce potential ... continue reading
Why threat protection is critical to your Zero Trust security strategy

Why threat protection is critical to your Zero Trust security strategy

The corporate network perimeter has been completely redefined. Many IT leaders are adopting a Zero Trust security model where identities play a critical role in helping act as the foundation of their modern cybersecurity strategy. As a result, cybercriminals have ... continue reading
MEM-CMcollection.jpg

MEM – Managing CM Collection in the Cloud Configuration and Troubleshooting

Dear IT pros, As you knew it, starting with Microsoft Endpoint Configuration Manager - MCM version 1906 (SCCM version 1906) you could enable co-management for Endpoint Manager -MEM (Intune) devices in the Azure Public Cloud, Azure US Government Cloud. The ... continue reading

Sophisticated cybersecurity threats demand collaborative, global response

Microsoft’s response to Solorigate Since December, the United States, its government, and other critical institutions including security firms have been addressing the world’s latest serious nation-state cyberattack, sometimes referred to as ‘Solorigate’ or ‘SUNBURST.’ As we shared earlier this is ... continue reading

Configuration Manager Current Branch Antivirus Exclusions

Hey everybody! My name is Brandon McMillan and I am a Microsoft Endpoint Configuration Manager (ConfigMgr) CE at Microsoft. ConfigMgr Current Branch has been the standard service-based model since December 2015 with the release of version 1511. You may have ... continue reading
OPS101: Securing your Hybrid environment - Part 1 - Azure Security Center

OPS101: Securing your Hybrid environment – Part 1 – Azure Security Center

Now more than ever, organizations are challenged with keeping their employees productive working remotely and interacting with their customers over digital channels. At the same time there has been an increase in evolving digital security threats as bad actors recognize ... continue reading
OPS106: How to be an AD hybrid health hero

OPS106: How to be an AD hybrid health hero

Once you've connected your identity to Azure AD, how do you ensure it continues to function as expected? In this session, you'll learn how to keep your hybrid identity environment healthy, across different Active Directory and Azure Active Directory scenarios ... continue reading
Graph showing timeline of the Necurs takedown and the staging and operation of StrangeU and RandomU

What tracking an attacker email infrastructure tells us about persistent cybercriminal operations

From March to December 2020, we tracked segments of a dynamically generated email infrastructure that attackers used to send more than a million emails per month, distributing at least seven distinct malware families in dozens of campaigns using a variety ... continue reading
ZINC attacks against security researchers

ZINC attacks against security researchers

In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. The campaign originally came to our attention after Microsoft Defender for Endpoint detected an attack in progress. Observed targeting includes pen testers, private ... continue reading
Thycotic Logo

Protecting multi-cloud environments with Azure Security Center

We’ve heard from many of you that multi-cloud adoption is becoming a standard operating model for your organization and that it’s challenging to have the right security controls and posture across your environment. Historically, security teams have not had effective ... continue reading