Microsoft Defender for Endpoint Adding Tags for Multiple Devices from CSV List
Bruno Gabrielli and Tan Tran Dear IT Pros, Related to Microsoft Defender for Endpoint, recently we got a request from a customer to create the Defender group of tool devices running Windows 10 Operating Systems. This device group later will ... continue reading

Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop
More than a month into the discovery of Solorigate, investigations continue to unearth new details that prove it is one of the most sophisticated and protracted intrusion attacks of the decade. Our continued analysis of threat data shows that the ... continue reading

Using Zero Trust principles to protect against sophisticated attacks like Solorigate
The Solorigate supply chain attack has captured the focus of the world over the last month. This attack was simultaneously sophisticated and ordinary. The actor demonstrated sophistication in the breadth of tactics used to penetrate, expand across, and persist in ... continue reading
Windows Defender SmartScreen – File and Flash Player blockage problem.
SmartScreen has become a part of Windows 10 OS, it was named as Windows Defender SmartScreen. It is useful to protect not just Edge, Internet Explorer browsers but also other applications such as third-party browsers, Email Client and Apps from ... continue reading

Increasing resilience against Solorigate and other sophisticated attacks with Microsoft Defender
Even as investigations into the sophisticated attack known as Solorigate are still underway, details and insights about the tools, patterns, and methods used by the attackers point to steps that organizations can take to improve their defenses against similar attacks ... continue reading
New Surface PCs enable virtualization-based security (VBS) by default to empower customers to do more, securely
VBS and HVCI-enabled devices help protect from advanced attacks Escalation of privilege attacks are a malicious actor’s best friend, and they often target sensitive information stored in memory. These kinds of attacks can turn a minor user mode compromise into ... continue reading
The dynamic duo: How to build a red and blue team to strengthen your cybersecurity, Part 1
The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the first post of our new Voice of the Community blog series, Microsoft Product Marketing Manager Natalia Godyla talks with Jake Williams, ... continue reading
Azure Sentinel: Using rule templates
Microsoft's Azure Sentinel, our Security Incident and Event Management (SIEM) solution, enables you to connect activity data from different sources into a shared workspace. That data ingestion is just the first step in the process though. The power comes from ... continue reading

Using Microsoft 365 Defender to protect against Solorigate
Microsoft security researchers continue to investigate and respond to the sophisticated cyberattack known as Solorigate (also referred to as Sunburst by FireEye) involving a supply chain compromise and the subsequent compromise of cloud assets. While the related investigations and impact ... continue reading
Microsoft Defender for Endpoint Upgrade Readiness MacOS Big Sur
Hi IT Pros, Today we discuss about preparing our MD for Endpoint on Organization’s MacOS Systems and make them ready for “Big Sur”, the greatest and latest version of Mac operating system which is released by Apple on the 12th ... continue reading