Select Page
Enclave Device Blueprint Architecture

The Enclave Device Blueprint for confidential computing at the edge

A major milestone towards making confidential computing in IoT mainstream for privacy and safety. In collaboration with Arm® Technologies and Scalys BV, we are announcing the immediate availability of the Enclave Device Blueprint to help towards making confidential computing a ... continue reading
DagmarHeidecker_0-1633936309439.png

NDES Security Best Practices

Hi, I am Dagmar, working for the Microsoft Compromise Recovery Security Practice team. As NDES (Network Device Enrollment Server) – if misconfigured or not secured and hardened properly – can be a door opener for the compromise of an Active ... continue reading

Practical tips on how to use application security testing and testing standards

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Daniel Cuthbert, Global ... continue reading
Standardize DevOps practices across hybrid and multicloud environments

Standardize DevOps practices across hybrid and multicloud environments

In this video, I had the chance to speak with Jason Hansen (Principal Program Manager at Microsoft) about how you can use Azure Arc to standardize DevOps practices across hybrid and multicloud environments. Configurations and GitOps with Azure Arc-enabled Kubernetes ... continue reading
Diagram showing structure of Microsoft.IdentityServer.ServiceHost.exe after loading version.dll

FoggyWeb: Targeted NOBELIUM malware leads to persistent backdoor

Microsoft continues to work with partners and customers to track and expand our knowledge of the threat actor we refer to as NOBELIUM, the actor behind the SUNBURST backdoor, TEARDROP malware, and related components. As we stated before, we suspect ... continue reading
Graphic outlines DART’s containment steps, which cover assessing the scope of the situation and preserving existing systems.

A guide to combatting human-operated ransomware: Part 2

This blog is part two of a two-part series focused on how Microsoft DART helps customers with human-operated ransomware. For more guidance on human-operated ransomware and how to defend against these extortion-based attacks, refer to our human-operated ransomware docs page ... continue reading
Centrally design, deploy, and operate Kubernetes apps and clusters anywhere using Azure Arc

Centrally design, deploy, and operate Kubernetes apps and clusters anywhere using Azure Arc

In this video, I had the chance to speak with Jason Hansen (Principal Program Manager at Microsoft) about how you can centrally design, deploy, and operate Kubernetes apps and clusters anywhere using Azure Arc. What is Azure Arc-enabled Kubernetes? With ... continue reading
Graphic illustrates the steps, goals, and initial questions in DART’s ransomware investigation assistance.

A guide to combatting human-operated ransomware: Part 1

This blog is part one of a two-part series focused on how Microsoft DART helps customers with human-operated ransomware. For more guidance on human-operated ransomware and how to defend against these extortion-based attacks, refer to our human-operated ransomware docs page ... continue reading
Microsoft's recommended mitigation prioritizations: prepare, limit, and prevent.

3 steps to prevent and recover from ransomware

On July 14, 2021, the National Cybersecurity Center of Excellence1 (NCCoE) at the National Institute of Standards and Technology2 (NIST) hosted a virtual workshop3 to seek feedback from government and industry experts on practical approaches to preventing and recovering from ... continue reading
Screenshot of code showing instance of SSH

A deep-dive into the SolarWinds Serv-U SSH vulnerability

Several weeks ago, Microsoft detected a 0-day remote code execution exploit being used to attack the SolarWinds Serv-U FTP software in limited and targeted attacks. The Microsoft Threat Intelligence Center (MSTIC) attributed the attack with high confidence to DEV-0322, a ... continue reading