Microsoft Entra Internet Access: An Identity-Centric Secure Web Gateway Solution
In our previous blog, we introduced Microsoft’s identity-centric security service edge (SSE) solution and two new services: Microsoft Entra Private Access and Microsoft Entra Internet Access. This blog continues the series around Microsoft’s new SSE solution, where we’ll take a ... continue reading
How Tenant Restrictions v2 Can be Used to Prevent Data Exfiltration
In a previous blog, we introduced Continuous Access Evaluation (CAE) - a product that brings Zero Trust principles to session management. Today we would like to discuss securing cross-tenant access with a focus on preventing data exfiltration. It’s impossible to imagine ... continue reading

Malware distributor Storm-0324 facilitates ransomware access
The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ... continue reading

Cloud Cultures, Part 3: The pursuit of excellence in the United Kingdom
The swift progression of technological innovation is truly captivating. However, for me, what holds an even greater fascination is the intricate interplay of people, narratives, and life encounters that shape how technology is used every day. The outcomes of cloud ... continue reading

Midnight Blizzard conducts targeted social engineering over Microsoft Teams
Microsoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as Midnight Blizzard (previously tracked as NOBELIUM). This latest attack, combined with past ... continue reading

Analysis of Storm-0558 techniques for unauthorized email access
Executive summary On July 11, 2023, Microsoft published two blogs detailing a malicious campaign by a threat actor tracked as Storm-0558 that targeted customer email that we’ve detected and mitigated: Microsoft Security Response Center and Microsoft on the Issues. As we ... continue reading

The five-day job: A BlackByte ransomware intrusion case study
As ransomware attacks continue to grow in number and sophistication, threat actors can quickly impact business operations if organizations are not well prepared. In a recent investigation by Microsoft Incident Response (previously known as Microsoft Detection and Response Team – ... continue reading

11 best practices for securing data in cloud services
In today’s digital age, cloud computing has become an essential part of businesses, enabling them to store and access their data from anywhere. However, with convenience comes the risk of data breaches and cyberattacks. Therefore, it is crucial to implement ... continue reading
Azure Landing Zone Accelerator for AVS – Using a Central Hub in Azure
Options for network connectivity with AVS There are many options for network connectivity when it comes to Azure VMware Solution. This post reviews utilizing a central hub network in Azure. Network Architecture Use ExpressRoute for maximum bandwidth from on-premises. VPN is also ... continue reading
Important: Azure AD Graph Retirement and Powershell Module Deprecation
In 2019, we announced deprecation of the Azure AD Graph service. One year ago we communicated that Azure AD Graph will be retired and stop functioning after June 30, 2023. We also previously communicated that three legacy PowerShell modules (Azure ... continue reading