Select Page
diagram

DEV-0139 launches targeted attacks against the cryptocurrency industry

Over the past several years, the cryptocurrency market has considerably expanded, gaining the interest of investors and threat actors. Cryptocurrency itself has been used by cybercriminals for their operations, notably for ransom payment in ransomware attacks, but we have also ... continue reading
Reserved Instance/Savings Plan scopes

Quick Reference: Understanding Azure Reservations vs Savings Plans

  Hi everyone! Brandon Wilson (Cloud Solution Architect/Engineer) here today to discuss some of the higher-level points of Azure Savings Plans, a new offering to help customers save, and Azure reservations (ie; reserved instances). This post isn’t intended to be ... continue reading
Flowchart for Azure Active Directory issuing tokens.

Token tactics: How to prevent, detect, and respond to cloud token theft

As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has ... continue reading

How businesses are gaining integrated data protection with Microsoft Purview

Currently, our interconnected world is creating 2.5 quintillion bytes of data every day.1 Every purchase made, every email sent, every contract signed: all of it gets shared, accessed, and stored. We take it on faith that organizations are doing all ... continue reading
Click to watch video on Microsoft's YouTube channel.

Leverage SFTP support for Azure Blob Storage to build a unified data lake

Today, we are announcing that SSH File Transfer Protocol (SFTP) support for Azure Blob Storage is generally available. SFTP support for Azure Blob Storage is a fully managed, highly scalable SFTP service that enables simple, secure, and easy-to-manage file transfers ... continue reading

How Microsoft Purview and Priva help simplify data protection

At Microsoft Security, we understand how challenging it is to protect your most important asset, your data, in today’s threat landscape. You’re faced with evolving challenges—from empowering employees for greater productivity to eliminating gaps in your infrastructure—all while trying to ... continue reading

Microsoft and INT deploy IVAAP for OSDU Data Platform on Microsoft Energy Data Services

This post was co-authored by Fabrice Buron, Chief Commercial Officer, INT. Energy companies are currently going through a massive transformation by moving hundreds of applications to monitor, interpret, and administer their data into the cloud. In addition, they have embarked on ... continue reading
Diagram of the attacks using Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

October 1, 2022 update – Added information about Exploit:Script/ExchgProxyRequest.A, Microsoft Defender AV’s robust detection for exploit behavior related to this threat. We also removed a section on MFA as a mitigation, which was included in a prior version of this ... continue reading
MichaelHildebrand_0-1664556234291.png

Prepare for Cloud Service Disaster Recovery – Export Key M365 Services Configurations

Not too long ago, it was the first day of school, then it was the first NFL game and we just passed the first day of fall.  As seasons change, I am reminded of the things that I should do ... continue reading
A diagram of the attack chain. It presents the flow of activity from left to right, starting with the attacker gaining access to its target tenant and leading to spam messages being sent to targets.

Malicious OAuth applications used to compromise email servers and spread spam

Microsoft researchers recently investigated an attack where malicious OAuth applications were deployed on compromised cloud tenants and then used to control Exchange servers and spread spam. The investigation revealed that the threat actor launched credential stuffing attacks against high-risk accounts ... continue reading