Select Page
PaulHarrison_0-1640716009126.png

Recurring Active Directory Checks

Q: I just had an Active Directory (AD) or Active Directory Security health assessment from Microsoft, and they found some stuff I didn’t know about, or they found other items I knew to check for but forgot about. While I ... continue reading
Diagram showing components of Qakbot campaigns as building blocks

A closer look at Qakbot’s latest building blocks (and how to knock them down)

Multiple Qakbot campaigns that are active at any given time prove that the decade-old malware continues to be many attackers’ tool of choice, a customizable chameleon that adapts to suit the needs of the multiple threat actor groups that utilize ... continue reading
Map showing countries targeted by NICKEL attacks

NICKEL targeting government organizations across Latin America and Europe

The Microsoft Threat Intelligence Center (MSTIC) has observed NICKEL, a China-based threat actor, targeting governments, diplomatic entities, and non-governmental organizations (NGOs) across Central and South America, the Caribbean, Europe, and North America. MSTIC has been tracking NICKEL since 2016 and ... continue reading
Partner relationships page in the Microsoft 365 admin center.

How to investigate service provider trust chains in the cloud

In a recent Microsoft blog post, we documented technical guidance for organizations to protect themselves from the latest NOBELIUM activity that was found to target technology service providers, which are privileged in their downstream customer tenants, as a method to ... continue reading
Azure Virtual WAN is a unified hub and spoke based architecture providing Network-as-a-Service for connectivity, security, and routing using the Microsoft Global Backbone

Simplify connectivity, routing, and security with Azure Virtual WAN

Over the past few months, we added several new capabilities to Azure Virtual WAN which customers can embrace to significantly simplify routing design and management in Azure, and secure traffic flows. Before we introduce these new capabilities, let us revisit ... continue reading

Protect against phishing with Attack Simulation Training in Microsoft Defender for Office 365

Sophisticated cyberattacks are on the rise, with email phishing as the most common attack vector. We’ve seen it all over the news with stories like Hafnium that targeted Exchange servers1 or the Nobelium attack against SolarWinds,2 which show just how ... continue reading
Timeline showing dates, threat actor, and malware payload of ransomware attacks by Iranian threat actors

Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021

Over the past year, the Microsoft Threat Intelligence Center (MSTIC) has observed a gradual evolution of the tools, techniques, and procedures employed by malicious network operators based in Iran. At CyberWarCon 2021, MSTIC analysts presented their analysis of these trends ... continue reading
What's the difference between Azure AD Graph, Azure Resource Graph and Microsoft Graph?

What's the difference between Azure AD Graph, Azure Resource Graph and Microsoft Graph?

It started with a tweet. Microsoft MVP Joe Stocker shared Alex Simon's article "Automate and manage Azure AD tasks at scale with the Microsoft Graph PowerShell SDK", where Derrick Kimani (Microsoft Identity Division Program Manager) lays out the plan for ... continue reading
ChristianKielhorn_12-1636488021862.png

How to retrieve an Azure AD Bulk Token with PowerShell

Hi, my Name is Christian Kielhorn, and I’m a Senior Customer Engineer – formerly known as Premier Field Engineer – within Germanys Customer Success Organization for Modern Work. Today I’d like to come back to a customer’s question – as ... continue reading
New identity partnerships and integrations to strengthen your security

New identity partnerships and integrations to strengthen your security

This week is Microsoft Ignite and we’re excited to share the latest identity innovations we’ve released to help you be more resilient, secure, and productive across platforms and clouds. In addition to the new innovations we shared earlier this week, ... continue reading