Select Page
Graphic illustrates the steps, goals, and initial questions in DART’s ransomware investigation assistance.

A guide to combatting human-operated ransomware: Part 1

This blog is part one of a two-part series focused on how Microsoft DART helps customers with human-operated ransomware. For more guidance on human-operated ransomware and how to defend against these extortion-based attacks, refer to our human-operated ransomware docs page ... continue reading
Screenshot of code showing the original exploit vector

Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability

In August, Microsoft Threat Intelligence Center (MSTIC) identified a small number of attacks (less than 10) that attempted to exploit a remote code execution vulnerability in MSHTML using specially crafted Microsoft Office documents. These attacks used the vulnerability, tracked as ... continue reading
Multi-zone Windows Server Failover Cluster with shared ZRS disk

Improve availability with zone-redundant storage for Azure Disk Storage

As organizations continue to accelerate their cloud adoption, the need for reliable infrastructure is critical to ensure business continuity and avoid costly disruptions. Azure Disk Storage provides maximum resiliency for all workloads with an industry-leading zero percent annual failure rate ... continue reading
Azure Unblogged - Azure Confidential Computing

Azure Unblogged – Azure Confidential Computing

In this episode of Azure Unblogged, Thomas Maurer speaks with Stefano Tempesta about Azure Confidential computing. Confidential computing is the protection of data in use by performing computation in a hardware-based Trusted Execution Environment (TEE). While cloud-native workloads data is ... continue reading
An image in white text that reads deploy more intelligent solutions with AI and advanced technologies download the white paper

4 ways AI, computer vision, and related technologies expand IoT solutions

Inspecting five million vehicle welds every day requires the ability to check a weld’s quality every 17 milliseconds—an impossible challenge for a human. This type of quality control task is just one of many where the combined technologies of computer ... continue reading
The five levels of CMMC.

How to prepare for CMMC compliance as a defense industrial base supplier using the Microsoft cloud

In 2020, the US Department of Defense (DoD) began the phased rollout of a new framework for protecting their supply chain, known as the defense industrial base (DIB). This new Cybersecurity Maturity Model Certification1 (CMMC) system requires regular audits that ... continue reading
Diagram showing attack chain of phishing campaigns that use open redirect links

Widespread credential phishing campaign abuses open redirector links

Microsoft has been actively tracking a widespread credential phishing campaign using open redirector links. Attackers combine these links with social engineering baits that impersonate well-known productivity tools and services to lure users into clicking. Doing so leads to a series ... continue reading
Attack flow for Mozi botnet.

How to proactively defend against Mozi IoT botnet

Mozi is a peer-to-peer (P2P) botnet that uses a BitTorrent-like network to infect IoT devices such as network gateways and digital video records (DVRs). It works by exploiting weak telnet passwords1 and nearly a dozen unpatched IoT vulnerabilities2 and it’s ... continue reading
Trend-spotting email techniques: How modern phishing emails hide in plain sight

Trend-spotting email techniques: How modern phishing emails hide in plain sight

With the massive volume of emails sent each day, coupled with the many methods that attackers use to blend in, identifying the unusual and malicious is more challenging than ever. An obscure Unicode character in a few emails is innocuous ... continue reading

Migrating content from traditional SIEMs to Azure Sentinel

In part two of this three-part series, we covered the five types of side-by-side security information and event management (SIEM) configurations commonly used during a long-term migration to Microsoft Azure Sentinel. For part three, we’ll be looking at best practices ... continue reading