Select Page

How to avoid getting caught in a “Groundhog Day” loop of security issues

It’s Cyber Security Awareness Month and it made me think about one of my favorite movies, called Groundhog Day. Have you ever seen it? Bill Murray is the cynical weatherman, Phil Connors, who gets stuck in an endless loop where ... continue reading
In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

In hot pursuit of elusive threats: AI-driven behavior-based blocking stops attacks in their tracks

Our experience in detecting and blocking threats on millions of endpoints tells us that attackers will stop at nothing to circumvent protections. Even one gap in security can be disastrous to an organization. At Microsoft, we don’t stop finding new ... continue reading
:smile:

All your creds are belong to us!

A few days ago, our team helped someone who had been a target of account takeover (ATO). Despite protecting the account with mandatory two-step verification using SMS and the Authenticator app, attackers had broken into the account and changed the ... continue reading

Virtualization-Based Security: Enabled by Default

Virtualization-based Security (VBS) uses hardware virtualization features to create and isolate a secure region of memory from the normal operating system. Windows can use this "virtual secure mode" (VSM) to host a number of security solutions, providing them with greatly ... continue reading
Rethinking how we learn security

Rethinking how we learn security

A couple of years ago, I wrote an article on the relative lack of investor and startup interest in addressing a crucial CISO priority—the preparedness of employees on the security team. Considering what seems to be a steady stream of ... continue reading
Enhanced Audit Status Message Queries

Enhanced Audit Status Message Queries

First published on TECHNET on Mar 18, 2019Authored by Brandon McMillanHello everyone! My name is Brandon McMillan and I am a System Center Configuration Manager (ConfigMgr) PFE. I have found that Status Message Queries can be one of the more ... continue reading
System Center 2012 Configuration Manager Antivirus Exclusions

System Center 2012 Configuration Manager Antivirus Exclusions

First published on TECHNET on Nov 29, 2012Authored by Clifton Hughes I have seen this question asked and answered in some articles and blog posts, however, after teaching the Concepts and Admin Workshop for the new version of the product ... continue reading
Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware

Bring your own LOLBin: Multi-stage, fileless Nodersok campaign delivers rare Node.js-based malware

We’ve discussed the challenges that fileless threats pose in security, and how Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) employs advanced strategies to defeat these sophisticated threats. Part of the slyness of fileless malware is their use of living-off-the-land ... continue reading

New Azure Blueprint enables SWIFT CSP compliance on Azure

This morning at the SIBOS conference in London we announced how our new Azure Blueprint is being introduced by Microsoft in conjunction with the recent efforts to enable SWIFT connectivity in the cloud. It supports our joint customers in compliance ... continue reading
Blog Photos

Navigating the intelligent edge: answers to top questions

Over the past ten years, Microsoft has seen embedded IoT devices get progressively smarter and more connected, running software intelligence near the point where the data is being generated within a network. And having memory and compute capabilities at the ... continue reading