
Becoming resilient by understanding cybersecurity risks: Part 3—a security pro’s perspective
In part two of this blog series on aligning security with business objectives and risk, we explored the importance of thinking and acting holistically, using the example of human-operated ransomware, which threatens every organization in every industry. As we exited ... continue reading

Securing Azure datacenters with continuous IoT/OT monitoring
As more intelligent devices and machinery become connected to the internet, Operational Technology (OT) and the Internet of Things (IoT) have become part of your enterprise network infrastructure—and a growing security risk. With every new factory sensor, wind turbine monitoring ... continue reading
Importance of Browser Updates and Browser Based Security Controls
Introduction This is John Barbare and I am a Sr. Customer Engineer at Microsoft focusing on all things in the Cybersecurity space. It has been a while since I have had time to sit down and write a security blog due to studying and making sure I ... continue reading
A playbook for modernizing security operations
The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest post from our new Voice of the Community blog series, Microsoft Product Marketing Manager Natalia Godyla talks ... continue reading

Web shell attacks continue to rise
One year ago, we reported the steady increase in the use of web shells in attacks worldwide. The latest Microsoft 365 Defender data shows that this trend not only continued, it accelerated: every month from August 2020 to January 2021, ... continue reading
Modernizing your network security strategy
From the global pandemic to recent cyberattacks, our world has faced many challenges during the past 12 months. Some of these challenges we can’t change. However, I’m pleased about the ones we can, and are changing across the cybersecurity landscape ... continue reading

Azure DDoS Protection—2020 year in review
This blog post was co-authored by Anupam Vij, Principal PM Manager & Syed Pasha, Principal Network Engineer, Azure Networking. 2020 was a year unlike any other. It brought major disruptions to both the physical and digital worlds, and these changes ... continue reading

What tracking an attacker email infrastructure tells us about persistent cybercriminal operations
From March to December 2020, we tracked segments of a dynamically generated email infrastructure that attackers used to send more than a million emails per month, distributing at least seven distinct malware families in dozens of campaigns using a variety ... continue reading
Why operational resilience will be key in 2021, and how this impacts cybersecurity
The lessons we have learned during the past 12 months have demonstrated that the ability to respond to and bounce back from adversity in general, can impact the short-and long-term success of any organization. It can even dictate the leaders ... continue reading

ZINC attacks against security researchers
In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. The campaign originally came to our attention after Microsoft Defender for Endpoint detected an attack in progress. Observed targeting includes pen testers, private ... continue reading