Select Page
Flow chart showcasing identities and endpoints as their authentication and compliance requests are intercepted by the Zero Trust Policy for verification before being granted access to networks and the data, apps, and infrastructure they’re composed of.

US Government sets forth Zero Trust architecture strategy and requirements

To help protect the United States from increasingly sophisticated cyber threats, the White House issued Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity, which requires US Federal Government organizations to take action to strengthen national cybersecurity.1 Section 3 of ... continue reading
Identities and endpoints as their authentication and compliance requests are intercepted by the Zero Trust Policy for verification before being granted access to networks and the data, apps, and infrastructure they’re composed of.

4 best practices to implement a comprehensive Zero Trust security approach

Today’s threat actors don’t see barriers, they see opportunities. As the old firewalls protecting the corporate network become obsolete amid the rush to adopt a hybrid workspace, implementing Zero Trust security has become an imperative across all sectors, both public ... continue reading
Collaborate more securely with new cross-tenant access settings

Collaborate more securely with new cross-tenant access settings

Hello friends,   As a follow-on to our previous External Identities update, today I'm really excited to announce the availability of cross-tenant access settings for external collaboration in public preview. Cross-tenant access settings enable you to control how users in ... continue reading

Cyber Signals: Defending against cyber threats with the latest research, insights, and trends

We’re excited to introduce Cyber Signals, a cyber threat intelligence brief informed by the latest Microsoft threat data and research. This content, which will be released quarterly, offers an expert perspective into the current threat landscape, discussing trending tactics, techniques, ... continue reading
Diagram showing the multi-phase phishing attack chain

Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA

We have recently uncovered a large-scale, multi-phase campaign that adds a novel technique to traditional phishing tactics by joining an attacker-operated device to an organization’s network to further propagate the campaign. We observed that the second stage of the campaign ... continue reading
Deep dive: How Azure AD Kerberos works

Deep dive: How Azure AD Kerberos works

If you have ever explored the differences between Active Directory (AD DS) and Azure Active Directory (Azure AD), you would have found that Azure Active Directory doesn't support the Kerberos authentication protocol, but Active Directory does. Kerberos is used to ... continue reading
External Identities B2C supports Authenticator apps, and new data residency pricing

External Identities B2C supports Authenticator apps, and new data residency pricing

Hello friends, Happy new year everyone! With the new year come new possibilities. Today I’m excited to announce two Azure AD External Identities updates including the public preview of multi-factor authentication (MFA) with time-based one-time passcode (time-based OTP) for B2C ... continue reading

Destructive malware targeting Ukrainian organizations

Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine. This malware first appeared on victim systems in Ukraine on January 13, 2022. Microsoft is aware of the ongoing geopolitical events in ... continue reading
Diagram showing components of Qakbot campaigns as building blocks

A closer look at Qakbot’s latest building blocks (and how to knock them down)

Multiple Qakbot campaigns that are active at any given time prove that the decade-old malware continues to be many attackers’ tool of choice, a customizable chameleon that adapts to suit the needs of the multiple threat actor groups that utilize ... continue reading
Partner relationships page in the Microsoft 365 admin center.

How to investigate service provider trust chains in the cloud

In a recent Microsoft blog post, we documented technical guidance for organizations to protect themselves from the latest NOBELIUM activity that was found to target technology service providers, which are privileged in their downstream customer tenants, as a method to ... continue reading