The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Rockwell Automation Vice ... continue reading

[Note: In this two-part blog series, we expose a modern malware infrastructure and provide guidance for protecting against the wide range of threats it enables. Part 1 covers the evolution of the threat, how it spreads, and how it impacts ... continue reading

This blog post is part of the Microsoft Intelligent Security Association (MISA) guest blog series. Learn more about MISA. Welcome to fiscal year 2022 (FY22) and my first official blog as the MISA Lead. It’s been a whirlwind couple of months getting up ... continue reading

Dear IT Pros, Today we discuss about All things about WDAC – Windows Defender Application Control. WDAC was introduced with Windows 10 and could be applied to Windows server 2016 and later, its older name is Configurable Code Integrity (CCI) ... continue reading

Hi IT Professionals, While working on a Customers ‘requests on Windows Defender Application Guard related to Microsoft Endpoint Manager – Attack Surface Reduction Policies, I could not find an up-to-date and detailed document from internet search. I have ended up ... continue reading

Hi all, Alan here again with a new article, I’m a Customer Engineer from Italy on Identity and Security. I want to show you how to block TOR browser using Cloud App Security, simple and fast! During the last few ... continue reading

Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise (BEC) infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to get access ... continue reading

Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind the attacks against SolarWinds, the SUNBURST backdoor, TEARDROP malware, GoldMax malware, and other related components. The campaign, initially observed and tracked ... continue reading

Phorpiex, an enduring botnet known for extortion campaigns and for using old-fashioned worms that spread via removable USB drives and instant messaging apps, began diversifying its infrastructure in recent years to become more resilient and to deliver more dangerous payloads ... continue reading

Hello everyone! I´m Stefan Röll, Customer Engineer at Microsoft Germany for Microsoft Endpoint Manager. In my last Delivery Optimization Blog, I wrote about how you can test Delivery Optimization in your Organization. After many discussions with customers, I have noticed ... continue reading