Be careful of data without context: The case of malware scanning of journaled emails
Recently, we shared details on how effectiveness is measured for Office 365 Exchange Online Protection (EOP) and Advanced Threat Protection (ATP). We also followed up with a comprehensive update on Office 365s improved ability to stop phishing emails from impacting ... continue reading
Tackling phishing with signal-sharing and machine learning
Across services in Microsoft Threat Protection, the correlation of security signals enhances the comprehensive and integrated security for identities, endpoints, user data, cloud apps, and infrastructure. Our industry-leading visibility into the entire attack chain translates to enriched protection thats evident ... continue reading
Step 2. Manage authentication and safeguard access: top 10 actions to secure your environment
This series outlines the most fundamental steps you can take with your investment in Microsoft 365 security solutions. We will provide advice on activities such as setting up identity management through active directory, malware protection, and more. In this post, ... continue reading
Phishing with the Sharks Using the Attack Simulator
Hello, Paul Bergson back again. It is late fall and once again playoff time for High School and Collegiate volleyball. Women’s volleyball in Minnesota is a big deal and I have played and coached for over 30 years and I ... continue reading
Analysis of cyberattack on U.S. think tanks, non-profits, public sector by unidentified attackers
Reuters recently reported a hacking campaign focused on a wide range of targets across the globe. In the days leading to the Reuters publication, Microsoft researchers were closely tracking the same campaign. Our sensors revealed that the campaign primarily targeted ... continue reading
Four operational practices Microsoft uses to secure the Azure platform
This is the fourth blog in a 4-part blog post series on how Microsoft Azure provides a secure foundation. Microsoft provides you with a secure foundation to host your infrastructure and applications. In the last blog in this series on ... continue reading
The evolution of Microsoft Threat Protection, November update
At Ignite 2018, we announced Microsoft Threat Protection, a comprehensive, integrated solution securing the modern workplace across identities, endpoints, user data, cloud apps, and, infrastructure (Figure 1). The foundation of the solution is the Microsoft Intelligent Security Graph, which correlates ... continue reading
Attack uses malicious InPage document and outdated VLC media player to give attackers backdoor access to targets
Our analysis of a targeted attack that used a language-specific word processor shows why its important to understand and protect against small-scale and localized attacks as well as broad-scale malware campaigns. The attack exploited a vulnerability in InPage, a word ... continue reading
Eight essentials for hybrid identity #3: Securing your identity infrastructure
Hi, I’m Alex Weinert and I get to work on the amazing team responsible for protecting four billion consumer and enterprise accounts from unauthorized access and fraud. Each day, our machine learning and heuristic systems provide risk scores for 18 ... continue reading
Azure Hybrid Cloud
An agile hybrid cloud allows you to quickly scale to your company’s needs.
View Solution