Select Page
graphical user interface, application

Cyber Signals: Shifting tactics fuel surge in business email compromise

Today we released the fourth edition of Cyber Signals highlighting a surge in cybercriminal activity around business email compromise (BEC). Microsoft has observed a 38 percent increase in cybercrime as a service (CaaS) targeting business email between 2019 and 2022.1 ... continue reading
Graphic showing a range of identity protection methods, going from bad to best. The first column on the left shows bad passwords; the second column shows good password; the third column shows better passwords; and the fourth column shows best passwords.

How Microsoft can help you go passwordless this World Password Day

It’s that time of year again. World Password Day is May 4, 2023.1 There’s a reason it’s still going strong 10 years after being created by cybersecurity professionals. A recent study that analyzed more than 15 billion passwords found that ... continue reading

Healthy security habits to fight credential breaches: Cyberattack Series

Fifty percent of Microsoft cybersecurity recovery engagements relate to ransomware,1 and 61 percent of all breaches involve credentials.2 In this second report in our ongoing Cyberattack Series, we look at the steps taken to discover, understand, and respond to a ... continue reading
Building Stronger Identity Solutions with New Microsoft Entra Integrations

Building Stronger Identity Solutions with New Microsoft Entra Integrations

I’m excited by this year’s RSA theme of “Stronger Together.” In the Identity and Network Access Division, we believe that everyone must work together to make the world a safer place for all. Leading up to RSA this year, the ... continue reading
Diagram of Mint Sandstorm attack chain examples

Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets

Over the past several months, Microsoft has observed a mature subgroup of Mint Sandstorm, an Iranian nation-state actor previously tracked as PHOSPHORUS, refining its tactics, techniques, and procedures (TTPs). Specifically, this subset has rapidly weaponized N-day vulnerabilities in common enterprise ... continue reading

Microsoft Entra Change Announcements – March 2023 Train

Hello everyone,  Today, we're sharing our March train for feature and breaking changes. We also communicate these changes on release notes and via email. We are continuing to make it easier for our customers to manage lifecycle changes (deprecations, retirements, ... continue reading
Annotated screenshot of file information showing modification dates and file names matching BlackLotus-associated files.

Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign

This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus. UEFI bootkits are particularly dangerous as they run ... continue reading
DevOps threat matrix table

DevOps threat matrix

The use of DevOps practices, which enable organizations to deliver software more quickly and efficiently, has been on the rise. This agile approach minimizes the time-to-market of new features and bug fixes. More and more companies are implementing DevOps services, ... continue reading

Latest Microsoft Entra advancements strengthen identity security

If you read behind the attention-grabbing headlines, most novel techniques rely on compromised identities.1 In fact, of all the ways an attacker can get into your digital estate, identity compromise is still the most common.2 This makes identity your first ... continue reading

Don’t miss us at Microsoft Secure & Gartner IAM

Event season is approaching! Our team is looking forward to seeing you all at Gartner Identity & Access Management (IAM) and Microsoft Secure this month! Check out our identity sessions below: Gartner Identity & Access Management Microsoft will be participating ... continue reading