Select Page
Graphic detailing three different waves of identity attacks. First is password attacks, which consist of breach replay, password spray, and phishing. Next is multifactor authentication attacks, which includes SIM-jacking, multifactor authentication fatigue, adversary in the middle. Third is post-authentication attacks, including token theft and consent phishing.

2023 identity security trends and solutions from Microsoft

Welcome to 2023! I wanted to kick this year off by having a quick look at the trends in identity security, what you can do about it, and what Microsoft is doing to help you. One of the things we ... continue reading
Graph showcasing the gradual increase in the number of Microsoft Security customers, the number of password attacks per second, the number of suspicious emails blocked per year, and the number of signals analyzed daily spanning from 2021 to January 2023.

Microsoft Security reaches another milestone—Comprehensive, customer-centric solutions drive results

Yesterday, we shared some exciting news about the momentum we’re seeing in the security industry. Microsoft Chief Executive Officer Satya Nadella announced that Microsoft Security has surpassed USD20 billion in revenue. I’m grateful to all our customers and partners who ... continue reading
A circle graph the six product lines under the multi-platform and multicloud Microsoft Security portfolio.

Microsoft Security innovations from 2022 to help you create a safer world today

The start of a new year is always a great time for reflection—to be grateful for all we have and the progress security teams have made as well as look ahead to how we can reshape the security landscape. I ... continue reading
Chart showing the data that 43 percent of cyber attacks target small businesses and 60 percent of small businesses close within 6 months of cyber breach.

Secure your business like you secure your home: 5 steps to protect against cybercrime

Running a business requires a lot of determination and sometimes a leap of faith. Every day brings a new challenge, and many times it can feel like the stress and uncertainty are too much. That’s when you remind yourself why ... continue reading

SMB insecure guest auth now off by default in Windows Insider Pro editions

Heya folks, Ned here again. Starting in Windows 11 Insider Preview Build 25276, the Pro editions of Windows now disable SMB insecure guest authentication fallbacks by default.    Guest logons don't require passwords & don't support standard security features like signing and encryption. Allowing ... continue reading
Bar graph showing showing how password-related attacks have been constantly growing between 2018 and 2022.

​​Microsoft Entra: 5 identity priorities for 2023

Welcome to 2023. After the pandemic upended how we work, learn, play, and manage our lives, we find ourselves more connected than ever, with more convenient access to an ever-wider range of online tools and experiences. But as our global ... continue reading
Screenshot of FileCoder’s enumeration logic.

Unraveling the techniques of Mac ransomware

Ransomware continues to be one of the most prevalent and impactful threats affecting organizations, with attackers constantly evolving their techniques and expanding their tradecraft to cast a wider net of potential targets. This is evident in the range of industries, ... continue reading
End user passwordless utopia

End user passwordless utopia

With all the different technologies available in Azure and Azure Active Directory (Azure AD), it’s easy to miss the bigger picture and how they all play into the end user experience.  This includes:  Azure AD Multifactor authentication (MFA) Passwordless authentication ... continue reading

4 things to look for in a multicloud data protection solution

What does it mean to be a multicloud organization? As the name implies, the term describes a model of cloud computing where an organization uses multiple clouds—two or more public clouds, private clouds, or a combination of public, private, and ... continue reading
diagram

DEV-0139 launches targeted attacks against the cryptocurrency industry

Over the past several years, the cryptocurrency market has considerably expanded, gaining the interest of investors and threat actors. Cryptocurrency itself has been used by cybercriminals for their operations, notably for ransom payment in ransomware attacks, but we have also ... continue reading