Select Page
Passwordless is here and at scale

Passwordless is here and at scale

Hi everyone, I’m Sue, the VP of Identity’s Customer & Partner Success team, and I love having the opportunity to share stories from real customers via this blog series. We've designed this collection of stories from real customers that have ... continue reading
Female office worker smiling and looking away, with a cheerful and relaxed expression.

How IT and security teams can work together to improve endpoint security

For executives in the IT and security spaces, the current climate offers reasons to worry. As workers become accustomed to new flexibility in the workplace, hybrid and remote work options present more challenges. Users want to access corporate resources from ... continue reading
This flow diagram describes how Microsoft Defender Experts for Hunting can be split into three distinct steps. These are track, hunt, and analyze. These three steps form the basis of the service and allow Microsoft to proactively reveal the unseen threats impacting customers.

Microsoft Defender Experts for Hunting proactively hunts threats

Today, we announced the general availability of Microsoft Defender Experts for Hunting to support organizations and their cybersecurity employees with proactive threat hunting. Defender Experts for Hunting was created for customers who have a robust security operations center but want ... continue reading
Diagram containing icons and arrows illustrating the sequence of steps in an AiTM phishing campaign.

From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud

A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication (MFA). The attackers then used the stolen credentials and session ... continue reading
Managing, governing, and securing identities for apps and services

Managing, governing, and securing identities for apps and services

Hi everyone, When we talk to customers, we often get to dig deep into the details of marquee Azure Active Directory (Azure AD) features like conditional access, identity protection, and identity governance to secure user population. We know that for ... continue reading
Figure 1 displays a diagram depicting a typical attack flow for XorDdos malware. The attacker communicates with a bot to SSH brute force a target device and download XorDdos. The malware then performs several techniques for evasion and persistence before connecting with the attacker's C2 server to send data and receive commands.

Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices

In the last six months, we observed a 254% increase in activity from a Linux trojan called XorDdos. First discovered in 2014 by the research group MalwareMustDie, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers as ... continue reading
Strengthen your security posture with new Azure AD partner integrations

Strengthen your security posture with new Azure AD partner integrations

I’m excited to announce several new Azure Active Directory (Azure AD) product integrations are now available. By leveraging the power of Azure AD, these solutions can help streamline your identity access, governance, and authentication for stronger Zero Trust security across ... continue reading
Diagram showing the relationship between players in the ransomware-as-a-service affiliate model. Access brokers compromise networks and persist on systems. The RaaS operator develops and maintain tools. The RaaS affiliate performs the attack.

Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself

Microsoft processes 24 trillion signals every 24 hours, and we have blocked billions of attacks in the last year alone. Microsoft Security tracks more than 35 unique ransomware families and 250 unique threat actors across observed nation-state, ransomware, and criminal ... continue reading
A simplified outline of a person's head alongside the words "One in three security jobs in the U S is vacant."

Building a safer world together with our partners—introducing Microsoft Security Experts

More threats—not enough defenders The security landscape has become increasingly challenging and complex for our customers. Threats have grown at an alarming rate over the last year, and cybercrime is now expected to cost the world USD10.5 trillion annually by ... continue reading
An open road with text overlay stating “Honor the past, be honest about the present, and hope for the future.”

A clearer lens on Zero Trust security strategy: Part 1

Today’s world is flooded with definitions and perspectives on Zero Trust, so we are kicking off a blog series to bring clarity to what Zero Trust is and what it means. This first blog will draw on the past, present, ... continue reading