Select Page
Graphic detailing three different waves of identity attacks. First is password attacks, which consist of breach replay, password spray, and phishing. Next is multifactor authentication attacks, which includes SIM-jacking, multifactor authentication fatigue, adversary in the middle. Third is post-authentication attacks, including token theft and consent phishing.

2023 identity security trends and solutions from Microsoft

Welcome to 2023! I wanted to kick this year off by having a quick look at the trends in identity security, what you can do about it, and what Microsoft is doing to help you. One of the things we ... continue reading
Graph showcasing the gradual increase in the number of Microsoft Security customers, the number of password attacks per second, the number of suspicious emails blocked per year, and the number of signals analyzed daily spanning from 2021 to January 2023.

Microsoft Security reaches another milestone—Comprehensive, customer-centric solutions drive results

Yesterday, we shared some exciting news about the momentum we’re seeing in the security industry. Microsoft Chief Executive Officer Satya Nadella announced that Microsoft Security has surpassed USD20 billion in revenue. I’m grateful to all our customers and partners who ... continue reading
Chart showing the data that 43 percent of cyber attacks target small businesses and 60 percent of small businesses close within 6 months of cyber breach.

Secure your business like you secure your home: 5 steps to protect against cybercrime

Running a business requires a lot of determination and sometimes a leap of faith. Every day brings a new challenge, and many times it can feel like the stress and uncertainty are too much. That’s when you remind yourself why ... continue reading
Screenshot of FileCoder’s enumeration logic.

Unraveling the techniques of Mac ransomware

Ransomware continues to be one of the most prevalent and impactful threats affecting organizations, with attackers constantly evolving their techniques and expanding their tradecraft to cast a wider net of potential targets. This is evident in the range of industries, ... continue reading

Microsoft Intune: 5 endpoint management predictions for 2023

The end of the year typically brings with it a small library of reports with predictions for the year ahead. The value in these reports is less in the precise predictions themselves—given how interconnected the world is, no one has ... continue reading
Potential cost savings of up to 60 percent when consolidating security solutions by using Microsoft 365 E5 Compliance and Security add-ons to a Microsoft 365 E3 license—instead of using multiple-point solutions. Savings are based on publicly available estimated pricing for other vendor solutions and web direct/based price shown for Microsoft offerings. Price is not guaranteed and subject to change.

Do more with less with Microsoft Security—3 strategies to get you started

Relentless bad actors, evolving attack tactics, and numerous surfaces and endpoints that attackers may try to exploit. With the average cost of a data breach reaching an all-time high of USD4.35 million in 2022,1 protecting your people and data from ... continue reading

4 things to look for in a multicloud data protection solution

What does it mean to be a multicloud organization? As the name implies, the term describes a model of cloud computing where an organization uses multiple clouds—two or more public clouds, private clouds, or a combination of public, private, and ... continue reading
diagram

DEV-0139 launches targeted attacks against the cryptocurrency industry

Over the past several years, the cryptocurrency market has considerably expanded, gaining the interest of investors and threat actors. Cryptocurrency itself has been used by cybercriminals for their operations, notably for ransom payment in ransomware attacks, but we have also ... continue reading
Screenshot of a BATLOADER landing site that poses as a TeamViewer website hosting a fake installer.

DEV-0569 finds new ways to deliver Royal ransomware, various payloads

Recent activity from the threat actor that Microsoft tracks as DEV-0569, known to distribute various payloads, has led to the deployment of the Royal ransomware, which first emerged in September 2022 and is being distributed by multiple threat actors. Observed ... continue reading
Bar chart showing the number of DDoS attacks and duration distribution from March 2021-May 2022.

2022 holiday DDoS protection guide

The holiday season is an exciting time for many people as they get to relax, connect with friends and family, and celebrate traditions. Organizations also have much to rejoice about during the holidays (for example, more sales for retailers and ... continue reading