This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. In 2021, cyberattacks and instances of ransomware demands against companies, agencies, and institutions have dominated the headlines. These kinds of attacks are on the rise ... continue reading

On July 14, 2021, the National Cybersecurity Center of Excellence1 (NCCoE) at the National Institute of Standards and Technology2 (NIST) hosted a virtual workshop3 to seek feedback from government and industry experts on practical approaches to preventing and recovering from ... continue reading

Heya folks, Ned here again. As you’ve heard by now, Windows Server 2022 is available and supported for production deployments. This new OS brings many new features around security, storage, networking, web, containers, applications, virtualization, edge, and Azure hybrid. Today ... continue reading

Mozi is a peer-to-peer (P2P) botnet that uses a BitTorrent-like network to infect IoT devices such as network gateways and digital video records (DVRs). It works by exploiting weak telnet passwords1 and nearly a dozen unpatched IoT vulnerabilities2 and it’s ... continue reading

With the massive volume of emails sent each day, coupled with the many methods that attackers use to blend in, identifying the unusual and malicious is more challenging than ever. An obscure Unicode character in a few emails is innocuous ... continue reading

This blog post has been co-authored by Carissa Broadbent, Product Marketing Manager, Security Marketing. Security is based on the inherent need for safety. Today, we see that need challenged more than ever. In the past year alone, we’ve witnessed an ... continue reading

This blog post was co-authored by Amir Dahan, Senior Program Manager, Anupam Vij, Principal Program Manager, Skye Zhu, Data and Applied Scientist 2, and Syed Pasha, Principal Network Engineer, Azure Networking. In our 2020 retrospective, we highlighted shifts in the ... continue reading

Here at the global Microsoft Compromise Recovery Security Practice (CRSP), we work with customers who have experienced disruptive security incidents to restore trust in identity systems and remove adversary control. During 2020, the team responded to many incidents involving ransomware ... continue reading

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Rockwell Automation Vice ... continue reading

[Note: In this two-part blog series, we expose a modern malware infrastructure and provide guidance for protecting against the wide range of threats it enables. Part 1 covers the evolution of the threat, how it spreads, and how it impacts ... continue reading