Select Page

4 tried-and-true prevention strategies for enterprise-level security

Why is it that dentists advise people over and over to floss, yet so few do it? It only takes a minute of your time, yet if you’re running late or feeling tired, you may be tempted to skip it ... continue reading
Attack chain diagram

Analysis of a targeted attack exploiting the WinRar CVE-2018-20250 vulnerability

In early March, we discovered a cyberattack that used an exploit for CVE-2018-20250, an old WinRar vulnerability disclosed just several weeks prior, and targeted organizations in the satellite and communications industry. A complex attack chain incorporating multiple code execution techniques ... continue reading
Two women sitting together at a desk working on an Azure Sphere device

Azure Sphere ecosystem accelerates innovation

The Internet of Things (IoT) promises to help businesses cut costs and create new revenue streams, but it also brings an unsettling amount of risk. No one wants a fridge that gets shut down by ransomware, a toy that spies ... continue reading

DART: the Microsoft cybersecurity team we hope you never meet

If you spent 270 days away from home, not on vacation, you’d want it to be for a good reason. When boarding a plane, sometimes having been pulled out of bed to leave family for weeks on end, I know ... continue reading
figure-01-WannaCry-user-APC-injection-technique-schematic-diagram

From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw

With Microsoft continuously improving kernel mitigations and raising the bar for exploiting native kernel components, third-party kernel drivers are becoming a more appealing target for attackers and an important area of research for security analysts. A vulnerability in a signed ... continue reading
Screenshot of fusion and two composite alerts

Reducing security alert fatigue using machine learning in Azure Sentinel

Last week we launched Azure Sentinel, a cloud native SIEM tool. Machine learning (ML) in Azure Sentinel is built-in right from the beginning. We have thoughtfully designed the system with ML innovations aimed to make security analysts, security data scientists, ... continue reading
PAW host buildout

PAW host buildout

First published on TECHNET on Oct 17, 2017 Continuing with the PAW series, in this blog post, I'd like to share the details of what we are planning to configure the host. I'd love to hear your thoughts, feedback about ... continue reading
XentIT Cloud Security Stack for Azure flowchart

Security for healthcare through vigilant agents and virtual patching

Healthcare organizations depend on data-driven decisions. To enable better decisions and better health outcomes, healthcare organizations are moving to the cloud. There, the latest advances in artificial intelligence, machine learning, and analytics can be more easily tested and implemented. For ... continue reading
Screenshot of obfuscated script

Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV

Consider this scenario: Two never-before-seen, heavily obfuscated scripts manage to slip past file-based detection and dynamically load an info-stealing payload into memory. The scripts are part of a social engineering campaign that tricks potential victims into running the scripts, which ... continue reading
Everything you need to know about Windows Server 2019 – Part 2

Everything you need to know about Windows Server 2019 – Part 2

This blog post was co-authored by Haley Rowland, Jeff Woolsey, Ned Pyle, and Samuel Li, Program Managers, Windows Server. Hybrid is the destination, not the journey. Millions of our customers rely on their Windows Server investments to run their business ... continue reading