Select Page
Investigating a unique “form” of email delivery for IcedID malware

Investigating a unique “form” of email delivery for IcedID malware

Microsoft threat analysts have been tracking activity where contact forms published on websites are abused to deliver malicious links to enterprises using emails with fake legal threats. The emails instruct recipients to click a link to review supposed evidence behind ... continue reading
The threat matrix for cloud-based Storage services. The matrix consists of the various attack techniques that pose threats to Storage resources.

Threat matrix for storage

The move to cloud is happening faster than ever before and organizations are increasing their dependency on cloud storage services. In fact, Microsoft Azure Storage services are one of the most popular services in the cloud. Companies need effective threat ... continue reading
Attack diagram showing stages of an attack and how the threat actor tracking model caught the initial stages so the affected organization could stop the attack

Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting

As seen in recent sophisticated cyberattacks, especially human-operated campaigns, it’s critical to not only detect an attack as early as possible but also to rapidly determine the scope of the compromise and predict how it will progress. How an attack ... continue reading
Analyzing attacks taking advantage of the Exchange Server vulnerabilities

Analyzing attacks taking advantage of the Exchange Server vulnerabilities

Microsoft continues to monitor and investigate attacks exploiting the recent on-premises Exchange Server vulnerabilities. These attacks are now performed by multiple threat actors ranging from financially motivated cybercriminals to state-sponsored groups. To help customers who are not able to immediately ... continue reading
MEM Home

Attack Surface Reduction Rules – Warn Mode with MEM/M365 Defender

Introduction This is John Barbare and I am a Sr Customer Engineer at Microsoft focusing on all things in the Cybersecurity space. In a previous blog back in July, 2020, I walked through a demo of setting up an Attack ... continue reading
Security alert of malware hash reputation analysis

Azure Defender for Storage powered by Microsoft threat intelligence

This blog post was co-authored with Roy Levin, Senior Data Scientist With the reality of working from home, more people and devices are now accessing corporate data across home networks. This raises the risks of cyber-attacks and elevates the importance ... continue reading
A diagram showing the Microsoft Cloud App Security and its integration with CSAB solutions

A better cloud access security broker: Securing your SaaS cloud apps and services with Microsoft Cloud App Security

Today’s business uses an average of 1,180 cloud apps¹, with many of those organizations securing their apps through cloud access security brokers (CASB). The organizational need for a CASB has grown alongside the use of cloud apps to enable remote ... continue reading
M365 Defender Incident Page

Microsoft 365 Defender Incident Overview

Introduction  This is John Barbare and I am a Sr. Customer Engineer at Microsoft focusing on all things in the Cybersecurity space. In this blog I will go over the Microsoft 365 Defender Security Portal and go into detail of the incident ... continue reading
Real people. IT professionals build and maintain the LinkedIn server farm which operates on 100% renewable energy. Power is hydro-generated and managed efficiently on-site with minimum new draw from external grid. State-of-the-art facility uses eco-friendly solutions such as using reclaimed water to cool the data center.

Securing Azure datacenters with continuous IoT/OT monitoring

As more intelligent devices and machinery become connected to the internet, Operational Technology (OT) and the Internet of Things (IoT) have become part of your enterprise network infrastructure—and a growing security risk. With every new factory sensor, wind turbine monitoring ... continue reading
Teaser.png

Importance of Browser Updates and Browser Based Security Controls

Introduction   This is John Barbare and I am a Sr. Customer Engineer at Microsoft focusing on all things in the Cybersecurity space. It has been a while since I have had time to sit down and write a security blog due to studying and making sure I ... continue reading