Select Page
Chart detailing the future of hybrid work. With communication at a high, networks are shifting and threats are increasing.

Securing a new world of hybrid work: What to know and what to do

The cybersecurity landscape has fundamentally changed, as evidenced by large-scale, complex attacks like Nobelium, Hafnium, and more recently last week’s Colonial Pipeline attack, which signals that human-operated ransomware is on the rise. Hackers launch an average of 50 million password ... continue reading
™

Business email compromise: How Microsoft is combating this costly threat

Amongst all cybercrime, phishing attacks continue to be the most prevalent today. With over 90 percent of attacks coming via email, it’s important that every organization has a plan to prevent these threats from reaching users. At Microsoft, we’re passionate ... continue reading
WDCFA.gif

Windows 10 Controlled Folder Access Event Search

Dear IT Pros, Ransomware acts with accessing to the files, folders and encrypting them, to respond against it, we need to enable the Windows Defender feature named “Controlled Folder Access” – WDCFA and monitor the Windows Defender Guard Events in ... continue reading
The shared responsibility model for cloud security. As cloud service provider takes responsibility for controls, the cloud customer can use their resources to focus on the controls for which they remain responsible.

Meet critical infrastructure security compliance requirements with Microsoft 365

Critical infrastructure operators face a hostile cyber threat environment and a complex compliance landscape. Every operator of an industrial control system also operates an IT network to service its productivity needs. A supervisory control and data acquisition (SCADA) system operator ... continue reading
Screenshot of a Microsoft Defender for Endpoint alert in the security center about a CoinMiner that was blocked.

Defending against cryptojacking with Microsoft Defender for Endpoint and Intel TDT

Cryptocurrency mining—once considered no more than a nuisance, a relatively benign activity that was a drain on machine resources—has been on the rise in recent years. This increase in cryptocurrency mining activity is driven by the increasing value of cryptocurrencies ... continue reading
Architectural diagram displaying CyberMDX integrating with Microsoft Defender for Endpoint.

CyberMDX and Microsoft: Protecting life-saving medical devices

This blog post is part of the Microsoft Intelligent Security Association (MISA) guest blog series. Learn more about MISA. While hospitals continue to battle the COVID-19 pandemic, many are battling other “viruses” behind the scenes. Malware, ransomware, and phishing attacks against healthcare delivery ... continue reading
Investigating a unique “form” of email delivery for IcedID malware

Investigating a unique “form” of email delivery for IcedID malware

Microsoft threat analysts have been tracking activity where contact forms published on websites are abused to deliver malicious links to enterprises using emails with fake legal threats. The emails instruct recipients to click a link to review supposed evidence behind ... continue reading
The threat matrix for cloud-based Storage services. The matrix consists of the various attack techniques that pose threats to Storage resources.

Threat matrix for storage

The move to cloud is happening faster than ever before and organizations are increasing their dependency on cloud storage services. In fact, Microsoft Azure Storage services are one of the most popular services in the cloud. Companies need effective threat ... continue reading
Attack diagram showing stages of an attack and how the threat actor tracking model caught the initial stages so the affected organization could stop the attack

Automating threat actor tracking: Understanding attacker behavior for intelligence and contextual alerting

As seen in recent sophisticated cyberattacks, especially human-operated campaigns, it’s critical to not only detect an attack as early as possible but also to rapidly determine the scope of the compromise and predict how it will progress. How an attack ... continue reading
Analyzing attacks taking advantage of the Exchange Server vulnerabilities

Analyzing attacks taking advantage of the Exchange Server vulnerabilities

Microsoft continues to monitor and investigate attacks exploiting the recent on-premises Exchange Server vulnerabilities. These attacks are now performed by multiple threat actors ranging from financially motivated cybercriminals to state-sponsored groups. To help customers who are not able to immediately ... continue reading