Wired for Hybrid – What’s New in Azure Networking – May 2023
Hello Folks, Azure Networking is the foundation of your infrastructure in Azure. Each month we bring you an update on What’s new in Azure Networking. In this blog post, we’ll cover what's new with Azure Networking in May 2023. Cross-region service ... continue reading

New macOS vulnerability, Migraine, could bypass System Integrity Protection
A new vulnerability, which we refer to as “Migraine” for its involvement with macOS migration, could allow an attacker with root access to automatically bypass System Integrity Protection (SIP) in macOS and perform arbitrary operations on a device. We shared ... continue reading

Microsoft Build 2023: Announcing new identity, compliance, and security features from Microsoft Security
At Microsoft Build 2023—an event for developers by developers—we’re going to announce exciting new features and technologies, share ideas, and help everyone boost their skills so we can all build a more secure future together. This year’s Microsoft Build offers ... continue reading

Cyber Signals: Shifting tactics fuel surge in business email compromise
Today we released the fourth edition of Cyber Signals highlighting a surge in cybercriminal activity around business email compromise (BEC). Microsoft has observed a 38 percent increase in cybercrime as a service (CaaS) targeting business email between 2019 and 2022.1 ... continue reading
How to deploy gMSA on AKS with Terraform
The other day I posted a blog on how to deploy an AKS cluster that is ready for Windows workloads using Terraform. Today, I wanted to expand that to include gMSA, which is a highly requested feature from Windows customers ... continue reading
Using Microsoft Intune for Local Administrator Password Management
As you may have heard; Windows LAPS feature is released to Public Preview in the last week of April. It has support for two main scenarios for backing up local administrator password such as storing passwords in Azure AD and ... continue reading
Healthy security habits to fight credential breaches: Cyberattack Series
Fifty percent of Microsoft cybersecurity recovery engagements relate to ransomware,1 and 61 percent of all breaches involve credentials.2 In this second report in our ongoing Cyberattack Series, we look at the steps taken to discover, understand, and respond to a ... continue reading
Introducing Windows Local Administrator Password Solution with Microsoft Entra (Azure AD)
Howdy folks, Today we have some news I know many of you will be excited about! As part of our vision to give you comprehensive security solutions, we’ve joined forces with the Windows and Microsoft Intune teams to release ... continue reading

Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign
This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus. UEFI bootkits are particularly dangerous as they run ... continue reading

Secure hybrid and remote workplaces with a Zero Trust approach
Productivity and innovation have become critical goals in many hybrid and remote work environments. Ensuring preventative and strong security, in turn, must be at the heart of that. In this blog series, we’ll discuss two Zero Trust business scenarios: enabling ... continue reading