Select Page
Diagram showing the relationship between players in the ransomware-as-a-service affiliate model. Access brokers compromise networks and persist on systems. The RaaS operator develops and maintain tools. The RaaS affiliate performs the attack.

Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself

Microsoft processes 24 trillion signals every 24 hours, and we have blocked billions of attacks in the last year alone. Microsoft Security tracks more than 35 unique ransomware families and 250 unique threat actors across observed nation-state, ransomware, and criminal ... continue reading

Passwordless RDP with Windows Hello for Business

Windows Hello for Business (WHfB) provides a password-less experience for users to log into their Windows 10 or 11 device. However, a challenge remains when accessing remote systems. This can be via MMC console for example to access Active Directory ... continue reading
Azure Bastion architecture diagram

Customize your secure VM session experience with native client support on Azure Bastion

This blog post has been co-authored by Isabelle Morris, Program Manager, Azure Networking As organizations move their mission-critical workloads to the cloud, connecting to virtual machines (VMs) directly over the public internet is becoming more of a security risk. The ... continue reading

Discover the anatomy of an external cyberattack surface with new RiskIQ report

The internet is now part of the network. That might sound like hyperbole, but the massive shift to hybrid and remote work and a multicloud environment means security teams must now defend their entire online ecosystem. Recent ransomware attacks against ... continue reading
Figure 1: Inbound NAT rule for single machine

Manage port forwarding for backend pool with Azure Load Balancer

Starting today, Azure Load Balancer enables customers to manage port forwarding for Virtual Machine Scale Sets or a group of virtual machines in a backend pool with a single set-up with minimum management overhead. What is port forwarding? Port forwarding ... continue reading
Partial screenshot of a messaging application showing a text message from LAPSUS$ with the following heading:  We recruit employees/insider at the following!!!!

DEV-0537 criminal actor targeting organizations for data exfiltration and destruction

In recent weeks, Microsoft Security teams have been actively tracking a large-scale social engineering and extortion campaign against multiple organizations with some seeing evidence of destructive elements. As this campaign has accelerated, our teams have been focused on detection, customer ... continue reading
Flow chart showcasing identities and endpoints as their authentication and compliance requests are intercepted by the Zero Trust Policy for verification before being granted access to networks and the data, apps, and infrastructure they’re composed of.

US Government sets forth Zero Trust architecture strategy and requirements

To help protect the United States from increasingly sophisticated cyber threats, the White House issued Executive Order (EO) 14028 on Improving the Nation’s Cybersecurity, which requires US Federal Government organizations to take action to strengthen national cybersecurity.1 Section 3 of ... continue reading
How to transfer files to your Azure VM with no public open RDP port

How to transfer files to your Azure VM with no public open RDP port

Microsoft released Azure Bastion as a way to connect with a remote session into a virtual machine (VM) on Microsoft Azure, without needing to have the VM’s RDP port available on the internet. Now you can keep port 3389 closed ... continue reading
How to manually troubleshoot applications on Windows containers

How to manually troubleshoot applications on Windows containers

Developers are more and more creating applications on containers, and guess what? It’s still up to us – ITPros – to troubleshoot anything that happens in production. Containers are not VMs, so where to even start, you might ask. We’ll ... continue reading
Step-by-step: Creating a new test environment for gMSA on AKS

Step-by-step: Creating a new test environment for gMSA on AKS

Microsoft recently announced a new feature that will help customers move existing applications to Azure Kubernetes Service (AKS) – Group Managed Service Accounts (gMSA). In a nutshell, gMSA allows applications that are Active Directory (AD) dependent to be containerized. By ... continue reading