Fifty percent of Microsoft cybersecurity recovery engagements relate to ransomware,1 and 61 percent of all breaches involve credentials.2 In this second report in our ongoing Cyberattack Series, we look at the steps taken to discover, understand, and respond to a ... continue reading

On March 20, 2023, Microsoft announced the successful completion of the Cloud Data Management Capabilities (CDMC) certification. As a proponent of wider industry standards, I was fortunate to be part of Microsoft’s executive team working to achieve this important milestone ... continue reading

Hello followers and welcome back to this new post of mine   Today I am going to share with you an interesting experience in configuring the Logs ingestion using the new API in Azure Monitor in a data collection rule ... continue reading

The last couple of years have been difficult, with many organizations operating in a response mode. From a global pandemic to an economic downturn to increasing security risks, teams are under more pressure than ever to deliver greater cyber security ... continue reading

There is an excellent script on GitHub that helps to convert a full Excel sheet to JSON format using PowerShell. The script expects the table to be at the start of the sheet; that is, to have the first header ... continue reading

This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus. UEFI bootkits are particularly dangerous as they run ... continue reading

Today, we’re diving into the world of cross-site scripting (XSS) attacks, breaking them down into three categories: Reflected XSS, Stored XSS, and DOM XSS. Let’s explore these digital threats and learn how they can impact everyday users like you and ... continue reading

Microsoft Threat Intelligence has detected destructive operations enabled by MERCURY, a nation-state actor linked to the Iranian government, that attacked both on-premises and cloud environments. While the threat actors attempted to masquerade the activity as a standard ransomware campaign, the ... continue reading

The use of DevOps practices, which enable organizations to deliver software more quickly and efficiently, has been on the rise. This agile approach minimizes the time-to-market of new features and bug fixes. More and more companies are implementing DevOps services, ... continue reading

As organizations are embracing and adopting multicloud infrastructures, identity permissions have increased across three leading cloud platforms: Microsoft Azure, Amazon Web Services (AWS), and Google Cloud Platform (GPC). Although this shift brings new opportunities for innovation, it presents new permission ... continue reading