Select Page
1.png

Windows 10 or Windows 11 GPO ADMX – Which one to use for your central store?

Hi community, My name is Helmut Wagensonner. I’m a Customer Engineer at Microsoft and this blog should help you to understand, which Administrative Templates (admx) to choose for your Windows 11 / Windows 10 mixed environment. Remember how it was ... continue reading

Align your security and network teams to Zero Trust security demands

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Security Product Marketing Manager Natalia Godyla talks with Jennifer ... continue reading
An open investigation dashboard for P L C programming and related alerts.

New research shows IoT and OT innovation is critical to business but comes with significant risks

The need for much improved IoT and operational technology (OT) cybersecurity became clearer this year with recent attacks on network devices,1 surveillance systems,2 an oil pipeline,3 and a water treatment facility,4 to name a few examples. To better understand the ... continue reading
Structured threat hunting: One way Microsoft Threat Experts prioritizes customer defense

Structured threat hunting: One way Microsoft Threat Experts prioritizes customer defense

Today’s threat landscape is incredibly fast-paced. New campaigns surface all the time, and the amount of damage that they can cause is not always immediately apparent. Security operations centers (SOCs) must be equipped with the tools and insight to identify ... continue reading
Red Canary by the numbers: 20,000 endpoints, 51 billion telemetry records, 69,886 tipoffs, 3,943 significant events, 74 detections, and 17 high-severity attacks.

How Red Canary and Microsoft can help reduce your alert fatigue

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Security alert fatigue Organizations often feel overwhelmed by the number of security alerts they receive. Frustrated by alert fatigue, these organizations want a deeper understanding ... continue reading

The hunt for NOBELIUM, the most sophisticated nation-state attack in history

This is the second in a four-part blog series on the NOBELIUM nation-state cyberattack. In December 2020, Microsoft began sharing details with the world about what became known as the most sophisticated nation-state cyberattack in history. Microsoft’s four-part video series ... continue reading
Microsoft Security's Zero Trust architecture flow chart depicting lessons learned from thousands of Zero Trust deployments.

Evolving Zero Trust—Lessons learned and emerging trends

Looking back at the last two years, to say that our security strategies have evolved would be an understatement. Organizations around the world made overnight transitions to remote work models in response to a global pandemic, forcing them to reassess ... continue reading
Within seconds attackers can find exploitable IoT targets that can become a point of entry into a business network. Once inside they can find sensitive information within minutes. In a hours time valuable data can be exfiltrated and for sale on the Darkweb.

How Microsoft Defender for IoT can secure your IoT devices

Cybersecurity threats are always evolving, and today we’re seeing a new wave of advanced attacks specifically targeting IoT devices used in enterprise environments as well as operational technology (OT) devices used in industrial systems and critical infrastructure (like ICS/SCADA). It’s ... continue reading
Example intrusion conducted by NOBELIUM demonstrating nested access across variety of methods

NOBELIUM targeting delegated administrative privileges to facilitate broader attacks

The Microsoft Threat Intelligence Center (MSTIC) has detected nation-state activity associated with the threat actor tracked as NOBELIUM, attempting to gain access to downstream customers of multiple cloud service providers (CSP), managed service providers (MSP), and other IT services organizations ... continue reading
Figure 1—maximum attack bandwidth (terabytes per second) in 2020 vs. August 2021 attack.

Business as usual for Azure customers despite 2.4 Tbps DDoS attack

This blog post was co-authored by Alethea Toh, Program Manager and Syed Pasha, Principal Network Engineer, Azure Networking. In early August, we shared Azure’s Distributed Denial-of-Service (DDoS) attack trends for the first half of 2021. We reported a 25 percent ... continue reading