Select Page

The art and science behind Microsoft threat hunting: Part 1

At Microsoft, we define threat hunting as the practice of actively looking for cyberthreats that have covertly (or not so covertly) penetrated an environment. This involves looking beyond the known alerts or malicious threats to discover new potential threats and ... continue reading
An organizational chart of the different threat actors that worked together in attacking the Albanian government. The top level mentions Iran's Ministry of Intelligence and Security as the sponsor organization. A table on the left side lists down the threat actor group names and their corresponding aliases.

Microsoft investigates Iranian attacks against the Albanian government

Shortly after the destructive cyberattacks against the Albanian government in mid-July, the Microsoft Detection and Response Team (DART) was engaged by the Albanian government to lead an investigation into the attacks. At the time of the attacks and our engagement ... continue reading
Column chart representing number of devices where Microsoft Defender Antivirus detected cryptojackers seen monthly from January to July 2022.

Hardware-based threat defense against increasingly complex cryptojackers

Even with the dip in the value of cryptocurrencies in the past few months, cryptojackers – trojanized coin miners that attackers distribute to use compromised devices’ computing power for their objectives – continue to be widespread. In the past several ... continue reading
A column chart comparing Google BigQuery, Snowflake, and Azure Data Explorer query execution times. The measurement is the sum of average query runs for all 19 queries by 50 concurrent users. The chart shows the following measurements: Google BigQuery 1159.15 Seconds, Snowflake 1238.47 seconds, and Azure Data Explorer 54.52 seconds.

Azure Data Explorer: Log and telemetry analytics benchmark

Azure Data Explorer (ADX), a component of Azure Synapse Analytics, is a highly scalable analytics service optimized for structured, semi-structured, and unstructured data. It provides users with an interactive query experience that unlocks insights from the ocean of ever-growing log ... continue reading
This flow diagram describes how Microsoft Defender Experts for Hunting can be split into three distinct steps. These are track, hunt, and analyze. These three steps form the basis of the service and allow Microsoft to proactively reveal the unseen threats impacting customers.

Microsoft Defender Experts for Hunting proactively hunts threats

Today, we announced the general availability of Microsoft Defender Experts for Hunting to support organizations and their cybersecurity employees with proactive threat hunting. Defender Experts for Hunting was created for customers who have a robust security operations center but want ... continue reading

The RC4 Removal Files Part 3 – The “Everything Else” Of It

I’m not a fan of folks that glaze over problems, not that I’m a pessimist mind you, I do my fair share of finding the bright side of bad situations. When this RC4 project started, I heard lots of optimistic ... continue reading
Flowchart of possible vulnerabilities of machine learning systems during attacks, including poisoning, transfer learning attack, backdoor attack, adversarial attack, and model and data extraction.

MLOps Blog Series Part 4: Testing security of secure machine learning systems using MLOps

The growing adoption of data-driven and machine learning–based solutions is driving the need for businesses to handle growing workloads, exposing them to extra levels of complexities and vulnerabilities. Cybersecurity is the biggest risk for AI developers and adopters. According to ... continue reading
Satellite Rendering from NOAA-18.

Azure Orbital Ground Station as Service extends life and reduces costs for satellite operators

How can Microsoft empower satellite operators to focus on their mission and enable them to continue the operation of their satellites, without making capital investments in their ground infrastructure? To answer that question, Microsoft worked alongside the National Oceanic and ... continue reading
Logs with time stamps showing start and completion of the core network deployment.

Azure powers rapid deployment of private 4G and 5G networks

As the cloud continues to expand into a ubiquitous and highly distributed fabric, a new breed of application is emerging: Modern Connected Applications. We define these new offerings as network-intelligent applications at the edge, powered by 5G, and enabled by ... continue reading
Phases of risk management listed as identification, assessment, response, and monitoring and reporting.

How to improve risk management using Zero Trust architecture

“Compliance is all about risk management and lessening risk, and the same is true of Zero Trust.” —Abbas Kudrati What’s risk management and why is it important? Risk management, the process of developing a strategy for addressing risk throughout its ... continue reading