Earlier this year, we announced our vision to empower any developer to become a space developer through Azure. With over 90 million developers on GitHub, we have created a powerful ecosystem and we are focused on empowering the next generation of ... continue reading

Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add sophistication to their tactics, techniques, and procedures (TTPs) as most network security postures increase ... continue reading

October 1, 2022 update – Added information about Exploit:Script/ExchgProxyRequest.A, Microsoft Defender AV’s robust detection for exploit behavior related to this threat. We also removed a section on MFA as a mitigation, which was included in a prior version of this ... continue reading

Microsoft threat intelligence teams have been tracking multiple ransomware campaigns and have tied these attacks to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS. Microsoft assesses with moderate confidence that DEV-0270 conducts malicious network operations, including ... continue reading

Are you looking to take the next step in your cloud journey and pivot away from managing file servers? Why not look at Azure Files! In short; Azure Files offers fully managed file shares in the cloud that are accessible ... continue reading

If you’re thinking about what it takes to modernize your applications, you’re not alone. Companies everywhere now understand that migrating applications to the cloud and shifting to a cloud-first approach is critical to business competitiveness. The purpose of modernizing applications ... continue reading

Attackers are increasingly leveraging Internet Information Services (IIS) extensions as covert backdoors into servers, which hide deep in target environments and provide a durable persistence mechanism for attackers. While prior research has been published on specific incidents and variants, little ... continue reading

A large-scale phishing campaign that used adversary-in-the-middle (AiTM) phishing sites stole passwords, hijacked a user’s sign-in session, and skipped the authentication process even if the user had enabled multifactor authentication (MFA). The attackers then used the stolen credentials and session ... continue reading

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest post of our Voice of the Community blog series post, Microsoft Security Product Marketing Manager Natalia Godyla ... continue reading

Hi, my Name is Christian Kielhorn, and I’m a Senior Customer Engineer – formerly known as Premier Field Engineer – within Germanys Customer Success Organization for Modern Work. Today I’d like to come back to a customer’s question – as ... continue reading