
Cryptojacking: Understanding and defending against cloud compute resource abuse
In cloud environments, cryptojacking – a type of cyberattack that uses computing power to mine cryptocurrency – takes the form of cloud compute resource abuse, which involves a threat actor compromising legitimate tenants. Cloud compute resource abuse could result in ... continue reading

Cadet Blizzard emerges as a novel and distinct Russian threat actor
As Russia’s invasion of Ukraine continues into its second year and Microsoft continues to collaborate with global partners in response, the exposure of destructive cyber capabilities and information operations provide greater clarity into the tools and techniques used by Russian ... continue reading

Volt Typhoon targets US critical infrastructure with living-off-the-land techniques
Microsoft has uncovered stealthy and targeted malicious activity focused on post-compromise credential access and network system discovery aimed at critical infrastructure organizations in the United States. The attack is carried out by Volt Typhoon, a state-sponsored actor based in China ... continue reading

Capitalize on your investments with the new centrally managed Azure Hybrid Benefit for SQL Server
Introducing the new centrally managed Azure Hybrid Benefit for SQL Server.Today, Microsoft is pleased to announce the release of centrally managed Azure Hybrid Benefit for SQL Server, a new Azure portal feature that helps you improve SQL Server license management ... continue reading

2022 in review: DDoS attack trends and insights
As organizations strengthen their defenses and take a more proactive approach to protection, attackers are adapting their techniques and increasing the sophistication of their operations. Cybercrime continues to rise with the industrialization of the cybercrime economy providing cybercriminals with greater ... continue reading

Secure your business like you secure your home: 5 steps to protect against cybercrime
Running a business requires a lot of determination and sometimes a leap of faith. Every day brings a new challenge, and many times it can feel like the stress and uncertainty are too much. That’s when you remind yourself why ... continue reading

Defenders beware: A case for post-ransomware investigations
Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add sophistication to their tactics, techniques, and procedures (TTPs) as most network security postures increase ... continue reading

Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082
October 1, 2022 update – Added information about Exploit:Script/ExchgProxyRequest.A, Microsoft Defender AV’s robust detection for exploit behavior related to this threat. We also removed a section on MFA as a mitigation, which was included in a prior version of this ... continue reading

Profiling DEV-0270: PHOSPHORUS’ ransomware operations
Microsoft threat intelligence teams have been tracking multiple ransomware campaigns and have tied these attacks to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS. Microsoft assesses with moderate confidence that DEV-0270 conducts malicious network operations, including ... continue reading
Domain Join a Storage Account Leveraging Azure Automation
Are you looking to take the next step in your cloud journey and pivot away from managing file servers? Why not look at Azure Files! In short; Azure Files offers fully managed file shares in the cloud that are accessible ... continue reading