Select Page
Combatting Risky Sign-ins in Azure Active Directory

Combatting Risky Sign-ins in Azure Active Directory

It is almost inevitable your organization will be targeted with malicious sign-in attempts to cloud apps. It is often the case an employee uses the same password for their work account as they do for their personal accounts. Password leaks ... continue reading
HoussemDellai_0-1673854658508.png

Public and private AKS clusters demystified

Introduction  Azure Kubernetes Service (AKS) is the managed kubernetes service in Azure. It has two main components: worker nodes and control plane. The worker nodes are the VMs where customer applications will be deployed into. The control plane is the component that ... continue reading
Screenshot of malware code, a script that is used to download a remote code administration tool

Microsoft research uncovers new Zerobot capabilities

Botnet malware operations are a constantly evolving threat to devices and networks. Threat actors target Internet of Things (IoT) devices for recruitment into malicious operations as IoT devices’ configurations often leave them exposed, and the number of internet-connected devices continue ... continue reading
A geographical map that presents the countries where the devices affected by the botnet are located. Countries with affected devices are highlighted on the map in blue.

MCCrash: Cross-platform DDoS botnet targets private Minecraft servers

Malware operations continue to rapidly evolve as threat actors add new capabilities to existing botnets, increasingly targeting and recruiting new types of devices. Attackers update malware to target additional operating systems, ranging from PCs to IoT devices, growing their infrastructure ... continue reading
AndrewCoughlin_1-1668780127835.png

Private endpoint DNS resolution with Azure Private Resolver for multi-region

Introduction Hello everyone, Andrew Coughlin here and I am a Cloud Solutions Architect at Microsoft focusing on Azure IaaS. I frequently get asked questions about how to set up private endpoints from my customers that have presence in multi regions.  ... continue reading
Diagram of Managed Instance link

Link feature for Azure SQL Managed Instance: Connecting SQL Server 2022 to the cloud, reimagined

Part of theSQL Server 2022 blog series.We are excited to announce general availability (GA) of the link feature for Managed Instance for SQL Server 2022the most Azure-enabled release of SQL Server yet. We are also excited to announce a limited ... continue reading
Flowchart for Azure Active Directory issuing tokens.

Token tactics: How to prevent, detect, and respond to cloud token theft

As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has ... continue reading
The overall management architecture includes Microsoft Azure Arc, Microsoft Azure Storage, Microsoft Azure Monitoring, Microsoft Azure Kubernetes and Kubernetes for Operator RAN extension.

Scalable management of virtualized RAN with Kubernetes

Among the many important reasons why telecommunication companies should be attracted to Microsoft Azure are our network and system management tools. Azure has invested many intellectual and engineering cycles in the development of a sophisticated, robust framework that manages millions ... continue reading
A diagram of the attack chain. It presents the flow of activity from left to right, starting with the attacker gaining access to its target tenant and leading to spam messages being sent to targets.

Malicious OAuth applications used to compromise email servers and spread spam

Microsoft researchers recently investigated an attack where malicious OAuth applications were deployed on compromised cloud tenants and then used to control Exchange servers and spread spam. The investigation revealed that the threat actor launched credential stuffing attacks against high-risk accounts ... continue reading
Infection chain describing the usual tactics and techniques used by DEV-0270 actor group.

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

Microsoft threat intelligence teams have been tracking multiple ransomware campaigns and have tied these attacks to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS. Microsoft assesses with moderate confidence that DEV-0270 conducts malicious network operations, including ... continue reading