Select Page
Visual chart depicting the four stages of the life cycle of an incident: Before, during, and after an incident and the lessons learned.

Becoming resilient by understanding cybersecurity risks: Part 4—navigating current threats

In part three of this blog series on aligning security with business objectives and risk, we explored what it takes for security leaders to shift from looking at their mission as purely defending against technical attacks, to one that focuses ... continue reading
Real people. IT professionals build and maintain the LinkedIn server farm which operates on 100% renewable energy. Power is hydro-generated and managed efficiently on-site with minimum new draw from external grid. State-of-the-art facility uses eco-friendly solutions such as using reclaimed water to cool the data center.

Securing Azure datacenters with continuous IoT/OT monitoring

As more intelligent devices and machinery become connected to the internet, Operational Technology (OT) and the Internet of Things (IoT) have become part of your enterprise network infrastructure—and a growing security risk. With every new factory sensor, wind turbine monitoring ... continue reading
Orgs with ZeroLogon exploitation attempts by red teams and real attackers starting September 13, 2020

Zerologon is now detected by Microsoft Defender for Identity

There has been a huge focus on the recently patched CVE-2020-1472 Netlogon Elevation of Privilege vulnerability, widely known as ZeroLogon. While Microsoft strongly recommends that you deploy the latest security updates to your servers and devices, we also want to ... continue reading
Mitigating vulnerabilities in endpoint network stacks

Mitigating vulnerabilities in endpoint network stacks

The skyrocketing demand for tools that enable real-time collaboration, remote desktops for accessing company information, and other services that enable remote work underlines the tremendous importance of building and shipping secure products and services. While this is magnified as organizations ... continue reading

SMB is Dead, Long Live SMB!

Hello again, James Kehr here with another guest post. Titles are hard to do. They must convey the topic to the reader while being both interesting and informative, all at the same time. Doing this with a technical article makes ... continue reading

Guarding against supply chain attacks—Part 1: The big picture

Every day, somewhere in the world, governments, businesses, educational organizations, and individuals are hacked. Precious data is stolen or held for ransom, and the wheels of “business-as-usual” grind to a halt. These criminal acts are expected to cost more than ... continue reading
Chart showing vulnerability, patch release, and outbreak. Vulnerability: MS08-067; Patch release: October 23, 2008; Outbreak: late December 2008. Vulnerability: MS17-010; Patch release: March 14, 2017; Outbreak: May 12, 2017. Vulnerability: CVE-2019-0708; Patch release: May 13, 2019; Outbreak column shows three question marks.

Protect against BlueKeep

Worms are the cause of many cyber headaches. They can easily replicate themselves to spread malicious malware to other computers in your network. As the field responders providing Microsoft enterprise customers with onsite assistance to serious cybersecurity threats, our Detection ... continue reading

4 tried-and-true prevention strategies for enterprise-level security

Why is it that dentists advise people over and over to floss, yet so few do it? It only takes a minute of your time, yet if you’re running late or feeling tired, you may be tempted to skip it ... continue reading
figure-01-WannaCry-user-APC-injection-technique-schematic-diagram

From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw

With Microsoft continuously improving kernel mitigations and raising the bar for exploiting native kernel components, third-party kernel drivers are becoming a more appealing target for attackers and an important area of research for security analysts. A vulnerability in a signed ... continue reading
Screenshot of obfuscated script

Out of sight but not invisible: Defeating fileless malware with behavior monitoring, AMSI, and next-gen AV

Consider this scenario: Two never-before-seen, heavily obfuscated scripts manage to slip past file-based detection and dynamically load an info-stealing payload into memory. The scripts are part of a social engineering campaign that tricks potential victims into running the scripts, which ... continue reading