Select Page
Cybersecurity Reference Architecture: Security for a Hybrid Enterprise

Cybersecurity Reference Architecture: Security for a Hybrid Enterprise

The Microsoft Cybersecurity Reference Architecture describes Microsofts cybersecurity capabilities and how they integrate with existing security architectures and capabilities. We recently updated this diagram and wanted to share a little bit about the changes and the document itself to help ... continue reading

Retire Those Old Legacy Protocols

Hello Paul Bergson back again, and I wanted to bring up another security topic. There has been a lot of work by enterprises to protect their infrastructure with patching and server hardening, but one area that is often overlooked when ... continue reading
Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene

Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene

In the first six months of 2017, ransomware threats reached new levels of sophistication. The same period also saw the reversal of a six-month downward trend in ransomware encounters. New ransomware code was released at a higher rate with increasing ... continue reading
Figure 1. Infection cycle overview

Exploring the crypt: Analysis of the WannaCrypt ransomware SMB exploit propagation

On May 12, there was a major outbreak of WannaCrypt ransomware. WannaCrypt directly borrowed exploit code from the ETERNALBLUE exploit and the DoublePulsar backdoor module leaked in April by a group calling itself Shadow Brokers. Using ETERNALBLUE, WannaCrypt propagated as ... continue reading
Windows 10 platform resilience against the Petya ransomware attack

Windows 10 platform resilience against the Petya ransomware attack

The Petya ransomware attack on June 27, 2017 (which we analyzed in-depth in this blog) may have been perceived as an outbreak worse than last month's WannaCrypt (also known as WannaCry) attack. After all, it uses the same SMB exploit ... continue reading
New ransomware, old techniques: Petya adds worm capabilities

New ransomware, old techniques: Petya adds worm capabilities

(Note: We have published a follow-up blog entry on this ransomware attack. We have new findings from our continued investigation, as well as platform mitigation and protection information: Windows 10 platform resilience against the Petya ransomware attack.) On June 27, ... continue reading
Screenshot of security subscription notification

Partnering with the AV ecosystem to protect our Windows 10 customers

On Friday May 12th, and for several days afterwards, more than a quarter-million computers around the world fell victim to the ransomware known as WannaCrypt or WannaCry. As that recent event has shown, malicious actors bring nearly boundless time and ... continue reading
Analysis of the Shadow Brokers release and mitigation with Windows 10 virtualization-based security

Analysis of the Shadow Brokers release and mitigation with Windows 10 virtualization-based security

On April 14, a group calling themselves the Shadow Brokers caught the attention of the security community by releasing a set of weaponized exploits. Shortly thereafter, one of these exploits was used to create wormable malware that we now know ... continue reading

The CISO Perspective: Putting lessons from WannaCrypt into practice to avoid future threats

This post is authored by Bret Arsenault, Corporate Vice President and Chief Information Security Officer. Last month, customers and companies around the world were impacted by the WannaCrypt ransomware attack. Even those not impacted are assessing their risk and taking ... continue reading
Windows 10 Creators Update provides next-gen ransomware protection

Windows 10 Creators Update provides next-gen ransomware protection

Multiple high-profile incidents have demonstrated that ransomware can have catastrophic effects on all of us. From personally losing access to your own digital property, to being impacted because critical infrastructure or health care services are unexpectedly unavailable for extended periods ... continue reading