Select Page
Screen grab of the Tarrask malware creating new registry keys and new scheduled tasks in Registry Editor.

Tarrask malware uses scheduled tasks for defense evasion

As Microsoft continues to track the high-priority state-sponsored threat actor HAFNIUM, new activity has been uncovered that leverages unpatched zero-day vulnerabilities as initial vectors. The Microsoft Detection and Response Team (DART) in collaboration with the Microsoft Threat Intelligence Center (MSTIC) ... continue reading
Bar chart of Miter Att&ck Framework with first part highlighted in red showing impact.

Detect active network reconnaissance with Microsoft Defender for Endpoint

The Microsoft Compromise Recovery Security Practice has observed how the security industry has evolved over the last few years as consumers, businesses, and industry professionals continue to adapt to the changing landscape. We have seen the emergence of new frameworks, ... continue reading
Bastion 101 - Connections with Confidence

Bastion 101 – Connections with Confidence

Lately, I have been spending a lot of time working with Azure Virtual Machines (VMs) debugging some ways to deploy applications. Sometimes when troubleshooting a problem, it helps to have administrative access directly to the server. Finding solutions to avoid ... continue reading
Presenting Hardware Isolation of Microsoft Edge and Microsoft Office products. Workflow being displayed at the bottom with Device Hardware being the focal point, flowing through Kernel, into the Windows platform before reaching Microsoft Office, Microsoft Edge, and Apps.

Defend against zero-day exploits with Microsoft Defender Application Guard

Zero-day security vulnerabilities—known to hackers, but unknown to software creators, security researchers, and the public—are like gold to attackers. With zero-days, or even zero-hours, developers have no time to patch the code, giving hackers enough access and time to explore ... continue reading
Number of DDoS attacks

Azure DDoS Protection—2021 Q1 and Q2 DDoS attack trends

This blog post was co-authored by Amir Dahan, Senior Program Manager, Anupam Vij, Principal Program Manager, Skye Zhu, Data and Applied Scientist 2, and Syed Pasha, Principal Network Engineer, Azure Networking. In our 2020 retrospective, we highlighted shifts in the ... continue reading

Windows 11 enables security by design from the chip to the cloud

Over the last year, PCs have kept us connected to family, friends, and enabled businesses to continue to run. This new hybrid work paradigm has got us thinking about how we will continue to deliver the best possible quality, experience, ... continue reading
™

Improve your threat detection and response with Microsoft and Wortell

This blog post is part of the Microsoft Intelligent Security Association (MISA) guest blog series. Learn more about MISA. The way of working is changing rapidly. Many workloads are moving to the cloud and the pandemic accelerated organizations to provide infrastructure to aid ... continue reading
Example Flow of HMTL/ISO infection chain.

New sophisticated email-based attack from NOBELIUM

Microsoft Threat Intelligence Center (MSTIC) has uncovered a wide-scale malicious email campaign operated by NOBELIUM, the threat actor behind the attacks against SolarWinds, the SUNBURST backdoor, TEARDROP malware, GoldMax malware, and other related components. The campaign, initially observed and tracked ... continue reading
Visual chart depicting the four stages of the life cycle of an incident: Before, during, and after an incident and the lessons learned.

Becoming resilient by understanding cybersecurity risks: Part 4—navigating current threats

In part three of this blog series on aligning security with business objectives and risk, we explored what it takes for security leaders to shift from looking at their mission as purely defending against technical attacks, to one that focuses ... continue reading
New identity partnerships and integrations to accelerate your Zero Trust journey

New identity partnerships and integrations to accelerate your Zero Trust journey

This month, our team is busy participating in several industry events – the RSA Conference, Gartner IAM and Microsoft Build – and sharing the new partnerships and integrations we’ve developed to help support your Zero Trust strategy. Reflecting on last ... continue reading