Select Page

Top 6 email security best practices to protect against phishing attacks and business email compromise

Most cyberattacks start over email—a user is tricked into opening a malicious attachment, or into clicking a malicious link and divulging credentials, or into responding with confidential data. Attackers dupe victims by using carefully crafted emails to build a false ... continue reading
Screenshot of the Morphisec Moving Target Defense dashboard.

Improve security and simplify operations with Windows Defender Antivirus + Morphisec

My team at Morphisec (a Microsoft Intelligent Security Association (MISA) partner) often talks with security professionals who are well-informed about the latest cyberthreats and have a longterm security strategy. The problem many of them face is how to create a ... continue reading
InSpark modernizes cloud security with managed services solution

InSpark modernizes cloud security with managed services solution

Greetings! This is Sue Bohn, director of program management for Identity and Access Management. I’m always excited to share our partners’ experiences with you. Today’s post is really special because we’re talking with InSpark, the 2018 Country of the Year ... continue reading
Step 8. Protect your documents and email: top 10 actions to secure your environment

Step 8. Protect your documents and email: top 10 actions to secure your environment

The “Top 10 actions to secure your environment” series outlines fundamental steps you can take with your investment in Microsoft 365 security solutions. In “Step 8. Protect your documents and email,” you’ll learn how to deploy Azure Information Protection and ... continue reading
figure-01-WannaCry-user-APC-injection-technique-schematic-diagram

From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw

With Microsoft continuously improving kernel mitigations and raising the bar for exploiting native kernel components, third-party kernel drivers are becoming a more appealing target for attackers and an important area of research for security analysts. A vulnerability in a signed ... continue reading
Attack inception: Compromised supply chain within a supply chain poses new risks

Attack inception: Compromised supply chain within a supply chain poses new risks

A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection (Windows Defender ATP) emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF editor application and one ... continue reading
Taking apart a double zero-day sample discovered in joint hunt with ESET

Taking apart a double zero-day sample discovered in joint hunt with ESET

In late March 2018, I analyzed an interesting PDF sample found by ESET senior malware researcher Anton Cherpanov. The sample was initially reported to Microsoft as a potential exploit for an unknown Windows kernel vulnerability. During my investigation in parallel ... continue reading
#Microsoft Azure #Security Center Standard for Hybrid Security #Azure #Cloud #SIEM

#Microsoft Azure #Security Center Standard for Hybrid Security #Azure #Cloud #SIEM

Azure Security Center Standard includes: Hybrid security – Get a unified view of security across all of your on-premises and cloud workloads. Apply security policies and continuously assess the security of your hybrid cloud workloads to ensure compliance with security ... continue reading
Machine learning vs. social engineering

Machine learning vs. social engineering

Machine learning is a key driver in the constant evolution of security technologies at Microsoft. Machine learning allows Microsoft 365 to scale next-gen protection capabilities and enhance cloud-based, real-time blocking of new and unknown threats. Just in the last few ... continue reading
Why Windows Defender Antivirus is the most deployed in the enterprise

Why Windows Defender Antivirus is the most deployed in the enterprise

Statistics about the success and sophistication of malware can be daunting. The following figure is no different: Approximately 96% of all malware is polymorphic meaning that it is only experienced by a single user and device before it is replaced ... continue reading