Backup/Recovery

The Twelve Days of Blog-mas: No.3 – Windows Local Admin Password Solution (LAPS)

Buenos días and welcome to número tres in the holiday ’23 series.  This one is sure to please the crowd – it’s the NEW AND IMPROVED easy to setup/deploy/use solution for when IT Ops/Support needs a local admin ID and password to perform some management task(s) on a Windows endpoint.  As many people know, we …

The Twelve Days of Blog-mas: No.3 – Windows Local Admin Password Solution (LAPS) Continue Reading

Automatic Conditional Access policies in Microsoft Entra streamline identity protection

Extending our commitment to help customers be secure by default, today we’re announcing the auto-rollout of Microsoft Entra Conditional Access policies that will automatically protect tenants based on risk signals, licensing, and usage. We’ve designed these policies based on our deep knowledge of the current cyberthreat landscape to help our customers strengthen their security baseline, …

Automatic Conditional Access policies in Microsoft Entra streamline identity protection Continue Reading

An integrated incident response solution with Microsoft and PwC

Today Microsoft Incident Response is excited to announce a new collaboration with PwC to expand our joint incident response and recovery capability. In this global alliance, Microsoft begins the initial containment and investigation, bringing a deep understanding of a company’s infrastructure to help evict the bad actors faster and more effectively. PwC can then work on …

An integrated incident response solution with Microsoft and PwC Continue Reading

Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction

Microsoft has been tracking activity related to the financially motivated threat actor Octo Tempest, whose evolving campaigns represent a growing concern for organizations across multiple industries. Octo Tempest leverages broad social engineering campaigns to compromise organizations across the globe with the goal of financial extortion. With their extensive range of tactics, techniques, and procedures (TTPs), …

Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction Continue Reading

Protect SQL Server 2014 workloads with Azure flexibility

SQL Server has brought reliability and security to mission-critical workloads for 30 years. SQL Server 2022, released November 2022, delivers performance enhancements as well as Azure connectivity for disaster recovery, analytics, and governance. Now customers like Mediterranean Shipping Company (MSC) are using SQL Server 2022 to expand their capabilities to better support a truly worldwide …

Protect SQL Server 2014 workloads with Azure flexibility Continue Reading

Malware distributor Storm-0324 facilitates ransomware access

The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment. Beginning in July 2023, Storm-0324 was observed distributing payloads using an open-source tool …

Malware distributor Storm-0324 facilitates ransomware access Continue Reading