Remote Desktop Services

Monthly news – October 2023

Microsoft Defender for Cloud Monthly news October 2023 Edition This is our monthly “What’s new” blog post, summarizing product updates and various new assets we released over the past month. In this edition, we are looking at all the goodness from September 2023.  Microsoft Defender for Cloud The data security dashboard is now available in […]

Monthly news – October 2023 Continue Reading

Azure Firewall Tips from the Field

Introduction Hi folks! My name is Felipe Binotto, Cloud Solution Architect, based in Australia. In this post, I will provide some tips and clarifications about Azure Firewall based on my experience from the field. Topics The following are the topics we are going to discuss. Azure Firewall Policy Inheritance Azure Firewall Rule Processing Logic Azure

Azure Firewall Tips from the Field Continue Reading

New expanded visibility into multicloud data security in Microsoft Defender for Cloud

Author: Asaf Nakash (@Asaf_Nakash), Senior Program Manager, Microsoft Defender for Cloud Co-authors: @Catalin Esanu, Senior Program Manager, Microsoft Defender for Cloud @Maayan Naaman Rand , Senior Program Manager, Microsoft Defender for Cloud In recent years we’ve witnessed an accelerated migration of data to the cloud with data sprawl with security blind spots as unintended consequences. Attackers have turned

New expanded visibility into multicloud data security in Microsoft Defender for Cloud Continue Reading

Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets

Since February 2023, Microsoft has observed password spray activity against thousands of organizations carried out  by an actor we track as Peach Sandstorm (HOLMIUM). Peach Sandstorm is an Iranian nation-state threat actor who has recently pursued organizations in the satellite, defense, and pharmaceutical sectors around the globe. Based upon the profile of victim organizations targeted

Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets Continue Reading

Microsoft Entra Private Access: An Identity-Centric Zero Trust Network Access Solution

On July 11, 2023, we introduced Microsoft’s identity-centric security service edge (SSE) solution and two new services: Microsoft Entra Private Access and Microsoft Entra Internet Access, which are now in public preview. In this blog, we take a deeper look into Microsoft Entra Private Access.  Figure 1: Traditional network security stacks and legacy VPNs are

Microsoft Entra Private Access: An Identity-Centric Zero Trust Network Access Solution Continue Reading

Flax Typhoon using legitimate software to quietly access Taiwanese organizations

Summary Microsoft has identified a nation-state activity group tracked as Flax Typhoon, based in China, that is targeting dozens of organizations in Taiwan with the likely intention of performing espionage. Flax Typhoon gains and maintains long-term access to Taiwanese organizations’ networks with minimal use of malware, relying on tools built into the operating system, along

Flax Typhoon using legitimate software to quietly access Taiwanese organizations Continue Reading

How to configure the RDP connection for Azure VMs via Azure Bastion

When connecting to Azure VMs, there are a few ways you can establishing the connection. If using Windows VMs, most likely, you are connecting through Remote Desktop Protocol (RDP) session, so you can open a remote GUI session. However, opening the RDP port (3389) to the internet is not a secure best practice. Instead, many

How to configure the RDP connection for Azure VMs via Azure Bastion Continue Reading

Microsoft Entra Expands into Security Service Edge with Two New Offerings

Flexible work arrangements and accelerating digital transformation changed the way we secure access. Traditional network security approaches just don’t scale to modern demands. They not only hurt end user experience but also grant each user excessive access to the entire corporate network. All it takes is one compromised user account, infected device, or open port

Microsoft Entra Expands into Security Service Edge with Two New Offerings Continue Reading

The five-day job: A BlackByte ransomware intrusion case study

As ransomware attacks continue to grow in number and sophistication, threat actors can quickly impact business operations if organizations are not well prepared. In a recent investigation by Microsoft Incident Response (previously known as Microsoft Detection and Response Team – DART) of an intrusion, we found that the threat actor progressed through the full attack

The five-day job: A BlackByte ransomware intrusion case study Continue Reading

Top 5 Common Deployment Tips for US Government Agencies

Executive Order 14028 (EO 14028), Improving the Nation’s Cybersecurity directs the federal government to improve its efforts to identify, protect against, and respond to malicious cyber campaigns and their actors through bold changes and significant investments in cybersecurity. The Office of Management and Budget (OMB) released the Federal Zero Trust Strategy Memorandum M-22-09 adding specific

Top 5 Common Deployment Tips for US Government Agencies Continue Reading