Threat Intelligence

Detect suspicious processes running on hidden desktops

With ransomware campaigns continuing to grow, they remain top of mind for security leaders. Across these sophisticated cyberattacks, the use of remote desktop protocol (RDP) compromise has reached record levels, making it even more critical to provide analysts with full visibility into potentially malicious RDP session use.     That’s why today we are excited […]

Detect suspicious processes running on hidden desktops Continue Reading

Microsoft Incident Response tips for managing a mass password reset

Explore how effective incident response helps organizations detect, address, and stop cyberattacks Learn more As part of any robust incident response plan, organizations often work through potential security weaknesses by responding to hypothetical cyberthreats. In this blog post, we’ll imagine a scenario in which a threat actor uses malware to infect the network, moving laterally

Microsoft Incident Response tips for managing a mass password reset Continue Reading

Cloud security posture and contextualization across cloud boundaries from a single dashboard

Introduction:   Have you ever found yourself in a situation where you wanted to prioritize the riskiest misconfigurations on cloud workloads across Azure, AWS, and GCP? Have you ever wondered how to implement a unified dashboard for cloud security posture across a multicloud environment?   This article covers how you can achieve these scenarios by using

Cloud security posture and contextualization across cloud boundaries from a single dashboard Continue Reading

AI jailbreaks: What they are and how they can be mitigated

Generative AI systems are made up of multiple components that interact to provide a rich user experience between the human and the AI model(s). As part of a responsible AI approach, AI models are protected by layers of defense mechanisms to prevent the production of harmful content or being used to carry out instructions that

AI jailbreaks: What they are and how they can be mitigated Continue Reading

The four stages of creating a trust fabric with identity and network security

How implementing a trust fabric strengthens identity and network Read the blog At Microsoft, we’re continually evolving our solutions for protecting identities and access to meet the ever-changing security demands our customers face. In a recent post, we introduced the concept of the trust fabric. It’s a real-time approach to securing access that is adaptive

The four stages of creating a trust fabric with identity and network security Continue Reading

Azure AI Search Database Selection: Optimizing Performance and Scalability for Your Business

In today’s data-driven world, selecting the right database for your specific use case is crucial for optimizing performance, ensuring scalability, and maintaining security. Azure AI Search, combined with Azure OpenAI and the Retrieval Augmented Generation (RAG) pattern, provides a powerful framework for building advanced generative AI applications. These solutions are tailored to meet diverse needs

Azure AI Search Database Selection: Optimizing Performance and Scalability for Your Business Continue Reading

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices

Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology (OT) devices. Internet-exposed OT equipment in water and wastewater systems (WWS) in the US were targeted in multiple attacks over the past months by different nation-backed actors, including attacks by IRGC-affiliated “CyberAv3ngers” in November 2023, as

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices Continue Reading

Accessing a third-party NAS with SMB in Windows 11 24H2 may fail

Heya folks, Ned here again. With the publication of Windows 11 24H2 Release Preview, customers are trying out the new OS prior to general availability. If you were in the Windows Insider Canary or Dev release program for the past few years, nothing I’m about to share is new. But if you weren’t and you’re now having issues

Accessing a third-party NAS with SMB in Windows 11 24H2 may fail Continue Reading

6 insights from Microsoft’s 2024 state of multicloud risk report to evolve your security strategy

Multicloud computing has become the foundation for digital businesses, with 86% of organizations having already adopted a multicloud approach.1 However, for all its benefits around increased agility, flexibility, and choice, we also see unique challenges with multicloud—including the need to manage security, identity, and compliance across different cloud service providers (CSPs), ensure data portability, and

6 insights from Microsoft’s 2024 state of multicloud risk report to evolve your security strategy Continue Reading

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks

Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and cyberespionage objectives. Moonstone Sleet is observed to set up fake companies and

Moonstone Sleet emerges as new North Korean threat actor with new bag of tricks Continue Reading