Digital Security Tips and Solutions - Microsoft Security Blog

Microsoft Security

Microsoft Security

Sign in

November 10, 2022 • 6 min read

Simplify privacy protection with Microsoft Priva Subject Rights Requests

Aerial view of the pentagon.

November 22, 2022 • 5 min read

Microsoft supports the DoD’s Zero Trust strategy

The Department of Defense released its formal Zero Trust strategy, marking a major milestone in its goal of achieving enterprise-wide implementation by 2027.

a man and a woman standing in a room

November 22, 2022 • 1 min read

Join us at InfoSec Jupyterthon 2022

Join our community of analysts and engineers at the third annual InfoSec Jupyterthon 2022, an online event taking place on December 2 and 3, 2022.

a person standing in front of a building

November 22, 2022 • 6 min read

Vulnerable SDK components lead to supply chain risks in IoT and OT environments

As vulnerabilities in network components, architecture files, and developer tools have become an increasingly popular attack vector to leverage access into secure networks and devices, Microsoft identified such a vulnerable component and found evidence of a supply chain risk that might affect millions of organizations and devices.

a man standing in front of a computer

November 17, 2022 • 7 min read

DEV-0569 finds new ways to deliver Royal ransomware, various payloads

DEV-0569’s recent activity shows their reliance on malvertising and phishing in delivering malicious payloads. The group’s changes and updates in delivery and payload led to distribution of info stealers and Royal ransomware.

Retail store manager using a tablet securely while working remote from a café.

November 16, 2022 • 3 min read

Microsoft contributes S2C2F to OpenSSF to improve supply chain security

We are pleased to announce that the S2C2F has been adopted by the OpenSSF under the Supply Chain Integrity Working Group and formed into its own Special Initiative Group. Our peers at the OpenSSF and across the globe agree with Microsoft when it comes to how fundamental this work is to improving supply chain security for everyone.

Male developer coding in front of two monitors at desk in office. Programming code shown on both monitors.

November 16, 2022 • 9 min read

Token tactics: How to prevent, detect, and respond to cloud token theft

As organizations increase their coverage of multifactor authentication (MFA), threat actors have begun to move to more sophisticated techniques to allow them to compromise corporate resources without needing to satisfy MFA. Recently, the Microsoft Detection and Response Team (DART) has seen an increase in attackers utilizing token theft for this purpose.

Female datacenter employee performs maintenance in datacenter cold aisle.

November 15, 2022 • 5 min read

2022 holiday DDoS protection guide

The holiday season is an exciting time for many people as they get to relax, connect with friends and family, and celebrate traditions. Organizations also have much to rejoice about during the holidays (for example, more sales for retailers and more players for gaming companies). Unfortunately, cyber attackers also look forward to this time of year to celebrate an emerging holiday tradition—distributed denial-of-service (DDoS) attacks.

a man standing in front of a computer screen

November 10, 2022 • 5 min read

Microsoft threat intelligence presented at CyberWarCon 2022

At CyberWarCon 2022, Microsoft and LinkedIn analysts presented several sessions detailing analysis across multiple sets of actors and related activity.

Employee leaning down, working at computer station.

November 9, 2022 • 4 min read

Microsoft Defender Experts for Hunting demonstrates industry-leading protection in the 2022 MITRE Engenuity ATT&CK® Evaluations for Managed Services

Microsoft Defender Experts for Hunting, our newest managed threat hunting service, delivered top-class results during the inaugural MITRE Engenuity ATT&CK® Evaluations for Managed Services. Defender Experts for Hunting provided a seamless, comprehensive, and rapid response to the simulated attack using expert-led threat hunting and an industry-leading platform—Microsoft 365 Defender.

Employee reviewing his organization‘s Viva Insights while working from home on his laptop.

November 4, 2022 • 2 min read

Microsoft named a Leader in 2022 Gartner® Magic Quadrant™ for Access Management for the 6th year

We are honored to announce that Microsoft has been named a Leader in the 2022 Gartner® Magic Quadrant™ for Access Management for Microsoft Azure Active Directory (Azure AD), part of Microsoft Entra.

Microsoft Commercial photography. Chief executive officer leading a financial meeting using the Surface Hub. Business attire.

November 3, 2022 • 7 min read

Identifying cyberthreats quickly with proactive security testing

Hacker House co-founder and Chief Executive Officer Matthew Hickey offers recommendations for how organizations can build security controls and budget.

a view of a city at night

November 3, 2022 • 6 min read

Stopping C2 communications in human-operated ransomware through network protection

Providing advanced protection against increasingly sophisticated human-operated ransomware, Microsoft Defender for Endpoint’s network protection leverages threat intelligence and machine learning to block command-and-control (C2) communications.

1
2
3
…
250
Next Page