-
-
Defending new vectors: Threat actors attempt SQL Server to cloud lateral movement
Microsoft security researchers recently identified an attack where attackers attempted to move laterally to a cloud environment through a SQL Server instance. The attackers initially exploited a SQL injection vulnerability in an application within the target’s environment to gain access and elevated permissions to a Microsoft SQL Server instance deployed in an Azure Virtual Machine (VM). The attackers then used the acquired elevated permission to attempt to move laterally to additional cloud resources by abusing the server’s cloud identity. -
Cloud storage security: What’s new in the threat matrix
We’re announcing the release of a second version of our threat matrix for storage services, a structured tool that assists in identifying and analyzing potential security threats on data stored in cloud storage services. -
New Microsoft Security innovations expand multicloud visibility and enhance multiplatform protection
Gain greater visibility into your multicloud environments to better understand your security posture, minimize risk, and detect and respond to threats in real time. -
Boost identity protection with Axiad Cloud and Microsoft Entra ID
As IT environments become more complex and multilayered to combat cybersecurity attacks, authentication processes for applications, operating systems, and workplace locations are increasingly managed in silos. Axiad Cloud and Microsoft Entra ID help to strengthen security perimeters by provisioning and managing phishing-resistant, passwordless credentials. -
How to connect with Microsoft Security at Black Hat USA 2023
Learn more about the sessions, product demos, and special events presented by Microsoft at Black Hat 2023. -
Microsoft Entra expands into Security Service Edge and Azure AD becomes Microsoft Entra ID
Microsoft Entra is unifying identity and network access with a new Security Service Edge (SSE) solution and more identity innovations. -
11 best practices for securing data in cloud services
This blog explores the importance and best practices for securing data in the cloud. It discusses concepts such as authentication, zero trust, and encryption, among others. -
Expanding horizons—Microsoft Security’s continued commitment to multicloud
Learn how to manage multicloud security risk with Microsoft's native multicloud protection for three of the industry’s main cloud platforms. -
How Microsoft and Sonrai integrate to eliminate attack paths
Cloud development challenges conventional thinking about risk. Sonrai integrates with Microsoft Sentinel to monitor threats across vectors and automate responses by leveraging security orchestration, automation, and response playbooks, and Microsoft Defender for Cloud to provide visibility across the entire digital estate by identifying possible attack paths and remediating vulnerabilities.