Digital Security Tips and Solutions - Microsoft Security Blog

June 20, 2022 • 3 min read

Securing your IoT with Edge Secured-core devices

To simplify your IoT security journey, today, we’re announcing the availability of Windows IoT Edge Secured-core devices available in the Azure Certified Device catalog from Lenovo, ASUS and AAEON, additionally we’re also announcing the availability of devices that meet the Microsoft sponsored Edge Compute Node protection profile which is governed with industry oversight, from Scalys and Eurotech. And learn more on Microsoft’s investments in MCU security.

CISO (chief information security officer) collaborating with practitioners in a security operations center.

June 23, 2022 • 6 min read

Detecting malicious key extractions by compromised identities for Azure Cosmos DB

Azure Cosmos DB is a fully managed NoSQL cloud database service for modern app development. It offers a variety of advanced built-in features, such as automatic worldwide data replication, lightning-fast response types, and a variety of APIs. In this blog post, we describe security practices for securing access to Azure Cosmos DB and show how monitoring relevant control plane operations can help in the detection of potentially compromised authorization.

Conference room table with four people in a meeting with Surface Laptop Go 2 and Surface 2-in-1‘s.

June 22, 2022 • 2 min read

Microsoft Defender for Office 365 receives highest award in SE Labs Enterprise Email Security Services test

Microsoft received an AAA Protection Award for Microsoft Defender for Office 365, the highest possible award that vendors can achieve in this test.

Photo of Microsoft Cyber Defense Operations Center with the word "Protect" in the foreground.

June 21, 2022 • 7 min read

Improving AI-based defenses to disrupt human-operated ransomware

To disrupt human-operated ransomware attacks as early as possible, we enhanced the AI-based protections in Microsoft Defender for Endpoint with a range of specialized machine learning techniques that swiftly identify and block malicious files, processes, or behavior observed during active attacks.

June 20, 2022 • 6 min read

How one Microsoft software engineer works to improve access management

Igor Sakhnov, corporate vice president of Identity and Network Access Engineering, talks with software engineer Rebecca Nzioki about her journey to computer science and Microsoft’s Africa Development Center in Kenya.

A laptop and a mobile phone displaying Microsoft Defender.

June 16, 2022 • 3 min read

Making the world a safer place with Microsoft Defender for individuals

Microsoft Defender for individuals helps people keep their families safer online with simplified cybersecurity and cross-platform online protection.

Decision maker (DM) collaborating in an open, casual space.

June 15, 2022 • 6 min read

Why strong security solutions are critical to privacy protection

Former three-term Ontario Information and Privacy Commissioner Ann Cavoukian, Ph.D., talks about her seven foundational principles of privacy by design and the importance of data privacy.

CISO (chief information security officer) collaborating in a security operations center.

June 13, 2022 • 14 min read

The many lives of BlackCat ransomware

The use of an unconventional programming language, multiple target devices and possible entry points, and affiliation with prolific threat activity groups have made the BlackCat ransomware a prevalent threat and a prime example of the growing ransomware-as-a-service (RaaS) gig economy.

Outside of a conference room or board room meeting including people sitting around table in a room with international time clocks.

June 13, 2022 • 4 min read

5 ways to connect with Microsoft Security at Identiverse 2022

Microsoft will be attending Identiverse 2022 and would love to connect with partners and others interested in identity. Here are five ways to do that.

Microsoft Excellence Awards 2022 from Microsoft Security for M I S A partners.

June 6, 2022 • 4 min read

Announcing 2022 Microsoft Security Excellence Awards winners

Winners of the Microsoft Security Excellence Awards were announced as Microsoft executives and MISA members gathered for the first time in more than two years.

June 2, 2022 • 11 min read

Exposing POLONIUM activity and infrastructure targeting Israeli organizations

Microsoft successfully detected and disabled attack activity abusing OneDrive by a previously undocumented Lebanon-based activity group Microsoft Threat Intelligence Center (MSTIC) tracks as POLONIUM.

A group gathers around a table having a meeting in an office.

June 2, 2022 • 3 min read

Microsoft collaborates with Tenable to support federal cybersecurity efforts

In the spirit of the executive order and as part of our commitment to enhancing cybersecurity across the US, we today announce that Tenable has expanded its collaboration with the Microsoft Intelligent Security Association (MISA). Together, Microsoft and Tenable will help enhance the US government’s ability to quickly identify, investigate, prioritize, and remediate threats—and help collectively raise the country’s security posture.

Photo of a male wearing a gray jacket and glasses, standing in front of a computer desk with multiple monitors.

June 1, 2022 • 11 min read

Using Python to unearth a goldmine of threat intelligence from leaked chat logs

Dealing with a great amount of data can be time consuming, thus using Python can be very powerful to help analysts sort information and extract the most relevant data for their investigation. The open-source tools library, MSTICpy, for example, is a Python tool dedicated to threat intelligence. It aims to help threat analysts acquire, enrich, analyze, and visualize data.