Digital Security Tips and Solutions - Microsoft Security Blog

Microsoft Security

Microsoft Security

Sign in

January 13, 2022 • 8 min read

Learn about 4 approaches to comprehensive security that help leaders be fearless

January 21, 2022 • 11 min read

Celebrating 20 Years of Trustworthy Computing

20 years ago this week, Bill Gates sent a now-famous email to all Microsoft employees announcing the creation of the Trustworthy Computing (TwC) initiative. The initiative was intended to put customer security, and ultimately customer trust, at the forefront for all Microsoft employees.

Two open laptops sitting on table in front of two figures, with a cup of coffee between them.

January 20, 2022 • 8 min read

Build a stronger cybersecurity team through diversity and training

Heath Adams, Chief Executive Officer at TCM Security, offers practical advice on how to build a security team.

January 15, 2022 • 6 min read

Destructive malware targeting Ukrainian organizations

Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine.

Man with glasses looking ahead.

January 12, 2022 • 5 min read

Microsoft Zero Trust solutions deliver 92 percent return on investment, says new Forrester study

Total Economic Impact™ study conducted by Forrester Consulting and commissioned by Microsoft reveals cost savings and business benefits enabled by Zero Trust.

Group of four men and women having a meeting around a table in a conference room.

January 10, 2022 • 8 min read

Align your security and network teams to Zero Trust security demands

Get expert advice on how to bridge gaps between your SOC and NOC and enable Zero Trust security in today’s rapidly evolving threat landscape.

Image of a person working on a MacBook Pro in the subway

January 10, 2022 • 10 min read

New macOS vulnerability, “powerdir,” could lead to unauthorized user data access

A new macOS vulnerability, “powerdir,” could allow an attacker to bypass the operating system’s TCC technology and gain unauthorized access to a user’s protected data. We shared our findings with Apple through Coordinated Vulnerability Disclosure (CVD) and Apple released a fix.

Real people. Customer support/admin meeting at a digital consulting firm. The firm provides custom solutions across a multitude of disciplines including IT, front and back end software development, customer support and data services.

January 4, 2022 • 5 min read

What you need to know about how cryptography impacts your security strategy

Taurus SA Co-founder and Chief Security Officer Jean-Philippe “JP” Aumasson shares how the discipline of cryptography will impact cybersecurity strategy.

Female developer speaking in front of a white board during team stand up meeting.

December 15, 2021 • 5 min read

The final report on NOBELIUM’s unprecedented nation-state attack

In the final post of a four-part series on the NOBELIUM nation-state attack, we explore key findings from the after-action report on the attack.

A red-haired woman with a green shirt and glasses, sitting inside an office working on her laptop.

December 14, 2021 • 5 min read

Your guide to mobile digital forensics

Cellebrite Senior Director of Digital Intelligence Heather Mahalik offers an inside look at mobile forensics and shares how to think about the function in your organization.

Image of data center

December 11, 2021 • 31 min read

Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability

Microsoft is tracking threats taking advantage of the remote code execution (RCE) vulnerability in Apache Log4j 2. Get technical info and guidance for using Microsoft security solutions to protect against attacks.

Adult woman working on multiple laptops.

December 9, 2021 • 4 min read

Best practices for AI security risk management

Today, we are releasing an AI security risk assessment framework as a step to empower organizations to reliably audit, track, and improve the security of the AI systems. In addition, we are providing new updates to Counterfit, our open-source tool to simplify assessing the security posture of AI systems.

December 9, 2021 • 17 min read

A closer look at Qakbot’s latest building blocks (and how to knock them down)

Multiple Qakbot campaigns that are active at any given time prove that the decade-old malware continues to be many attackers’ tool of choice, a customizable chameleon that adapts to suit the needs of the multiple threat actor groups that utilize it. Since emerging in 2007 as a banking Trojan, Qakbot has evolved into a multi-purpose…

1
2
3
…
237
Next Page