Microsoft

Microsoft | News, how-tos, features, reviews, and videos

thinkstockphotos 499123970 laptop security
binary code flows around a corporate structure / cybersecurity / technology companies

cyber attack alert

The most dangerous (and interesting) Microsoft 365 attacks

APT groups are developing new techniques that allow them to avoid detection and exfiltrate hundreds of gigabytes of data from emails, SharePoint, OneDrive, and other applications.

Clues are mapped out for investigation with maps, events, dates and photos connected by red threads.

The Microsoft Exchange Server hack: A timeline

Research shows plenty of unpatched systems remain. Here's how the attacks unfolded, from discovery of vulnerabilities to today's battle to close the holes.

podcast 3x16 2
Sponsor Podcast Microsoft

Episode 4: Reduce SOC burnout

Episode 4 - Listen to the podcast to learn more about the expanding threat landscape and how security leaders can reduce SOC burnout and enable security teams to be proactive and preventive threat hunters with a modern threat...

podcast 3x16 2
Sponsor Podcast Microsoft

Episode 3: The Zero Trust Model

Episode 3: In this episode, we look at the steps organizations are taking toward Zero Trust and provide recommendations for making the most of a Zero Trust model to reduce risk while helping employees be more productive, regardless...

zeroday software bug skull and crossbones security flaw exploited danger vulnerabilities by gwengoa

How to patch Exchange Server for the Hafnium zero-day attack

Admins in many businesses report indicators of compromise from an Exchange zero-day vulnerability. Don't assume you're not a target. Investigate for signs of the attack and patch now.

A broken link in a digital chaing / weakness / vulnerability

Chinese cyberespionage group hacks US organizations with Exchange zero-day flaws

Microsoft believes Chinese APT group Hafnium is using a set of previously unknown Exchange Server vulnerabilities to access mailbox contents and perform remote code execution.

A hand activates the software update button in a virtual interface. [ update / patch / fix ]

The .NET patch failure that wasn’t

This month’s patch updates from Microsoft have caused few problems, and though there were some issues related to .NET, even those have been scattered.

podcast 3x16 2
Sponsor Podcast Microsoft

Episode 2: Empowering employees to be secure and productive

Episode 2: When it comes to protecting your business, security is a team sport. Criminal hackers –increasingly sophisticated and persistent – are playing offense, trying to find weak spots to breach an organization. And everyone in...

A hacker attacks from within a Windows system.

Top SolarWinds risk assessment resources for Microsoft 365 and Azure

Government and private organizations, including Microsoft, have released a wealth of information and tools to assess risk from SolarWinds-like attacks.

incoming emails / DNS security / locked server / parked domain

18 (new) ways attackers can compromise email

Researchers have discovered eighteen new vulnerabilities in how email systems authenticate senders, making it even easier for criminals to fool users.

What it takes to become an information assurance analyst

This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...

Fraud prevention: Improving internal controls

Internal fraud controls aren't fire-and-forget. Smart collaboration and ongoing improvement will help keep fraud in check. Here are the basics.

information security 2

How to write an information security policy

Learn the critical first step, why consensus is key, what to cover and how make your information security policy — and program — effective.

Red team versus blue team: How to run an effective simulation

Playing the role of an attacker can make your team better at defense. Learn how in our step-by-step guide to war gaming your security infrastructure — from involving the right people to weighing a hypothetical vs. live event.

How to survive (and thrive) in the CISO hot seat

The CISO role is more varied and more pressure-filled than ever. CSO Online looks at how you can be successful in a post where security incidents and management feuds can cost you your job.

Special report: platforms play big in the cloud

This latest report in our C-Suite 360 series takes a full-spectrum look at the opportunities and risks in cloud computing, offering up the expert information your organization needs to set its cloud strategy.

Research report: IT security's looming tipping point

Even as security draws board-level attention, many IT professionals give their organizations’ infosec practices low marks. This special report from CIO, CSO and Computerworld reveals how to tip the balance in the right direction.

The CSO identity management survival guide

This guide will help you communicate through the challenges of identity management, learn from success stories and discover the most valuable features of today's identity management tools.

Load More