Microsoft
Microsoft | News, how-tos, features, reviews, and videos
Protecting on-premises Microsoft servers
Many organizations still have on-premises Microsoft Exchange, SharePoint, or Office servers with inadequate protections.
Microsoft touts first PCs to ship natively with secure Pluton chip
Along with thwarting malware, the Pluton chip handles BitLocker, Windows Hello, and System Guard and might help prevent physical insider attacks. The technology is also being used in Azure Sphere in the cloud.
The 10 most powerful cybersecurity companies
What makes these 10 security vendors the biggest power players? We break it down.
The most dangerous (and interesting) Microsoft 365 attacks
APT groups are developing new techniques that allow them to avoid detection and exfiltrate hundreds of gigabytes of data from emails, SharePoint, OneDrive, and other applications.
The Microsoft Exchange Server hack: A timeline
Research shows plenty of unpatched systems remain. Here's how the attacks unfolded, from discovery of vulnerabilities to today's battle to close the holes.
Sponsor Podcast in partnership with Microsoft
Episode 4: Reduce SOC burnout
Episode 4 - Listen to the podcast to learn more about the expanding threat landscape and how security leaders can reduce SOC burnout and enable security teams to be proactive and preventive threat hunters with a modern threat...
Sponsor Podcast in partnership with Microsoft
Episode 3: The Zero Trust Model
Episode 3: In this episode, we look at the steps organizations are taking toward Zero Trust and provide recommendations for making the most of a Zero Trust model to reduce risk while helping employees be more productive, regardless...
How to patch Exchange Server for the Hafnium zero-day attack
Admins in many businesses report indicators of compromise from an Exchange zero-day vulnerability. Don't assume you're not a target. Investigate for signs of the attack and patch now.
Chinese cyberespionage group hacks US organizations with Exchange zero-day flaws
Microsoft believes Chinese APT group Hafnium is using a set of previously unknown Exchange Server vulnerabilities to access mailbox contents and perform remote code execution.
![A hand activates the software update button in a virtual interface. [ update / patch / fix ]](https://images.idgesg.net/images/article/2020/08/hand_activates_software_update_button_in_virtual_interface_development_update_patch_fix_by_ra2studio_gettyimages-1220938772_2400x1600-100854508-small.3x2.jpg?auto=webp&quality=85,70)
The .NET patch failure that wasn’t
This month’s patch updates from Microsoft have caused few problems, and though there were some issues related to .NET, even those have been scattered.
Sponsor Podcast in partnership with Microsoft
Episode 2: Empowering employees to be secure and productive
Episode 2: When it comes to protecting your business, security is a team sport. Criminal hackers –increasingly sophisticated and persistent – are playing offense, trying to find weak spots to breach an organization. And everyone in...
Top SolarWinds risk assessment resources for Microsoft 365 and Azure
Government and private organizations, including Microsoft, have released a wealth of information and tools to assess risk from SolarWinds-like attacks.
18 (new) ways attackers can compromise email
Researchers have discovered eighteen new vulnerabilities in how email systems authenticate senders, making it even easier for criminals to fool users.
Tech Primer
What it takes to become an information assurance analyst
This in-demand role calls for a rare combination of superior communication skills and security chops. Learn how one information assurance analyst landed his current job, the skills and training that helped him get there, and where his...
Tech Primer
Fraud prevention: Improving internal controls
Internal fraud controls aren't fire-and-forget. Smart collaboration and ongoing improvement will help keep fraud in check. Here are the basics.
Tech Primer
How to write an information security policy
Learn the critical first step, why consensus is key, what to cover and how make your information security policy — and program — effective.
Tech Primer
Red team versus blue team: How to run an effective simulation
Playing the role of an attacker can make your team better at defense. Learn how in our step-by-step guide to war gaming your security infrastructure — from involving the right people to weighing a hypothetical vs. live event.
Tech Primer
How to survive (and thrive) in the CISO hot seat
The CISO role is more varied and more pressure-filled than ever. CSO Online looks at how you can be successful in a post where security incidents and management feuds can cost you your job.