Microsoft
Microsoft | News, how-tos, features, reviews, and videos
Why it's time to review your on-premises Microsoft Exchange patch status
Microsoft's recent Patch Tuesday addressed some Exchange Server vulnerabilities, but other steps might be needed to fully secure it.
Microsoft Exchange ProxyNotShell vulnerability explained and how to mitigate it
Understand why ProxyNotShell is different from Proxyshell and why mitigation advice has changed.
Microsoft's rough 2022 security year in review
The ubiquity of Microsoft technology in organizations big and small make it a target for attack. These are the most important vulnerabilities and fixes from 2022 that admins need to know.
Attacks using Office macros decline in wake of Microsoft action
Researchers see 66% decline in attacks over eight months since Microsoft turned off macros by default.
How to manage Microsoft's Excel and Office macro blocking
Microsoft's reversal of its blocking by default on Excel macros creates an opportunity to improve policies and processes around Excel and Office macro use.
Best practices for deploying multi-factor authentication on Microsoft networks
Microsoft will soon mandate MFA for some customers, and these are the key considerations before you deploy it.
Microsoft security vulnerabilities drop after five-year rise
While elevated privilege attacks remain a critical security concern when using Microsoft products, a new report says that the raw number of vulnerabilities is dropping.
Protecting on-premises Microsoft servers
Many organizations still have on-premises Microsoft Exchange, SharePoint, or Office servers with inadequate protections.
Microsoft touts first PCs to ship natively with secure Pluton chip
Along with thwarting malware, the Pluton chip handles BitLocker, Windows Hello, and System Guard and might help prevent physical insider attacks. The technology is also being used in Azure Sphere in the cloud.
The 10 most powerful cybersecurity companies
What makes these 10 security vendors the biggest power players? We break it down.
The most dangerous (and interesting) Microsoft 365 attacks
APT groups are developing new techniques that allow them to avoid detection and exfiltrate hundreds of gigabytes of data from emails, SharePoint, OneDrive, and other applications.
Microsoft’s new APAC cybersecurity council: Where it fits in
Southeast Asia nations face higher malware and ransomware rates, so Microsoft is hoping to use its broad presence to build a region-wide coalition to improve defences.
The Microsoft Exchange Server hack: A timeline
Research shows plenty of unpatched systems remain. Here's how the attacks unfolded, from discovery of vulnerabilities to today's battle to close the holes.
Sponsor Podcast in partnership with Microsoft
Episode 4: Reduce SOC burnout
Episode 4 - Listen to the podcast to learn more about the expanding threat landscape and how security leaders can reduce SOC burnout and enable security teams to be proactive and preventive threat hunters with a modern threat...
Sponsor Podcast in partnership with Microsoft
Episode 3: The Zero Trust Model
Episode 3: In this episode, we look at the steps organizations are taking toward Zero Trust and provide recommendations for making the most of a Zero Trust model to reduce risk while helping employees be more productive, regardless...
How to patch Exchange Server for the Hafnium zero-day attack
Admins in many businesses report indicators of compromise from an Exchange zero-day vulnerability. Don't assume you're not a target. Investigate for signs of the attack and patch now.
Chinese cyberespionage group hacks US organizations with Exchange zero-day flaws
Microsoft believes Chinese APT group Hafnium is using a set of previously unknown Exchange Server vulnerabilities to access mailbox contents and perform remote code execution.
The .NET patch failure that wasn’t
This month’s patch updates from Microsoft have caused few problems, and though there were some issues related to .NET, even those have been scattered.