Digital Security Tips and Solutions - Microsoft Security Blog

Microsoft Security

Microsoft Security

Sign in

January 25, 2022 • 5 min read

How CISOs are preparing to tackle 2022

January 26, 2022 • 9 min read

Evolved phishing: Device registration trick adds to phishers’ toolbox for victims without MFA

We uncovered a large-scale, multi-phase campaign that adds a novel technique to traditional phishing tactics by joining an attacker-operated device to an organization’s network to further propagate the campaign.

January 21, 2022 • 11 min read

Celebrating 20 Years of Trustworthy Computing

20 years ago this week, Bill Gates sent a now-famous email to all Microsoft employees announcing the creation of the Trustworthy Computing (TwC) initiative. The initiative was intended to put customer security, and ultimately customer trust, at the forefront for all Microsoft employees.

Two open laptops sitting on table in front of two figures, with a cup of coffee between them.

January 20, 2022 • 8 min read

Build a stronger cybersecurity team through diversity and training

Heath Adams, Chief Executive Officer at TCM Security, offers practical advice on how to build a security team.

January 15, 2022 • 6 min read

Destructive malware targeting Ukrainian organizations

Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a destructive malware operation targeting multiple organizations in Ukraine.

Small business team collaborating in modern workplace.

January 13, 2022 • 8 min read

Learn about 4 approaches to comprehensive security that help leaders be fearless

The last 18 months have put pressure on organizations to speed up their digital transformation as hybrid work continues to become the new normal. Yet even with all the change and uncertainty, having the right security support system in place means your organization can still move forward confidently to turn your vision into reality.

Man with glasses looking ahead.

January 12, 2022 • 5 min read

Microsoft Zero Trust solutions deliver 92 percent return on investment, says new Forrester study

Total Economic Impact™ study conducted by Forrester Consulting and commissioned by Microsoft reveals cost savings and business benefits enabled by Zero Trust.

Group of four men and women having a meeting around a table in a conference room.

January 10, 2022 • 8 min read

Align your security and network teams to Zero Trust security demands

Get expert advice on how to bridge gaps between your SOC and NOC and enable Zero Trust security in today’s rapidly evolving threat landscape.

Image of a person working on a MacBook Pro in the subway

January 10, 2022 • 10 min read

New macOS vulnerability, “powerdir,” could lead to unauthorized user data access

A new macOS vulnerability, “powerdir,” could allow an attacker to bypass the operating system’s TCC technology and gain unauthorized access to a user’s protected data. We shared our findings with Apple through Coordinated Vulnerability Disclosure (CVD) and Apple released a fix.

Real people. Customer support/admin meeting at a digital consulting firm. The firm provides custom solutions across a multitude of disciplines including IT, front and back end software development, customer support and data services.

January 4, 2022 • 5 min read

What you need to know about how cryptography impacts your security strategy

Taurus SA Co-founder and Chief Security Officer Jean-Philippe “JP” Aumasson shares how the discipline of cryptography will impact cybersecurity strategy.

Female developer speaking in front of a white board during team stand up meeting.

December 15, 2021 • 5 min read

The final report on NOBELIUM’s unprecedented nation-state attack

In the final post of a four-part series on the NOBELIUM nation-state attack, we explore key findings from the after-action report on the attack.

A red-haired woman with a green shirt and glasses, sitting inside an office working on her laptop.

December 14, 2021 • 5 min read

Your guide to mobile digital forensics

Cellebrite Senior Director of Digital Intelligence Heather Mahalik offers an inside look at mobile forensics and shares how to think about the function in your organization.

Image of data center

December 11, 2021 • 31 min read

Guidance for preventing, detecting, and hunting for exploitation of the Log4j 2 vulnerability

Microsoft is tracking threats taking advantage of the remote code execution (RCE) vulnerability in Apache Log4j 2. Get technical info and guidance for using Microsoft security solutions to protect against attacks.

1
2
3
…
237
Next Page