Security

About Security

Welcome to the Security category page, your fortress for safeguarding digital assets. In an age where cyberthreats are ever-evolving, IT security is paramount. Here, you’ll find resources including best practices, tools, and strategies to protect networks, systems, and data. Whether you’re an IT professional looking to understand the basics or seeking advanced security solutions, or a business owner aiming to fortify your defenses, this page is your stronghold for cybersecurity knowledge.

FUNDAMENTALS

microsoft security hero approved

Enhancing Security with Microsoft Entra Token Theft Protection

This article explores how Microsoft Entra’s new token theft protection policy can provide robust protection against token theft. By leveraging a new Conditional Access policy, organizations can safeguard their digital identities and sensitive data from cyberthreats. Securing your IT landscape is increasingly becoming critical. With cyberthreats on the rise, and showing no signs of slowing…

Best Practices with Azure ARM Network Security Groups

Last Update: Sep 04, 2024

In this post about Azure network security group best practices, Aidan offers tips for creating, configuring, and associating network security groups (NSGs) in Azure Resource Manager or CSP.

Security

Understanding Microsoft Defender and its Many Layers

Last Update: Jul 01, 2022

Microsoft Defender has many layers and trying to understand all of the different components can be complex.

GETTING STARTED

Security Overview of Encrypting File System (EFS) in Windows 7

Last Update: Sep 04, 2024

A comparative overview of BitLocker and Encrypting File System (EFS) in Windows 7 and how they can be leveraged to improve the security of your data.

What Are Network Security Groups in Azure Resource Manager?

Last Update: Sep 04, 2024

Network security groups (NSGs) can offer network security and policy enforcement for virtual networks in an Azure Resource Manager (ARM) or CSP deployment.

Guide: Getting Started with Zero Trust Security in Microsoft 365

Last Update: Sep 04, 2024

Zero Trust is a security model that can be applied to Microsoft 365. It focuses on improving security by verifying and testing both the identity and device before granting access to resources. You can think of Zero Trust as a way of working, wherein you take it for granted that every user and device accessing…

TUTORIALS

Security – 4

Securing IoT with Azure Sphere

Last Update: Nov 19, 2024

In this article, we are going to take a brief look at what Azure Sphere is and how it is helping to protect Internet of Things (IoT) devices with additional security overlay. In today’s world, we are surrounded by billions of devices – all with microcontrollers embedded in them for control and to add logic….

How to Reset Default Security ACLs in Windows

Last Update: Sep 04, 2024

Learn how to reset Windows Server security to default settings.

Configuring Network Security Groups in Microsoft Azure

Last Update: Sep 04, 2024

Easily secure subnets in a virtual network with the help of Network Security Groups in Microsoft Azure.

LATEST

Security hero image

Microsoft Defender for Office 365 Adds AI-Powered Threat Classification to Boost Email Security

Microsoft is introducing a new Threat classification feature in Defender for Office 365 to improve email security. This tool leverages AI and machine learning to help security teams identify and understand the intent behind email threats. The latest update allows administrators to incorporate Threat classification information into key features of the Defender portal, improving detection,…

1725491972 Security Hero

5 Steps to Secure Active Directory

Last Update: Jan 14, 2025

In this guide about Active Directory (AD) security, we’re going to detail five steps that IT admins need to follow to secure Active Directory environments in an organization. There are many best practices you’ll need to be familiar with to ensure Active Directory security, including restricting the use of privileged accounts, monitoring Windows Event Log…

azure cloud data hero

What Is Azure Policy?

Effective governance is essential in today’s multi-cloud, hybrid IT ecosystems. Azure Policy provides a comprehensive framework for defining, enforcing, and automating compliance across Microsoft Azure resources, on-premises workloads, and third-party clouds via Azure Arc. Azure Policy ensures your resources align with business, security, and compliance requirements—without adding operational overhead. By leveraging initiatives, built-in policies, custom…

1725496621 cloud hand hero img

What is Microsoft Defender for Cloud?

This article explores Microsoft Defender for Cloud features, benefits, integration capabilities, and best practices, offering actionable insights for IT professionals managing multicloud environments. Modern cloud environments demand robust security solutions to tackle ever-evolving cyber threats. Microsoft Defender for Cloud answers this call with a unified security platform that protects resources across Microsoft Azure, Amazon Web…

warning-cyber-attack

Cybersecurity Alert: Hackers Exploit Chrome Extensions to Hijack User Passwords

Cybersecurity experts have discovered a series of attacks where hackers compromised multiple Chrome extensions. According to a new report from Reuters, the attackers used malicious code designed to steal browser cookies and hijack authentication sessions The cybersecurity firm Cyberhaven informed its customers that the hackers compromised a company account to release a malicious update (version…

Network Security

Microsoft Launches New Security Exposure Management Tool to Enhance Organizational Resilience

Microsoft has announced the general availability of Security Exposure Management. This new solution allows IT administrators to assess and reduce threat exposure within their organization. Microsoft initially launched Security Exposure Management in preview back in March. It consolidates data across devices, identities, applications, and hybrid environments to provide a unified view of an organization’s attack…

Security Keyboard Hero

Thwarting Phishing Attacks with Predictive Analytics and Machine Learning in 2024

Last Update: Nov 20, 2024

The types of cyberattacks bad actors gravitate to haven’t changed – only their sophistication. Phishing attacks are more popular than they’ve ever been. Chiefly, because of how accessible they’ve become through AI and machine learning. Staying ahead of modern-day cyber attacks will require organizations to fight fire with fire. This means adopting an AI-driven strategy…

Security – 5

Microsoft Power Pages Misconfigurations Expose Millions of Sensitive Records

Cybersecurity researchers have discovered a new data exposure issue in Microsoft Power Pages, stemming from misconfigured access controls in websites built with the platform. This flaw exposed millions of sensitive business records to unauthorized users, posing a serious security risk for affected organizations. Microsoft Power Pages is a low-code software as a service (SaaS) platform…

microsoft security hero approved

Hackers Exploit Microsoft Office Flaw in New Remcos RAT Phishing Attack

Cybersecurity researchers have discovered a new phishing campaign enabling threat actors to deploy a modified variant of the Remcos RAT (Remote Access Trojan). This new malware grants cybercriminals complete control over infected Windows devices. Researchers at Fortinet’s FortiGuard Labs report that this phishing campaign begins with an email designed to lure victims into clicking on…

Security hero image

New Phishing Campaign Leverages Malicious Linux VM to Infect Windows Devices

Cybersecurity researchers have discovered a new phishing campaign, dubbed “CRON#TRAP,” which lures victims into unknowingly installing a Linux virtual machine on their Windows systems. This sophisticated tactic provides attackers with a covert foothold in corporate networks, allowing them to operate under the radar of traditional security defenses. A report from Securonix researchers reveals that hackers…

Network Security

Microsoft Adds New Tools to Enhance Security Exposure Management for Commercial Customers

Microsoft’s latest update to its Security Exposure Management solution delivers new tools to strengthen organizational defenses. The release introduces an advanced attack path dashboard, alongside the innovative Choke Points and Blast Radius features, providing enhanced visibility and control over potential security threats. Microsoft Security Exposure Management is a tool designed to help administrators identify, evaluate,…

Security

Microsoft Reports Nearly 400 U.S. Healthcare Facilities Targeted by Ransomware Attacks

Microsoft has found that nearly 400 U.S. healthcare organizations have fallen victim to ransomware attacks this fiscal year. These campaigns aim to breach sensitive patient data, disrupt vital operations, and put patients’ lives at risk. In a report released earlier this week, Microsoft noted that healthcare organizations face average ransomware payments of up to $4.4…

Go to page