Welcome to the Security category page, your fortress for safeguarding digital assets. In an age where cyberthreats are ever-evolving, IT security is paramount. Here, you’ll find resources including best practices, tools, and strategies to protect networks, systems, and data. Whether you’re an IT professional looking to understand the basics or seeking advanced security solutions, or a business owner aiming to fortify your defenses, this page is your stronghold for cybersecurity knowledge.
This article explores how Microsoft Entra’s new token theft protection policy can provide robust protection against token theft. By leveraging a new Conditional Access policy, organizations can safeguard their digital identities and sensitive data from cyberthreats. Securing your IT landscape is increasingly becoming critical. With cyberthreats on the rise, and showing no signs of slowing…
Last Update: Sep 04, 2024
In this post about Azure network security group best practices, Aidan offers tips for creating, configuring, and associating network security groups (NSGs) in Azure Resource Manager or CSP.
Last Update: Jul 01, 2022
Microsoft Defender has many layers and trying to understand all of the different components can be complex.
Last Update: Sep 04, 2024
A comparative overview of BitLocker and Encrypting File System (EFS) in Windows 7 and how they can be leveraged to improve the security of your data.
Last Update: Sep 04, 2024
Network security groups (NSGs) can offer network security and policy enforcement for virtual networks in an Azure Resource Manager (ARM) or CSP deployment.
Last Update: Sep 04, 2024
Zero Trust is a security model that can be applied to Microsoft 365. It focuses on improving security by verifying and testing both the identity and device before granting access to resources. You can think of Zero Trust as a way of working, wherein you take it for granted that every user and device accessing…
Last Update: Nov 19, 2024
In this article, we are going to take a brief look at what Azure Sphere is and how it is helping to protect Internet of Things (IoT) devices with additional security overlay. In today’s world, we are surrounded by billions of devices – all with microcontrollers embedded in them for control and to add logic….
Last Update: Sep 04, 2024
Learn how to reset Windows Server security to default settings.
Last Update: Sep 04, 2024
Easily secure subnets in a virtual network with the help of Network Security Groups in Microsoft Azure.
Microsoft is introducing a new Threat classification feature in Defender for Office 365 to improve email security. This tool leverages AI and machine learning to help security teams identify and understand the intent behind email threats. The latest update allows administrators to incorporate Threat classification information into key features of the Defender portal, improving detection,…
Last Update: Jan 14, 2025
In this guide about Active Directory (AD) security, we’re going to detail five steps that IT admins need to follow to secure Active Directory environments in an organization. There are many best practices you’ll need to be familiar with to ensure Active Directory security, including restricting the use of privileged accounts, monitoring Windows Event Log…
Effective governance is essential in today’s multi-cloud, hybrid IT ecosystems. Azure Policy provides a comprehensive framework for defining, enforcing, and automating compliance across Microsoft Azure resources, on-premises workloads, and third-party clouds via Azure Arc. Azure Policy ensures your resources align with business, security, and compliance requirements—without adding operational overhead. By leveraging initiatives, built-in policies, custom…
This article explores Microsoft Defender for Cloud features, benefits, integration capabilities, and best practices, offering actionable insights for IT professionals managing multicloud environments. Modern cloud environments demand robust security solutions to tackle ever-evolving cyber threats. Microsoft Defender for Cloud answers this call with a unified security platform that protects resources across Microsoft Azure, Amazon Web…
Cybersecurity experts have discovered a series of attacks where hackers compromised multiple Chrome extensions. According to a new report from Reuters, the attackers used malicious code designed to steal browser cookies and hijack authentication sessions The cybersecurity firm Cyberhaven informed its customers that the hackers compromised a company account to release a malicious update (version…
Microsoft has announced the general availability of Security Exposure Management. This new solution allows IT administrators to assess and reduce threat exposure within their organization. Microsoft initially launched Security Exposure Management in preview back in March. It consolidates data across devices, identities, applications, and hybrid environments to provide a unified view of an organization’s attack…
Last Update: Nov 20, 2024
The types of cyberattacks bad actors gravitate to haven’t changed – only their sophistication. Phishing attacks are more popular than they’ve ever been. Chiefly, because of how accessible they’ve become through AI and machine learning. Staying ahead of modern-day cyber attacks will require organizations to fight fire with fire. This means adopting an AI-driven strategy…
Cybersecurity researchers have discovered a new data exposure issue in Microsoft Power Pages, stemming from misconfigured access controls in websites built with the platform. This flaw exposed millions of sensitive business records to unauthorized users, posing a serious security risk for affected organizations. Microsoft Power Pages is a low-code software as a service (SaaS) platform…
Cybersecurity researchers have discovered a new phishing campaign enabling threat actors to deploy a modified variant of the Remcos RAT (Remote Access Trojan). This new malware grants cybercriminals complete control over infected Windows devices. Researchers at Fortinet’s FortiGuard Labs report that this phishing campaign begins with an email designed to lure victims into clicking on…
Cybersecurity researchers have discovered a new phishing campaign, dubbed “CRON#TRAP,” which lures victims into unknowingly installing a Linux virtual machine on their Windows systems. This sophisticated tactic provides attackers with a covert foothold in corporate networks, allowing them to operate under the radar of traditional security defenses. A report from Securonix researchers reveals that hackers…
Microsoft’s latest update to its Security Exposure Management solution delivers new tools to strengthen organizational defenses. The release introduces an advanced attack path dashboard, alongside the innovative Choke Points and Blast Radius features, providing enhanced visibility and control over potential security threats. Microsoft Security Exposure Management is a tool designed to help administrators identify, evaluate,…
Microsoft has found that nearly 400 U.S. healthcare organizations have fallen victim to ransomware attacks this fiscal year. These campaigns aim to breach sensitive patient data, disrupt vital operations, and put patients’ lives at risk. In a report released earlier this week, Microsoft noted that healthcare organizations face average ransomware payments of up to $4.4…