Security

Microsoft 365 Defender, Identity Protection, and Microsoft Sentinel generate an avalanche of security incidents that require attention. In this article, I will give you an overview of what tools are at your disposal, what incidents are useful, and how to make Microsoft Sentinel reduce alerts. Security incidents in a single pane of glass Today’s security…

Security researchers have discovered a new threat actor that has been using a highly advanced phishing kit to bypass multifactor authentication (MFA) safeguards. The cyber threat group has successfully compromised over 8,000 Microsoft 365 corporate accounts across the US, Europe, and Australia. According to a report released by Group-IB, the hackers had built a highly…

Bullwall announced the launch of its new Server Intrusion Protection solution this week. In an age where remote access is integral to business operations and security concerns loom large, this solution aims to prevent unauthorized access during Remote Desktop Protocol (RDP) sessions due to compromised credentials. BullWall is a cybersecurity solution provider that allows organizations…

Endpoint security plays a vital role in safeguarding enterprise cybersecurity, particularly in the context of remote work scenarios. As the number of endpoints accessing corporate networks rises with the growth of remote work, the need for robust endpoint security becomes increasingly paramount, enabling a secure environment for users on the move. In this article, I…

This is the second article in the Zero Trust Security in Microsoft 365 series. Here you will gain an understanding of the strategies to deploy Zero Trust Identity Security. Managing identity will always be at the forefront of this security model. Environments with proper identity policies are better placed to handle attempts at gaining access…

Microsoft recently disclosed a cyber-espionage campaign that allowed Chinese hackers to steal a signing key and breach sensitive US government email accounts. The company launched an investigation into the security incident, which led to the publication of detailed findings in a report released on Wednesday. In July, Microsoft detailed that a Chinese hacking group (tracked…

Microsoft Defender for Endpoint for iOS and Android devices is a mobile threat defense solution (MTD). Most organizations are in agreement that Windows devices require some form of antivirus and antimalware solution in order to be considered secure. Very few organizations, however, consider iOS and Android as platforms that require threat protection. Whilst iOS and…

Microsoft Defender for Endpoint (MDE, previously known as Microsoft Defender Advanced Threat Protection) is Microsoft’s endpoint security platform that goes far and beyond the traditional anti-malware engine and firewall to protect against the modern cybersecurity threats an organization faces.  An evolving solution since it was first announced in 2016, MDE is part of the Microsoft…

Microsoft is set to bids farewell to outdated Transport Layer Security (TLS) 1.0 and 1.1 protocols in Windows. The company plans to drop support for the encryption protocols starting with Windows 11 Insider Preview Builds in September. Transport Layer Security (TLS) is a cryptographic protocol that ensures secure data transmission over a computer network. It…

In a leap towards fortifying data security, Microsoft has unveiled several enhancements for Microsoft Purview Data Loss Prevention. These latest updates boost protection, expand DLP capabilities across platforms, and facilitate seamless day-to-day tasks for administrators. First off, Microsoft has introduced optical character recognition (OCR) support in public preview in Microsoft Teams and Exchange Online. The…