Security

Endpoint security plays a vital role in safeguarding enterprise cybersecurity, particularly in the context of remote work scenarios. As the number of endpoints accessing corporate networks rises with the growth of remote work, the need for robust endpoint security becomes increasingly paramount, enabling a secure environment for users on the move. In this article, I…

This is the second article in the Zero Trust Security in Microsoft 365 series. Here you will gain an understanding of the strategies to deploy Zero Trust Identity Security. Managing identity will always be at the forefront of this security model. Environments with proper identity policies are better placed to handle attempts at gaining access…

Microsoft recently disclosed a cyber-espionage campaign that allowed Chinese hackers to steal a signing key and breach sensitive US government email accounts. The company launched an investigation into the security incident, which led to the publication of detailed findings in a report released on Wednesday. In July, Microsoft detailed that a Chinese hacking group (tracked…

Microsoft Defender for Endpoint for iOS and Android devices is a mobile threat defense solution (MTD). Most organizations are in agreement that Windows devices require some form of antivirus and antimalware solution in order to be considered secure. Very few organizations, however, consider iOS and Android as platforms that require threat protection. Whilst iOS and…

Microsoft Defender for Endpoint (MDE, previously known as Microsoft Defender Advanced Threat Protection) is Microsoft’s endpoint security platform that goes far and beyond the traditional anti-malware engine and firewall to protect against the modern cybersecurity threats an organization faces.  An evolving solution since it was first announced in 2016, MDE is part of the Microsoft…

Microsoft is set to bids farewell to outdated Transport Layer Security (TLS) 1.0 and 1.1 protocols in Windows. The company plans to drop support for the encryption protocols starting with Windows 11 Insider Preview Builds in September. Transport Layer Security (TLS) is a cryptographic protocol that ensures secure data transmission over a computer network. It…

In a leap towards fortifying data security, Microsoft has unveiled several enhancements for Microsoft Purview Data Loss Prevention. These latest updates boost protection, expand DLP capabilities across platforms, and facilitate seamless day-to-day tasks for administrators. First off, Microsoft has introduced optical character recognition (OCR) support in public preview in Microsoft Teams and Exchange Online. The…

Zero Trust is a security model that can be applied to Microsoft 365. It focuses on improving security by verifying and testing both the identity and device before granting access to resources. You can think of Zero Trust as a way of working, wherein you take it for granted that every user and device accessing…

After the successful SolarWinds attack in 2020 where attackers gained access to Microsoft’s systems, Microsoft changed its approach and aligned with the National Institute of Standards and Technology’s (NIST) zero trust architecture. In this article, we’re going to detail how Microsoft’s zero trust approach leverages Azure Active Directory and Identity and Access Management to enable cloud…

Security researchers have exposed a new supply chain attack that targeted entities across Asia, with a particular focus on Hong Kong. An unidentified hacking group, named Carderbee, employed an ingenious tactic — exploiting legitimate software — to infect around 100 computers with the PlugX/Korplug backdoor. According to the Symantec Threat Hunter Team, the hackers hijacked…