xoxo

There are many acronyms in the world of security—let’s review a basic one: XDR. Extended detection and response (XDR) integrates threat protection across endpoints, servers, and more. Learn more about its role in business and SIEM: msft.it/6013dZddf #ThreatProtection

The Department of Defense released its formal Zero Trust strategy, providing clear guidance for vendors regarding forty-five separate capabilities and 152 total activities. Discover how Microsoft is uniquely suited to support this security mission: msft.it/6016dN1OQ

Threat actors are using more tools and techniques to exploit vulnerabilities in IoT/OT connectivity. Learn how to keep your organization protected in our latest report: msft.it/6010efSXm #SecurityInsider #OTSecurity

Join us live in San Francisco this April 23, 2023. Microsoft Pre-Day at #RSAC is your chance to meet industry leaders and get early access to the latest in #AI and security. Register now: msft.it/6010gzNNg

We are live from Cyber Command in the Microsoft Global CDOC!

There's no reason to admit this publicly except awareness to help keep others safe. Thank you Rik!

Types of Phishing Attacks #CyberAttack #cybersecurity #hacked

🚨 Cybersecurity and Infrastructure Security Agency just added 2️⃣ 🆕 CVEs to its Known Exploited Vulnerabilities Catalog. Stay up to date on the latest additions and protect yourself from a malicious #cyberattack. 🔗 cisa.gov/news-events/al… #Cybersecurity #InfoSec #VulnerabilityManagement

For the fifth year in a row, Microsoft Defender 365 achieved industry-leading results in the @MITREengenuity ATT&CK® Evaluations: Enterprise. See how its XDR capabilities responded to an emulated attack from threat group Turla: msft.it/601299LHi #XDR

This Microsoft Threat Intelligence podcast episode with Bryan Prior and Nirit Hinkis from the Microsoft Threat Analysis Center, and podcast host 💻 Sherrod DeGrippo 🛸 brings context to the intricacies of Iran’s penchant for cyber-enabled influence operations: msft.it/6015cz3zN

/4/ to be clear... I never use X/Twitter to complain but this has exceeded the worst of all my travel experiences ever... I'm a well seasoned traveler and a loyal americanair flyer with. I've never experienced anything like this with any of the other OneWorld partners.

The financially motivated cybercriminal group that Microsoft tracks as Storm-0501 has been observed exfiltrating data and deploying Embargo ransomware after moving laterally from on-premises to the cloud environment. msft.it/6013m5gnf

Whether it’s RSAC, Black Hat, DEF CON, or the smaller-but-mighty community events like BSides or CactusCon, in-person events allow for those conversations in a way that chat groups just can’t replicate, says Microsoft's Sherrod DeGrippo. #cybersecurity bit.ly/4cfJkhU

April 2025 version of MCRA is out! This release of the Microsoft Cybersecurity Reference Architectures (MCRA) focuses on updates for standards/mappings, product/technology changes, and more. Download PowerPoint (including slide notes) from usual site - aka.ms/MCRA

Stanford University literally released free online courses. No payment Required. Here are best courses you don't want to miss in 2025:

Update: Microsoft has released security updates that fully protect customers using all supported versions of SharePoint affected by CVE-2025-53770 and CVE-2025-53771.

Microsoft Sentinel Data Lake is in public preview! microsoft.com/en-us/security…

We updated our blog with expanded analysis and threat intelligence from newly observed activity by Storm-2603 leading to the deployment of Warlock ransomware. msft.it/6011s132J

Microsoft Threat Intelligence has uncovered a cyberespionage campaign by the Russian state actor we track as Secret Blizzard targeting embassies in Moscow using an adversary-in-the-middle (AiTM) position to deploy their custom ApolloShadow malware. msft.it/6019sJm1F