www.microsoft.com
Open in
urlscan Pro
2a02:26f0:7100:593::356e
Public Scan
URL:
https://www.microsoft.com/security/blog/
Submission: On June 15 via api from US — Scanned from DE
Submission: On June 15 via api from US — Scanned from DE
Form analysis 1 forms found in the DOM
Name: searchForm — GET https://www.microsoft.com/en-us/security/site-search
<form class="c-search" autocomplete="off" id="searchForm" name="searchForm" role="search" action="https://www.microsoft.com/en-us/security/site-search" method="GET" data-seautosuggest=""
data-seautosuggestapi="https://www.microsoft.com/msstoreapiprod/api/autosuggest"
data-m="{"cN":"GlobalNav_Search_cont","cT":"Container","id":"c3c1c9c3c1m1r1a1","sN":3,"aN":"c1c9c3c1m1r1a1"}" aria-expanded="false"
style="overflow-x: visible;">
<div class="x-screen-reader" aria-live="assertive"></div>
<input id="cli_shellHeaderSearchInput" aria-label="Search Expanded" aria-autocomplete="list" aria-expanded="false" aria-controls="universal-header-search-auto-suggest-transparent" aria-owns="universal-header-search-auto-suggest-ul" type="search"
name="q" role="combobox" placeholder="Search Microsoft Security" data-m="{"cN":"SearchBox_nav","id":"n1c3c1c9c3c1m1r1a1","sN":1,"aN":"c3c1c9c3c1m1r1a1"}" data-toggle="tooltip"
data-placement="right" title="Search Microsoft Security" style="overflow-x: visible;">
<button id="search" aria-label="Search Microsoft Security" class="c-glyph" data-m="{"cN":"Search_nav","id":"n2c3c1c9c3c1m1r1a1","sN":2,"aN":"c3c1c9c3c1m1r1a1"}"
data-bi-mto="true" aria-expanded="false" style="overflow-x: visible;">
<span role="presentation" style="overflow-x: visible;">Search</span>
<span role="tooltip" class="c-uhf-tooltip c-uhf-search-tooltip" style="overflow-x: visible;">Search Microsoft Security</span>
</button>
<div class="m-auto-suggest" id="universal-header-search-auto-suggest-transparent" role="group" style="overflow-x: visible;">
<ul class="c-menu" id="universal-header-search-auto-suggest-ul" aria-label="Search Suggestions" aria-hidden="true" data-bi-dnt="true" data-bi-mto="true" data-js-auto-suggest-position="default" role="listbox" data-tel="jsll"
data-m="{"cN":"search suggestions_cont","cT":"Container","id":"c3c3c1c9c3c1m1r1a1","sN":3,"aN":"c3c1c9c3c1m1r1a1"}" style="overflow-x: visible;"></ul>
</div>
</form>Text Content
We use optional cookies to improve your experience on our websites, such as
through social media connections, and to display personalized advertising based
on your online activity. If you reject optional cookies, only cookies necessary
to provide you the services will be used. You may change your selection by
clicking “Manage Cookies” at the bottom of the page. Privacy Statement
Third-Party Cookies
Accept Reject Manage cookies
Skip to main content
Microsoft Edge is the only browser optimized for Windows. Maximize your PC
performance with features like Sleeping Tabs and Startup Boost.
Close Switch now
Skip to main content
Microsoft
Microsoft Security
Microsoft Security
Microsoft Security
* Home
* Solutions
* Cloud security
* Identity & access
* Information protection & governance
* Ransomware
* Secure remote work
* Risk management
* SIEM & XDR
* Small & medium business
* Zero Trust
* Products
* Identity & access Identity & access
* Microsoft Entra Overview
* Azure Active Directory part of Microsoft Entra
* Microsoft Entra Permissions Management
* Microsoft Entra Verified ID
* Azure Key Vault
* SIEM & XDR SIEM & XDR
* Microsoft Sentinel
* Microsoft Defender for Cloud
* Microsoft 365 Defender
* Microsoft Defender for Endpoint
* Microsoft Defender for Office 365
* Microsoft Defender for Identity
* Microsoft Defender for Cloud Apps
* Microsoft Defender Vulnerability Management
* Cloud security Cloud security
* Microsoft Defender for Cloud
* Azure Firewall
* Azure Web App Firewall
* Azure DDoS Protection
* GitHub Advanced Security
* Endpoint security Endpoint security
* Microsoft 365 Defender
* Microsoft Defender for Endpoint
* Microsoft Defender for IoT
* Microsoft Defender for Business
* Microsoft Defender Vulnerability Management
* Identity threat protection Identity threat protection
* Microsoft Defender for Identity
* Azure AD Identity Protection
* Risk management & privacy Risk management & privacy
* Microsoft Purview Overview
* Microsoft Purview Insider Risk Management
* Microsoft Purview Communication Compliance
* Microsoft Purview eDiscovery
* Microsoft Purview Compliance Manager
* Microsoft Priva Risk Management
* Information protection Information protection
* Microsoft Purview Overview
* Microsoft Purview Information Protection
* Microsoft Purview Data Lifecycle Management
* Microsoft Purview Data Loss Prevention
* Device management Device management
* Microsoft Endpoint Manager
* Services
* Partners
* Resources
* Get started Get started
* Customer stories
* Security 101
* Product trials
* How we protect Microsoft
* Reports and analysis Reports and analysis
* Microsoft Security Insider
* Microsoft Digital Defense Report
* Security Response Center
* Community Community
* Microsoft Security Blog
* Microsoft Security Events
* Microsoft Tech Community
* Documentation and training Documentation and training
* Documentation
* Technical Content Library
* Training & certifications
* Additional sites Additional sites
* Compliance Program for Microsoft Cloud
* Microsoft Trust Center
* Security Engineering Portal
* Service Trust Portal
* Contact sales
* More
* Start free trial
* All Microsoft
* * Microsoft Security
* Azure
* Dynamics 365
* Microsoft 365
* Microsoft Teams
* Windows 365
* Tech & innovation Tech & innovation
* Microsoft Cloud
* AI
* Azure Space
* Mixed reality
* Microsoft HoloLens
* Microsoft Viva
* Quantum computing
* Sustainability
* Industries Industries
* Education
* Automotive
* Financial services
* Government
* Healthcare
* Manufacturing
* Retail
* All industries
* Partners Partners
* Find a partner
* Become a partner
* Partner Network
* Find an advertising partner
* Become an advertising partner
* Azure Marketplace
* AppSource
* Resources Resources
* Blog
* Microsoft Advertising
* Developer Center
* Documentation
* Events
* Licensing
* Microsoft Learn
* Microsoft Research
* View Sitemap
Search Search Microsoft Security
Cancel
Secure access for a connected world—meet Microsoft Entra
May 31, 2022 • 7 min read
SECURE ACCESS FOR A CONNECTED WORLD—MEET MICROSOFT ENTRA
Identity is not just about directories, and access is not just about the
network. Security challenges have become much broader, so we need broader
solutions. We need to secure access for every customer, partner, and employee—
and for every microservice, sensor, network, device, and database.
Read more Secure access for a connected world—meet Microsoft Entra
bars Category filters menu
Recent articles
Products and solutions
* * See all
* Azure Active Directory
* Azure Information Protection
* Microsoft 365 Defender
* Microsoft 365 Security
* Microsoft Authenticator
* See all
* Azure Active Directory
* Azure Information Protection
* Microsoft 365 Defender
* Microsoft 365 Security
* Microsoft Authenticator
* * Microsoft Defender for Cloud
* Microsoft Defender for Cloud Apps
* Microsoft Defender for Endpoint
* Microsoft Defender for Office 365
* Microsoft Endpoint Manager
* Microsoft Graph Security API
* Microsoft Defender for Cloud
* Microsoft Defender for Cloud Apps
* Microsoft Defender for Endpoint
* Microsoft Defender for Office 365
* Microsoft Endpoint Manager
* Microsoft Graph Security API
* * Microsoft Sentinel
* Office 365 Security
* Secure Score
* Windows Security
* XDR
* Microsoft Sentinel
* Office 365 Security
* Secure Score
* Windows Security
* XDR
Topics
* * See all
* AI and machine learning
* Automation
* Cloud Access Security Broker
* Compliance
* Cybersecurity policy
* Data governance
* Email security
* See all
* AI and machine learning
* Automation
* Cloud Access Security Broker
* Compliance
* Cybersecurity policy
* Data governance
* Email security
* * Encryption
* Endpoint security
* GDPR
* Identity and access management
* Incident response
* Information/data protection
* IoT
* Mobile security
* Encryption
* Endpoint security
* GDPR
* Identity and access management
* Incident response
* Information/data protection
* IoT
* Mobile security
* * Network security
* Phishing
* Privacy
* Ransomware
* Security deployment
* Security intelligence
* Security management
* Security operations
* Network security
* Phishing
* Privacy
* Ransomware
* Security deployment
* Security intelligence
* Security management
* Security operations
* * Security strategies
* SIEM
* Threat protection
* XDR
* Zero trust
* Security strategies
* SIEM
* Threat protection
* XDR
* Zero trust
Series
* * See all
* CISO series
* Compliance and data governance
* Identity and access management
* Integrated Threat Protection
* IoT security
* Microsoft Detection and Response Team (DART)
* See all
* CISO series
* Compliance and data governance
* Identity and access management
* Integrated Threat Protection
* IoT security
* Microsoft Detection and Response Team (DART)
* * Microsoft Intelligent Security Association (MISA)
* Microsoft Security Experts
* Microsoft security intelligence
* Secure remote work
* Security deployment
* Voice of the community
* Voice of the customer
* Microsoft Intelligent Security Association (MISA)
* Microsoft Security Experts
* Microsoft security intelligence
* Secure remote work
* Security deployment
* Voice of the community
* Voice of the customer
Related blogs
* * Azure Active Directory Identity
* Microsoft 365
* Microsoft Endpoint Management
* Microsoft Security Guidance
* Microsoft Security Response Center
* Security in Azure
* Tech Community
* Azure Active Directory Identity
* Microsoft 365
* Microsoft Endpoint Management
* Microsoft Security Guidance
* Microsoft Security Response Center
* Security in Azure
* Tech Community
Subscribe
Featured image for The many lives of BlackCat ransomware
June 13, 2022 • 14 min read
THE MANY LIVES OF BLACKCAT RANSOMWARE
The use of an unconventional programming language, multiple target devices and
possible entry points, and affiliation with prolific threat activity groups have
made the BlackCat ransomware a prevalent threat and a prime example of the
growing ransomware-as-a-service (RaaS) gig economy.
Read more The many lives of BlackCat ransomware
Featured image for 5 ways to connect with Microsoft Security at Identiverse 2022
June 13, 2022 • 4 min read
5 WAYS TO CONNECT WITH MICROSOFT SECURITY AT IDENTIVERSE 2022
Microsoft will be attending Identiverse 2022 and would love to connect with
partners and others interested in identity. Here are five ways to do that.
Read more 5 ways to connect with Microsoft Security at Identiverse 2022
Featured image for Announcing 2022 Microsoft Security Excellence Awards winners
June 6, 2022 • 4 min read
ANNOUNCING 2022 MICROSOFT SECURITY EXCELLENCE AWARDS WINNERS
Winners of the Microsoft Security Excellence Awards were announced as Microsoft
executives and MISA members gathered for the first time in more than two years.
Read more Announcing 2022 Microsoft Security Excellence Awards winners
Featured image for Exposing POLONIUM activity and infrastructure targeting
Israeli organizations
June 2, 2022 • 11 min read
EXPOSING POLONIUM ACTIVITY AND INFRASTRUCTURE TARGETING ISRAELI ORGANIZATIONS
Microsoft successfully detected and disabled attack activity abusing OneDrive by
a previously undocumented Lebanon-based activity group Microsoft Threat
Intelligence Center (MSTIC) tracks as POLONIUM.
Read more Exposing POLONIUM activity and infrastructure targeting Israeli
organizations
Featured image for Microsoft collaborates with Tenable to support federal
cybersecurity efforts
June 2, 2022 • 3 min read
MICROSOFT COLLABORATES WITH TENABLE TO SUPPORT FEDERAL CYBERSECURITY EFFORTS
In the spirit of the executive order and as part of our commitment to enhancing
cybersecurity across the US, we today announce that Tenable has expanded its
collaboration with the Microsoft Intelligent Security Association (MISA).
Together, Microsoft and Tenable will help enhance the US government’s ability to
quickly identify, investigate, prioritize, and remediate threats—and help
collectively raise the country’s security posture.
Read more Microsoft collaborates with Tenable to support federal cybersecurity
efforts
Featured image for Using Python to unearth a goldmine of threat intelligence
from leaked chat logs
June 1, 2022 • 11 min read
USING PYTHON TO UNEARTH A GOLDMINE OF THREAT INTELLIGENCE FROM LEAKED CHAT LOGS
Dealing with a great amount of data can be time consuming, thus using Python can
be very powerful to help analysts sort information and extract the most relevant
data for their investigation. The open-source tools library, MSTICpy, for
example, is a Python tool dedicated to threat intelligence. It aims to help
threat analysts acquire, enrich, analyze, and visualize data.
Read more Using Python to unearth a goldmine of threat intelligence from leaked
chat logs
Featured image for Streamlining employee onboarding: Microsoft’s response to the
Great Reshuffle
May 31, 2022 • 5 min read
STREAMLINING EMPLOYEE ONBOARDING: MICROSOFT’S RESPONSE TO THE GREAT RESHUFFLE
Verifiable credentials may help improve employee experience, an important factor
HR and IT business leaders must pay attention to as expectations evolve.
Read more Streamlining employee onboarding: Microsoft’s response to the Great
Reshuffle
Featured image for Android apps with millions of downloads exposed to
high-severity vulnerabilities
May 27, 2022 • 13 min read
ANDROID APPS WITH MILLIONS OF DOWNLOADS EXPOSED TO HIGH-SEVERITY VULNERABILITIES
Microsoft uncovered high-severity vulnerabilities in a mobile framework used by
multiple large mobile service providers in pre-installed Android System apps
that potentially exposed users to remote or local attacks.
Read more Android apps with millions of downloads exposed to high-severity
vulnerabilities
Featured image for Detecting and preventing privilege escalation attacks
leveraging Kerberos relaying (KrbRelayUp)
May 25, 2022 • 8 min read
DETECTING AND PREVENTING PRIVILEGE ESCALATION ATTACKS LEVERAGING KERBEROS
RELAYING (KRBRELAYUP)
The privilege escalation hacking tool KrbRelayUp is a wrapper that can
streamline the use of some features in Rubeus, KrbRelay, SCMUACBypass, PowerMad/
SharpMad, Whisker, and ADCSPwn tools in attacks. Although this attack won’t
function for Azure Active Directory (Azure AD) joined devices, hybrid joined
devices with on-premises domain controllers remain vulnerable.
Read more Detecting and preventing privilege escalation attacks leveraging
Kerberos relaying (KrbRelayUp)
Featured image for Anatomy of a DDoS amplification attack
May 23, 2022 • 8 min read
ANATOMY OF A DDOS AMPLIFICATION ATTACK
Amplification attacks are one of the most common distributed denial of service
(DDoS) attack vectors. These attacks are typically categorized as flooding or
volumetric attacks, where the attacker succeeds in generating more traffic than
the target can process, resulting in exhausting its resources due to the amount
of traffic it receives.
Read more Anatomy of a DDoS amplification attack
Featured image for How to improve risk management using Zero Trust architecture
May 23, 2022 • 5 min read
HOW TO IMPROVE RISK MANAGEMENT USING ZERO TRUST ARCHITECTURE
Risk management plays a critical role in helping organizations with their
security posture enhancement. Taking insider incidents as an example, they are
not only costly to organizations but also time-consuming to be contained. As
such, the ROI is maximized in effectively protecting the organizations’ assets
as well as ensuring their business operations. Risk management is an ongoing
activity. Are the long-established risk management programs in the enterprises
staying on top of the evolving digital and threat landscapes?
Read more How to improve risk management using Zero Trust architecture
Featured image for Beneath the surface: Uncovering the shift in web skimming
May 23, 2022 • 10 min read
BENEATH THE SURFACE: UNCOVERING THE SHIFT IN WEB SKIMMING
Web skimming campaigns now employ various obfuscation techniques to deliver and
hide the skimming scripts. It’s a shift from earlier tactics where attackers
conspicuously injected the malicious scripts into e-commerce platforms and
content management systems (CMSs) via vulnerability exploitation, making this
threat highly evasive to traditional security solutions.
Read more Beneath the surface: Uncovering the shift in web skimming
* 1
* 2
* 3
* …
* 243
* Next Page
GET STARTED WITH MICROSOFT SECURITY
Microsoft is a leader in cybersecurity, and we embrace our responsibility to
make the world a safer place.
Learn more Get started with Microsoft Security
Get all the news, updates, and more at
@MSFTSecurity twitter
What's new
* Surface Laptop Go 2
* Surface Pro 8
* Surface Laptop Studio
* Surface Pro X
* Surface Go 3
* Surface Duo 2
* Surface Pro 7+
* Windows 11 apps
Microsoft Store
* Account profile
* Download Center
* Microsoft Store support
* Returns
* Order tracking
* Virtual workshops and training
* Microsoft Store Promise
* Flexible Payments
Education
* Microsoft in education
* Devices for education
* Microsoft Teams for Education
* Microsoft 365 Education
* Education consultation appointment
* Educator training and development
* Deals for students and parents
* Azure for students
Business
* Microsoft Cloud
* Microsoft Security
* Dynamics 365
* Microsoft 365
* Microsoft Power Platform
* Microsoft Teams
* Microsoft Industry
* Small Business
Developer & IT
* Azure
* Developer Center
* Documentation
* Microsoft Learn
* Microsoft Tech Community
* Azure Marketplace
* AppSource
* Visual Studio
Company
* Careers
* About Microsoft
* Company news
* Privacy at Microsoft
* Investors
* Diversity and inclusion
* Accessibility
* Sustainability
English (United States)
* Sitemap
* Contact Microsoft
* Privacy
* Manage cookies
* Terms of use
* Trademarks
* Safety & eco
* About our ads
* © Microsoft 2022