Microsoft Support & Discussions
Free PC Help Forum microsoft products support and discussions. If you need help with Microsoft Windows, Windows Server software, Microsoft 365, Microsoft Azure or any other Microsoft product you can post here. If you want to discuss Microsoft and their line of products you can do that here also.
84,928 topics in this forum
-
-
- FPCH Admin
- 0 replies
- 259 views
The Cloud Site List Management experience allows you to host your Internet Explorer (IE) mode site list in an authenticated cloud endpoint in the Microsoft 365 admin center and is now generally available for you to use. With this experience and the companion Configure IE mode deployment guide, you can create, host, and deploy your IE mode site list and related policies directly from the Microsoft 365 admin center. This is the latest addition to the tools shared in previous blogs to help businesses in their Internet Explorer to Microsoft Edge journey. Store and manage your site list in the cloud The Cloud Site List Management experience enables you to manage your s…
Last reply by AWS, -
-
Best practices for AI security risk management
by Guest Emma Jones- 0 replies
- 0 views
Today, we are releasing an AI security risk assessment framework as a step to empower organizations to reliably audit, track, and improve the security of the AI systems. In addition, we are providing new updates to Counterfit, our open-source tool to simplify assessing the security posture of AI systems. There is a marked interest in securing AI systems from adversaries. Counterfit has been heavily downloaded and explored by organizations of all sizes—from startups to governments and large-scale organizations—to proactively secure their AI systems. From a different vantage point, the Machine Learning Evasion Competition we organized to help security professionals exerc…
-
New research shows IoT and OT innovation is critical to business but comes with significant risks
by Guest Emma Jones- 0 replies
- 0 views
The need for much improved IoT and operational technology (OT) cybersecurity became clearer this year with recent attacks on network devices,1 surveillance systems,2 an oil pipeline,3 and a water treatment facility,4 to name a few examples. To better understand the challenges customers are facing, Microsoft partnered with the Ponemon Institute to produce empirical data to help us better understand the state of IoT and OT security from a customer’s perspective. With this data, we hope to better target our cybersecurity investments and to improve the efficacy within Microsoft Defender for IoT, and our other IoT-related products. Ponemon conducted the research by surveyin…
-
Improve kernel security with the new Microsoft Vulnerable and Malicious Driver Reporting Center
by Guest Emma Jones- 0 replies
- 0 views
Windows 10 and Windows 11 have continued to raise the security bar for drivers running in the kernel. Kernel-mode driver publishers must pass the Hardware Lab Kit (HLK) compatibility tests, malware scanning, and prove their identity through extended validation (EV) certificates. This has significantly reduced the ability for malicious actors to run nefarious kernel code on Windows 10 and Windows 11 devices. Vulnerable driver attacks Increasingly, adversaries are leveraging legitimate drivers in the ecosystem and their security vulnerabilities to run malware. Multiple malware attacks, including RobinHood, Uroburos, Derusbi, GrayFish, and Sauron, have leveraged driv…
-
New Secured-core servers are now available from the Microsoft ecosystem to help secure your infrastructure
by Guest Emma Jones- 0 replies
- 0 views
In the current pandemic-driven remote work environments, security has become increasingly important. Earlier this year, Colonial Pipeline, one of the leading suppliers of fuel on the East Coast of the United States, was hit by a ransomware attack.1 This caused a massive disruption of the fuel supply chain and a surge in gasoline prices. In another unrelated incident, Chinese start-up Socialarks suffered a massive data breach,2 which exposed personally identifiable information (PII) of over 214 million users of some of the most popular worldwide social networks. These data breaches are extremely expensive, with the average cost of a data breach estimated at USD4.2 million …
-
NICKEL targeting government organizations across Latin America and Europe
by Guest Eric Avena- 0 replies
- 0 views
The Microsoft Threat Intelligence Center (MSTIC) has observed NICKEL, a China-based threat actor, targeting governments, diplomatic entities, and non-governmental organizations (NGOs) across Central and South America, the Caribbean, Europe, and North America. MSTIC has been tracking NICKEL since 2016 and observed some common activity with other actors known in the security community as APT15, APT25, and KeChang. Today, the Microsoft Digital Crimes Unit (DCU) announced the successful seizure of a set of NICKEL-operated websites and disruption of their ongoing attacks targeting organizations in 29 countries, following a court order from the U.S. District Court for the Easte…
-
Behind the unprecedented effort to protect customers against the NOBELIUM nation-state attack
by AWS-
- FPCH Admin
- 0 replies
- 258 views
This is the third in a four-part blog series on the NOBELIUM nation-state cyberattack. In December 2020, Microsoft began sharing details with the world about what became known as the most sophisticated nation-state cyberattack in history. Microsoft’s four-part video series “Decoding NOBELIUM” pulls the curtain back on the NOBELIUM incident and how world-class threat hunters from Microsoft and around the industry came together to take on the most sophisticated nation-state attack in history. In this third post, we’ll explore Microsoft’s response to the NOBELIUM attack covered in the of the docuseries. Defending against a major cyberattack requires the same level of re…
Last reply by AWS, -
-
Structured threat hunting: One way Microsoft Threat Experts prioritizes customer defense
by Guest Eric Avena- 0 replies
- 0 views
Today’s threat landscape is incredibly fast-paced. New campaigns surface all the time, and the amount of damage that they can cause is not always immediately apparent. Security operations centers (SOCs) must be equipped with the tools and insight to identify and resolve potentially high-impact threats before attackers set up persistence mechanisms, exfiltrate data, or deploy payloads such as ransomware. Every day at Microsoft, threat hunters work alongside advanced systems to analyze billions of signals, looking for threats that might affect customers. Due to the sheer volume of data, we’re meticulous about surfacing threats that customers need to be notified about as …
-
How Red Canary and Microsoft can help reduce your alert fatigue
by Guest Emma Jones- 0 replies
- 1 view
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Security alert fatigue Organizations often feel overwhelmed by the number of security alerts they receive. Frustrated by alert fatigue, these organizations want a deeper understanding of security threats and extended coverage to protect themselves. Enterprises typically maintain 70 security products from 35 different vendors1 and burnout from alert fatigue can lead to choices that put a company’s security at risk. Prospective customers have told us they mute security alerts or create rules to ignore or turn off alerts. Some security operations leaders…
-
Stay safe online this holiday shopping season with tips from Microsoft
by Guest Emma Jones- 0 replies
- 0 views
You may have already noticed this holiday shopping season feels different than those we’ve had before. Headlines about supply chain issues, worker shortages, costs rising—all while the pandemic continues to impact our lives. In my own inbox, I saw emails from brands touting Black Friday sales as early as October! An attempt to get ahead of any shipping delays that are widely expected to impact the holiday season. It’s no surprise that according to a recent Microsoft survey,1 at least 63 percent of holiday shopping will be done online. While we all grapple with these challenges and what they mean for our holiday traditions and celebrations, there is another group that i…
-
MVP Health Care secures member portal access with Microsoft Azure Active Directory B2C
by Guest Alex Dreiling-Flynn- 0 replies
- 0 views
Hello! I’m Sue Bohn, Microsoft Vice President of Program Management for Identity and Network Access. In today’s Voice of the Customer blog post, Chief Technology Officer and Chief Information Security Officer David Swits of MVP Health Care shares how Microsoft Azure Active Directory B2C helped the organization modernize and simplify portal authentication. MVP Health Care modernizes and simplifies the way members gain access to health plan information As both Chief Technology Officer and the Chief Information Security Officer at MVP Health Care, I believe you must design your technology solutions with security as the foundation and then overlay the functionality. W…
-
How to investigate service provider trust chains in the cloud
by Guest Emma Jones- 0 replies
- 0 views
In a recent Microsoft blog post, we documented technical guidance for organizations to protect themselves from the latest NOBELIUM activity that was found to target technology service providers, which are privileged in their downstream customer tenants, as a method to gain access to their downstream customers and other organizations within the trust chain. Microsoft Detection and Response Team (DART) has been assisting multiple organizations around the world in investigating the impact of NOBELIUM’s activities. While we have already engaged directly with affected customers to assist with incident response related to NOBELIUM’s recent activity, our goal with this blog i…
-
Join us at InfoSec Jupyterthon 2021
by Guest Eric Avena- 0 replies
- 0 views
We’re excited to invite our community of infosec analysts and engineers to the second annual InfoSec Jupyterthon taking place on December 2-3, 2021. This is an online event organized by our friends in the Open Threat Research Forge, together with folks from the Microsoft Threat Intelligence Center (MSTIC). Although this is not a Microsoft event, our Microsoft Security teams are delighted to be involved with helping organize it and deliver talks and workshops. Registration is free and it will be streamed on YouTube Live both days from 10:30 AM to 8:00 PM Eastern Time. Figure 1. InfoSec Jupyterthon 2021 event image. This image was created by Scriberia for The Tur…
-
Microsoft named a Leader in IDC MarketScape for Modern Endpoint Security for Enterprise and Small and Midsize Businesses
by Guest Emma Jones- 0 replies
- 0 views
The security stakes have never been higher and, consequently, the protection of endpoints as a key component of any extended detection and response (XDR) strategy has never been more critical—for organizations of all sizes. Microsoft is thrilled to be recognized as a Leader in IDC’s MarketScape reports for Modern Endpoint Security for both enterprise1 and small and midsize businesses (SMB).2 The IDC MarketScape recognized Microsoft’s commitment to cross-platform support with Microsoft Defender for Endpoint, noting that “As telemetry is the rocket fuel for AI- and machine learning-infused endpoint security solutions, Microsoft’s breadth and volume are unequaled geograph…
-
Microsoft unpacks comprehensive security at Gartner and Forrester virtual events
by Guest Alex Dreiling-Flynn- 0 replies
- 0 views
Every day, Microsoft is committed to maintaining comprehensive security for all across our interconnected global community. With that purpose in mind, we recently sponsored the 2021 Gartner Security and Risk Summit and 2021 Forester Security and Risk Forum, where we discussed ongoing changes in the security landscape. As a Leader in five Gartner® Magic Quadrant reports and eight Forrester Wave categories, our team was keen to share insights about new threats, the evolution of Zero Trust security, managing compliance, risk, and privacy, and building tomorrow’s talent. Comprehensive security Vasu Jakkal, Corporate Vice President (CVP) of Microsoft Security, Comp…
-
Iranian targeting of IT sector on the rise
by Guest Eric Avena- 0 replies
- 1 view
Iranian threat actors are increasing attacks against IT services companies as a way to access their customers’ networks. This activity is notable because targeting third parties has the potential to exploit more sensitive organizations by taking advantage of trust and access in a supply chain. Microsoft has observed multiple Iranian threat actors targeting the IT services sector in attacks that aim to steal sign-in credentials belonging to downstream customer networks to enable further attacks. The Microsoft Threat Intelligence Center (MSTIC) and Digital Security Unit (DSU) assess this is part of a broader espionage objective to compromise organizations of interest to the…
-
Guidance for Azure Active Directory (AD) keyCredential property Information Disclosure in Application and Service Principal APIs
by Guest MSRC Team- 0 replies
- 0 views
Microsoft recently mitigated an information disclosure issue, CVE-2021-42306, to prevent private key data from being stored by some Azure services in the keyCredentials property of an Azure Active Directory (Azure AD) Application and/or Service Principal, and prevent reading of private key data previously stored in the keyCredentials property.The keyCredentials property is used to configure an … Guidance for Azure Active Directory (AD) keyCredential property Information Disclosure in Application and Service Principal APIs Read More » Continue reading...
-
Adopting a Zero Trust approach throughout the lifecycle of data
by Guest Emma Jones- 0 replies
- 0 views
Instead of believing everything behind the corporate firewall is safe, the Zero Trust model assumes breach and verifies each request as though it originates from an uncontrolled network. Regardless of where the request originates or what resource it accesses, Zero Trust teaches us to “never trust, always verify.” At Microsoft, we consider Zero Trust an essential component of any organization’s security plan based on these three principles: Verify explicitly: Always authenticate and authorize based on all available data points, including user identity, location, device health, service or workload, data classification, and anomalies. Use least privileged access: Lim…
-
Microsoft recently mitigated an information disclosure issue, CVE-2021-42306, to prevent private key data from being stored by some Azure services in the keyCredentialsproperty of an Azure Active Directory (Azure AD) Applicationand/or Service Principal, and prevent reading of private key data previously stored in the keyCredentials property. The keyCredentials property is used to configure an application’s authentication credentials.
Last reply by Cloaked, -
Protect against phishing with Attack Simulation Training in Microsoft Defender for Office 365
by AWS-
- FPCH Admin
- 0 replies
- 383 views
Sophisticated cyberattacks are on the rise, with email phishing as the most common attack vector. We’ve seen it all over the news with stories like Hafnium that targeted Exchange servers1 or the Nobelium attack against SolarWinds,2 which show just how easy it is for bad actors to distribute a malicious URL and gain sustained access to networks to install ransomware across a wide number of industries and verticals. Working from home poses a greater security risk as organizations are required to rely more heavily on email communication to run their businesses, and cybercriminals have an increased opportunity to phish users. Attack Simulation Training helps mitigate phish…
Last reply by AWS, -
-
The importance of identity and Microsoft Azure Active Directory resilience
by Guest Emma Jones- 0 replies
- 0 views
I love hearing my colleagues explain how they came to the industry because so many of their stories are unusual. I’m surprised how often I hear that people got into computer science by some fortuitous accident. Although he loved computers from the time he was a kid, Oren Melzer never expected to work in the software industry. Today, he’s a Principal Group Engineering Manager in the Identity and Network Access organization, working on one of our team’s most important efforts: resilience. When he was growing up, Oren’s business-minded parents encouraged him to develop an entrepreneurial spirit. And he did. Oren’s journey reminds us that entrepreneurship isn’t limited to …
-
Evolving trends in Iranian threat actor activity – MSTIC presentation at CyberWarCon 2021
by Guest Eric Avena- 0 replies
- 0 views
Over the past year, the Microsoft Threat Intelligence Center (MSTIC) has observed a gradual evolution of the tools, techniques, and procedures employed by malicious network operators based in Iran. At CyberWarCon 2021, MSTIC analysts presented their analysis of these trends in Iranian nation state actor activity during a session titled “The Iranian evolution: Observed changes in Iranian malicious network operations”. This blog is intended to summarize the content of that research and the topics covered in their presentation and demonstrate MSTIC’s ongoing efforts to track these actors and protect customers from the related threats. MSTIC consistently tracks threat acto…
-
How Open Systems uses Microsoft tools to improve security maturity
by Guest Emma Jones- 0 replies
- 0 views
This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. We’ve all seen it happen—an organization has all the top-notch security tools in place and still, they get breached. In today’s rapidly evolving threat landscape, complexity leads to vulnerability. With so many tools to monitor, it’s easy for even the best security operations center (SOC) to get overwhelmed by non-actionable alerts1 and hampered by insufficient personnel to secure a growing digital estate. Research on “security tool sprawl” shows that, on average, organizations run 25 to 49 security tools from up to 10 different vendors.2 In a time of risi…
-
AI-driven adaptive protection against human-operated ransomware
by Guest Eric Avena- 0 replies
- 0 views
In human-operated ransomware attacks, threat actors use predictable methods to enter a device but eventually rely on hands-on-keyboard activities to move inside a network. To fortify our existing cloud-delivered automated protection against complex attacks like human-operated ransomware, we developed a cloud-based machine learning system that, when queried by a device, intelligently predicts if it is at risk, then automatically issues a more aggressive blocking verdict to protect the device, thwarting an attacker’s next steps. The data-driven decisions the system makes are based on extensive research and experimentation to maximize blocking effectiveness without impact…
-
BlueHat is Back!
by Guest Stephanie Calabrese- 0 replies
- 0 views
After a short hiatus, BlueHat is coming back with a vengeance! And we’ve got big plans for the entire researcher community. But first, I must apologize. It’s been a while since you have heard from us. We didn’t have BlueHat 2020 or 2021, and we know that was disappointing. It was partly due to the … BlueHat is Back! Read More » Continue reading...