Microsoft Support & Discussions

Meet Jimmy. Jimmy is an employee in your company. He Does Things With Computers (official title). Last Wednesday, as Jimmy got out of his car after parking in the company-owned parking lot, he saw something on the ground. That something is a 512GB USB flash drive! Jimmy picks up the drive, whistling along to himself as he enters the office and settles down in his cubicle. At which point he plugs in his new, free USB flash drive. Without knowing it, Jimmy has just allowed a targeted malware into your companys network. Next up, we have Zee, who has been working on an important new account. She has a presentation coming up after the holidays and wants to …

Across services in Microsoft Threat Protection, the correlation of security signals enhances the comprehensive and integrated security for identities, endpoints, user data, cloud apps, and infrastructure. Our industry-leading visibility into the entire attack chain translates to enriched protection thats evident in many different attack scenarios, including flashy cyberattacks, massive malware campaigns, and even small-scale, localized attacks. Phishing is another area where this protection has proven effective. While phishing attacks have been part of the daily hum of cybercriminal activity for years, they remain some of the most prevalent threats to this day. Speci…

After a strong year of product updates and innovations, were excited to so see that Microsoft jumped into the Challenger position in Gartners 2018 Magic Quadrant for Cloud Access Security Brokers (CASB) and solidified its leadership position in KuppingerColes 2018 Leadership Compass in the same product category, backed by strong customer adoption rates. CASBs give organizations the ability to securely embrace the possibilities of their cloud apps and services and they can be crucial in driving a successful cloud security strategy. While the market for CASB is still relatively young, analyst firm Gartner, Inc. predicts that 60 percent of large enterprises will be…

This post was cowritten by Jonathan Trull, Chief Security Advisor, Cybersecurity Solutions Group, and Sean Sweeney, Chief Security Advisor, Cybersecurity Solutions Group. Were excited to announce the availability of the Center for Internet Securitys (CIS) Microsoft 365 Foundations Benchmarkdeveloped by CIS in partnership with Microsoftto provide prescriptive guidance for establishing a secure baseline configuration for Microsoft 365. CIS is a nonprofit entity focused on developing global standards and recognized best practices for securing IT systems and data against the most pervasive attacks. Microsoft 365 provides powerful online cloud services that enable co…

Nations from every corner of the world are increasingly leveraging digital transformation to grow their economies and empower businesses to improve services, including vital services provided by critical infrastructures. This adoption of new information communications technologies (ICT) has unfortunately been accompanied by a rapid expansion in the frequency and severity of cyberattacks, prompting government policymakers to seek solutions that address these new challenges. The recently released Guide to Developing a National Cybersecurity Strategy provides helpful guidance to support this work. Developing effective policies to respond to cybersecurity challenges requ…

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Continue reading...

Recently, we shared details on how effectiveness is measured for Office 365 Exchange Online Protection (EOP) and Advanced Threat Protection (ATP). We also followed up with a comprehensive update on Office 365s improved ability to stop phishing emails from impacting users. These reports highlighted: Enhanced anti-phish capabilities for EOP/ATP. Visibility and transparency into our testing methods. Performance improvements from the engineering updates. Today, well cover recent research on a testing methodologyemail journalingwhich is often used but can lead to misinterpreted results. What is email journaling? Email journaling (Figure 1) is when an organiz…

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide.

Today, were introducing two new offerings to help address the security and compliance needs in an age of increasingly sophisticated cybersecurity threats as well as complex information protection needs due to regulations like GDPR. The new Identity & Threat Protection and Information Protection & Compliance packages will be available for purchase on February 1, 2019. Read the details on the Microsoft 365 blog. The post Two new Microsoft 365 offerings help address security and compliance needs appeared first on Microsoft Secure. Continue reading...

As hacking events have increased in number and severity, we in the cybersecurity community have united around common strategies that all organizations can implement to reduce their risk. Universal best practices provide organizations with many useful tools to protect their businesses. But what often gets overlooked in these discussions are the unique security challenges that each industry faces, and the tailored solutions required to address those issues. This is an area of interest to me, and lately Ive been fascinated by the path that the insurance industry is carving out when it comes to cybersecurity. Today, Ill discuss recent activity by the U.S. insurance industry a…

Meet Jimmy. Jimmy is an employee in your company. He Does Things With Computers (official title). Last Wednesday, as Jimmy got out of his car after parking in the company-owned parking lot, he saw something on the ground. That something is a 512GB USB flash drive! Jimmy picks up the drive, whistling along to himself as he enters the office and settles down in his cubicle. At which point he plugs in his new, free USB flash drive. Without knowing it, Jimmy has just allowed a targeted malware into your companys network. Next up, we have Zee, who has been working on an important new account. She has a presentation coming up after the holidays and wants to …

Today, we released a security update for Internet Explorer after receiving a report from Google about a new vulnerability being used in targeted attacks. Customers who have Windows Update enabled and have applied the latest security updates, are protected automatically. We encourage customers to turn on automatic updates. Microsoft would like to thank Google for their assistance. More information about this security update can be found on the Security Update Guide: {{windowTitle}} Continue reading...

Across services in Microsoft Threat Protection, the correlation of security signals enhances the comprehensive and integrated security for identities, endpoints, user data, cloud apps, and infrastructure. Our industry-leading visibility into the entire attack chain translates to enriched protection thats evident in many different attack scenarios, including flashy cyberattacks, massive malware campaigns, and even small-scale, localized attacks. Phishing is another area where this protection has proven effective. While phishing attacks have been part of the daily hum of cybercriminal activity for years, they remain some of the most prevalent threats to this day. Speci…

Today, we released a security update for Internet Explorer after receiving a report from Google about a new vulnerability being used in targeted attacks. Customers who have Windows Update enabled and have applied the latest security updates, are protected automatically. We encourage customers to turn on automatic updates. Microsoft would like to thank Google for their assistance.

I meet with customers around the globe in all sectorsbanks with ATM networks, energy companies with critical infrastructure, natural resource companies with remote automated operations, healthcare organizations with medical devices, manufacturing companies with production environmentsand they all have the same concerns. They want to leverage robotics and automation to grow their businesses and drive efficiency, but they are concerned about the potential for Internet of Things (IoT) based attacks, which is only exacerbated by the global scale of the cloud. Its a good news/bad news problem for companies. Technology has provided them tools for automation at scale, and the cl…

Once in a while, a simple phrase captures our imagination, expressing a great way to think about a problem. Zero Trust is such a phrase. Today, Ill define Zero Trust and then discuss the first step to enabling a Zero Trust modelstrong identity and access management. In subsequent blogs, well cover each capability of a Zero Trust model in detail and how Microsoft helps you in these areas and end the series of blogs by discussing Microsofts holistic approach to Zero Trust and our framework. Zero Trust definedeverything is on the open internet In some ways, the easiest way to think about Zero Trust is to assume everything is on the open internet, even resources we th…

This series outlines the most fundamental steps you can take with your investment in Microsoft 365 security solutions. We will provide advice on activities such as setting up identity management through active directory, malware protection, and more. In this post, we explain how to enable single sign-on (SSO) in Azure Active Directory (Azure AD) to manage authentication across devices, cloud apps, and on-premises apps, and then how to set up Multi-Factor Authentication (MFA) to authenticate user sign-ins through a mobile app, phone call, or SMS. Balancing employee productivity needs with enterprise security begins with protecting identities. Gone are the days when us…

If you need to allot time to take care of the items on your to-do list, wouldn’t it be great if you could drag and drop those tasks right into your calendar? Now, you can. The new Tasks experience in Outlook.com helps you manage tasks without breaking your flow or leaving your inbox. Powered by To-Do, you can now create tasks by dragging and dropping an email to your task list. Or, easily schedule items by dragging a task to your calendar. Your tasks then travel with you on the To-Do app. Check it out in action: If you like this, check out more Windows 10 Tips and the Windows 10 October 2018 Update. The post Windows 10 Tip: Schedule items by dragging a tas…

Earlier this year, Microsoft and NXP announced a private preview of Windows 10 IoT Core on NXP i.MX6 and i.MX7 applications processor families. Hundreds of participants expressed their interest in the combination of 10 years of Windows security updates and the flexibility and reliability of NXP silicon. During the preview, Microsoft and NXP engineers spent thousands of hours tuning and improving the board support package (BSP) based on input from the hundreds of commercial customers evaluating the solution. We worked with customers interested in modernizing legacy industrial controllers, developing new cloud-connected building automation solutions, and gateways with cl…

Predictive technologies are already effective at detecting and blocking malware at first sight. A new malware prediction competition on Kaggle will challenge the data science community to push these technologies even furtherto stop malware before it is even seen. The Microsoft-sponsored competition calls for participants to predict if a device is likely to encounter malware given the current machine state. Participants will build models using 9.4GB of anonymized data from 16.8M devices, and the resulting models will be scored by their ability to make correct predictions. Winning teams get $25,000 in total prizes. The competition provides academics and researcher…

In 2019, look for Samsung’s new Notebook 9 Pen. Users can reach their true creative potential with this premium 2-in-1 PC with a built-in S Pen. It’s perfect for users who want a device that adapts to the way they work, with its combined style, power, flexibility and portability. With the S Pen, it’s easier than ever to jot notes, draw and even control the PC. The S pen reacts the moment it touches the vibrant display—as if putting an actual pen to paper—thanks to reduced latency (up to twice from the previous model). You can also customize options for the S Pen, so you can swap in your choice of up to three different pen tips to get the drawing feel you prefer. S P…

December was another month of significant development for Microsoft Threat Protection capabilities. As a quick recap, Microsoft Threat Protection is an integrated solution securing the modern workplace across identities, endpoints, user data, cloud apps, and infrastructure. Last month, we shared updates on capabilities for securing identities, endpoints, user data, and cloud apps. This month, we provide an update for Azure Security Center which secures organizations from threats across hybrid cloud workloads. Additionally, we overview a real-world scenario showcasing Microsoft Threat Protection in action. Enhancing your infrastructure security using Azure Security Cent…

Today, we released security updates to provide additional protections against malicious attackers. As a best practice, we encourage customers to turn on automatic updates. More information about this month’s security updates can be found on the Security Update Guide. Continue reading...

Thank you for your continued interest in Windows Admin Center! This month, Windows Insiders get early access to our 1809.5 release before it is made generally available. Release Summary 1809.5 is a cumulative update to our 1809 GA release in September. This release includes various quality and functional improvements and bug fixes throughout the product: General Accessibility improvements Notification message improvements Certificate handling improvements for upgrades New splash screen when loading Windows Admin Center Hyper-V Add/remove virtual disk or drive for running VMs VM Connect web console now works in the Virtual Machines tool on Failove…