How to investigate service provider trust chains in the cloud
This blog outlines DART’s recommendations for incident responders to investigate potential abuse of these delegated admin permissions, independent of the threat actor.
-
-
Protect your business from password sprays with Microsoft DART recommendations
This blog discusses DART’s investigation techniques and approach to responding to password spray attacks while outlining recommendations for protecting against them. -
A guide to combatting human-operated ransomware: Part 2
In this post, we will tackle the risks of human-operated ransomware and detail DART’s security recommendations for tactical containment actions and post-incident activities in the event of an attack. -
A guide to combatting human-operated ransomware: Part 1
As human-operated ransomware is on the rise, Microsoft’s Detection and Response Team (DART) shares how they investigate these attacks and what to consider when faced with a similar event in your organization. -
CRSP: The emergency team fighting cyber attacks beside customers
CRSP is a worldwide team of cybersecurity experts operating in most countries, across all organizations, with deep expertise to secure an environment post-security breach and to help you prevent a breach in the first place. -
Web shell attacks continue to rise
A year ago, we reported the steady increase in the use of web shells in attacks worldwide. -
Advice for incident responders on recovery from systemic identity compromises
Customers across the globe are asking for guidance on recovering their infrastructure after being impacted by Solorigate. -
A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture
This blog post will explain simple Microsoft security defaults and Secure Score—two features you should take advantage of that are easy to utilize and can significantly improve security in Azure AD and Office 365 configurations. -
Microsoft Office 365—Do you have a false sense of cloud security?
Security is not just flipping the switch of security features to “on” and think you are done. -
Ghost in the shell: Investigating web shell attacks
Web shell attacks allow adversaries to run commands and steal data from an Internet-facing server or use the server as launch pad for further attacks against the affected organization. -
Protect against BlueKeep
DART offers steps you can take to protect your network from BlueKeep, the “wormable” vulnerability that can create a large-scale outbreak due to its ability to replicate and propagate. -
DART: the Microsoft cybersecurity team we hope you never meet
Meet Microsoft’s Detection and Response Team (DART) and read their advice that may help you avoid working with them in future.
