This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA.   Software as a service (SaaS) adoption has accelerated at a lightning speed, enabling collaboration, automation, and innovation for businesses large and small across every industry vertical—from government, education, financial service to tech companies. Every SaaS application is now expanding its offering to allow better integration with the enterprise ecosystem and advanced collaboration features, becoming more of a “platform” than an “application.” To further complicate t ..read more

Today, I’m thrilled to announce the expansion of Microsoft Entra Verified ID to include Face Check—a privacy-respecting facial matching feature for high-assurance verifications, which is now in preview. Watch the video to learn more and read on for how you can get started today. Try Face Check for yourself. Verified ID: Verify once, use everywhere In our everyday lives, we use identity documents like driver’s licenses or passports as convenient and secure ways to prove our identity. Until now, we have not had a good digital equivalent. Microsoft Entra Verified ID provides a secure and ea ..read more

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA.  In a scenario familiar to many universities worldwide, Claremont Graduate University (CGU), a renowned research university located in Southern California, was struggling with how to bring Oracle PeopleSoft Campus Solutions into its Microsoft 365 and Microsoft Entra ID (formerly Azure Active Directory) environment and enable multifactor authentication and single sign-on (SSO) for students and staff who access Oracle PeopleSoft on a daily basis. The only option for t ..read more

The security landscape is changing fast. In 2023, we saw a record-high 30 billion attempted password attacks per month, a 35% increase in demand for cybersecurity experts, and a 23% annual rise in cases processed by the Microsoft Security Response Center and Security Operations Center teams.1 This increase is due in part to the rise of generative AI and large language models, which bring new opportunities and challenges for security professionals while affecting what we must do to secure access effectively.   Generative AI will empower individuals and organizations to increase productivit ..read more

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA.  Along with every merger and acquisition between two companies comes the need to combine and strengthen their IT infrastructure. In particular, there is an immediate and profound impact on the identity and access management (IAM) postures of both companies. With a newly combined workforce, where does all the user information live? Where are the authentications going to be handled? What changes are going to be made for authorization to applications; will users have a ..read more

The post Strengthening identity protection in the face of highly sophisticated attacks appeared first on Microsoft Security Blog ..read more

Protecting identity from compromise is top of mind for security professionals as identity attacks continue to intensify. Earlier this year we reported that we had observed a nearly three-fold increase in password attacks per second in the last two years, from 579 in 2021 to 4,000 in 2023.1 Identity and access stands between malicious actors and web and cloud resources, making it critical to have a solution that is seamlessly integrated. Microsoft Entra is a unified identity and network access solution that protects any identity and secures access to any application or resource, in any cloud or ..read more

Our experience and insights from real-world incidents tell us that the swift containment of compromised user accounts is key to disrupting hands-on-keyboard attacks, especially those that involve human-operated ransomware. In these attacks, lateral movement follows initial access as the next critical stage for attackers to advance their objective of targeting valuable assets and sensitive data. Successful lateral movement depends on attackers’ ability to compromise user accounts and elevate permissions: our observations of attacks show that all human-operated ransomware attacks where ransomwar ..read more

Microsoft security researchers recently identified a campaign where attackers attempted to move laterally to a cloud environment through a SQL Server instance. This attack technique demonstrates an approach we’ve seen in other cloud services such as VMs and Kubernetes cluster, but not in SQL Server. The attackers initially exploited a SQL injection vulnerability in an application within the target’s environment. This allowed the attacker to gain access and elevated permissions on a Microsoft SQL Server instance deployed in Azure Virtual Machine (VM). The attackers then used the acquired elevat ..read more

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA.  Passwords are a security weakness and phishing attacks to exploit accounts protected by passwords are on the rise. The last 12 months have seen an average of more than 4,000 password attacks per second an almost threefold increase from the previous year, a phishing continues to be the preferred attack method by cybercriminals.1 Clearly, better solutions are needed to help reduce reliance on passwords and increase security. Phishing-resistant multifactor authen ..read more