Category: Microsoft
Category Archives: Microsoft
OneDrive / Android automated camera roll back up without sync
Hello I am unsure if this is a Microsoft or Android issue so apologies if this isn’t the place.
I wish to have my Android (s21) camera roll automatically back up to OneDrive but without the two syncing together.
If I wish to delete a photo from my phone I do not want this to delete from OneDrive but currently they do and I cannot find a solution to just have the camera roll back up without the sync in place.
Is anyone able to produce a dummies guide to achieving this as I am not grasping other instructions I have found online.
Many thanks for any assistance.
Hello I am unsure if this is a Microsoft or Android issue so apologies if this isn’t the place. I wish to have my Android (s21) camera roll automatically back up to OneDrive but without the two syncing together. If I wish to delete a photo from my phone I do not want this to delete from OneDrive but currently they do and I cannot find a solution to just have the camera roll back up without the sync in place. Is anyone able to produce a dummies guide to achieving this as I am not grasping other instructions I have found online. Many thanks for any assistance. Read More
Email Verification
Hi,
Is there anyway to turn off email verification for personal bookings. My users are trying to uses bookings with clients and the verifications are making it diffcult with some customers.
Hi, Is there anyway to turn off email verification for personal bookings. My users are trying to uses bookings with clients and the verifications are making it diffcult with some customers. Read More
i do not understand how to do modern authentication
I have a mac that I use Firefox and Safari.
I do not understand how to do Modern Authentication.
I need an understandable step by step guide to do it.
I have a mac that I use Firefox and Safari.I do not understand how to do Modern Authentication.I need an understandable step by step guide to do it. Read More
Introducing the AI-powered assistant on ISV Hub
About Alejandro: Alejandro Martinez is a Director of Business Program Management at Microsoft and leads ISV Success, a global benefits offering that helps ISVs innovate through AI, build apps, publish them to the Commercial Marketplace and grow the sales of those apps. Alejandro also co-owns a mental health practice focused on supporting the LGBTQ+ and neurodivergent communities.
___________________________________________________________________________________________________
We are excited to announce the launch of our AI-powered assistant on ISV Hub, designed to support ISVs at every stage of their journey to the Microsoft commercial marketplace. Whether you’re exploring ISV Success for the first time, building innovative solutions, publishing on the commercial marketplace, or focused on growing your business, our AI-powered assistant is here to help.
What can the AI-powered assistant do?
Our AI-powered assistant is equipped to respond to prompts with AI-generated answers, connect ISVs with their assigned engagement manager, and help you reach support if needed. Additionally, it surfaces discoverability opportunities with curated prompts such as “How can ISV Success help me?” and “contact my engagement manager.”
Availability
The AI-powered assistant will be generally available on all ISV Hub webpages at launch. This means that ISVs can access the assistant’s capabilities across the entire ISV Hub, making it easier than ever to get the support and information you need at your fingertips.
Enhancing the ISV experience
With the AI-powered assistant, we aim to enhance the overall experience for ISVs by providing timely and accurate information, facilitating connections with key contacts like your engagement manager (if you are actively enrolled in ISV Success) and support channels, offering support throughout your journey. This innovative tool is a testament to our commitment to helping ISVs succeed and thrive in the continually evolving software industry.
Stay tuned for more updates and features as we continue to improve and expand the capabilities of our AI-powered assistant on ISV Hub and beyond.
Note: available in EN-US for desktop as of September 10, 2024.
Microsoft Tech Community – Latest Blogs –Read More
Manual Trigger File Input Attach to an Email – I have tried everything!
I have a flow triggered by a Manual “For a Selected File” Trigger that ALSO has an “Add an input” to import an additional file. (My team needs to be able to email a SharePoint file, but also upload additional supporting documents when running the flow).
When I go to Attachments in the “Send an email (V2)” I am able to get the “Attachment name” to work but the file still will not open. The file appears to come through properly – just wont open!
According to ChatGPT “The output shows Base64-encoded data” so I don’t think that is the issue.
Also – the Old Editor and the New Editor give totally different Dynamic Content options (see images) but none work! I did get it to work one time but I cannot recreate it.
What am I missing? What can I try??
I have a flow triggered by a Manual “For a Selected File” Trigger that ALSO has an “Add an input” to import an additional file. (My team needs to be able to email a SharePoint file, but also upload additional supporting documents when running the flow).When I go to Attachments in the “Send an email (V2)” I am able to get the “Attachment name” to work but the file still will not open. The file appears to come through properly – just wont open!According to ChatGPT “The output shows Base64-encoded data” so I don’t think that is the issue. Also – the Old Editor and the New Editor give totally different Dynamic Content options (see images) but none work! I did get it to work one time but I cannot recreate it. What am I missing? What can I try?? Read More
Practical Graph: Working with Microsoft Lists using the Microsoft Graph PowerShell SDK
Microsoft Lists are a powerful tool for end users to store and manage data stored in SharePoint Online sites. The Microsoft Graph PowerShell SDK includes cmdlets to work with Microsoft Lists and this article explains how to use the cmdlets to add new lists, add items to lists, retrieve data from lists, and remove items from lists.
https://practical365.com/microsoft-lists-powershell-sdk/
Microsoft Lists are a powerful tool for end users to store and manage data stored in SharePoint Online sites. The Microsoft Graph PowerShell SDK includes cmdlets to work with Microsoft Lists and this article explains how to use the cmdlets to add new lists, add items to lists, retrieve data from lists, and remove items from lists.
https://practical365.com/microsoft-lists-powershell-sdk/ Read More
How to set the default time in a date/time column
I have a SharePoint Online list which has a date/time column. I am trying to set the default date and time for this column as below
After saving my changes, it always changes the time back to 12:00 AM…
How can I get the desired time of 9:00 AM to show, that way, each time an item is created in the list the correct default date and time is displayed?
I have a SharePoint Online list which has a date/time column. I am trying to set the default date and time for this column as below After saving my changes, it always changes the time back to 12:00 AM… How can I get the desired time of 9:00 AM to show, that way, each time an item is created in the list the correct default date and time is displayed? Read More
Dallas Chapter Meeting on SecOps – Join online or in person!
IAMCP‘s TOLA Chapter (Texas, Oklahoma, Louisiana, Arkansas) rotates monthly and hosts chapter meetings in Austin, Houston and Dallas. All meetings are hybrid and anyone is welcome to attend, no matter where you are!
Please join us for this month’s TOLA chapter meeting at Microsoft Dallas or on Teams on Thursday, September 26, 11:30 am – 1:00 pm. Our guest speaker will be Spencer Brown, Global Engineering, SecOps, from Sophos.
Security Operations (SecOps) teams are responsible for ensuring timely, accurate, and context-aware detection and response of cyber threats. During this session, you’ll hear why Microsoft data must be a key source of alerts and telemetry for SecOps teams. Such data, however, needs to be analyzed in the wider context of other tools the organization uses, 24 hours a day, 365 days a year. Partnering with Sophos to address this challenge helps Microsoft Channel Partners support their customers, complement existing Microsoft implementations, and increase revenue.
Lunch will be included.
Join us online or in-person (lunch included) in Dallas at the Microsoft office.
If you aren’t a member of IAMCP yet, you can join for just $1 and gain access to all IAMCP events for 90 days. (Select this option during registration)
You’re invited to join us in-person or virtually on September 26! IAMCP’s TOLA Chapter (Texas, Oklahoma, Louisiana, Arkansas) rotates monthly and hosts chapter meetings in Austin, Houston and Dallas. All meetings are hybrid and anyone is welcome to attend, no matter where you are! Please join us for this month’s TOLA chapter meeting at Microsoft Dallas or on Teams on Thursday, September 26, 11:30 am – 1:00 pm. Our guest speaker will be Spencer Brown, Global Engineering, SecOps, from Sophos. Security Operations (SecOps) teams are responsible for ensuring timely, accurate, and context-aware detection and response of cyber threats. During this session, you’ll hear why Microsoft data must be a key source of alerts and telemetry for SecOps teams. Such data, however, needs to be analyzed in the wider context of other tools the organization uses, 24 hours a day, 365 days a year. Partnering with Sophos to address this challenge helps Microsoft Channel Partners support their customers, complement existing Microsoft implementations, and increase revenue.Lunch will be included. Join us online or in-person (lunch included) in Dallas at the Microsoft office.If you aren’t a member of IAMCP yet, you can join for just $1 and gain access to all IAMCP events for 90 days. (Select this option during registration) Register Here > Read More
Let’s talk SecOps in Dallas or Virtually, September 26
IAMCP‘s TOLA Chapter (Texas, Oklahoma, Louisiana, Arkansas) rotates monthly and hosts chapter meetings in Austin, Houston and Dallas. All meetings are hybrid and anyone is welcome to attend, no matter where you are!
Please join us for this month’s TOLA chapter meeting at Microsoft Dallas or on Teams on Thursday, September 26, 11:30 am – 1:00 pm. Our guest speaker will be Spencer Brown, Global Engineering, SecOps, from Sophos.
Security Operations (SecOps) teams are responsible for ensuring timely, accurate, and context-aware detection and response of cyber threats. During this session, you’ll hear why Microsoft data must be a key source of alerts and telemetry for SecOps teams. Such data, however, needs to be analyzed in the wider context of other tools the organization uses, 24 hours a day, 365 days a year. Partnering with Sophos to address this challenge helps Microsoft Channel Partners support their customers, complement existing Microsoft implementations, and increase revenue.
Lunch will be included.
Join us online or in-person (lunch included) in Dallas at the Microsoft office.
If you aren’t a member of IAMCP yet, you can join for just $1 and gain access to all IAMCP events for 90 days. (Select this option during registration)
You’re invited to join us in-person or virtually on September 26! IAMCP’s TOLA Chapter (Texas, Oklahoma, Louisiana, Arkansas) rotates monthly and hosts chapter meetings in Austin, Houston and Dallas. All meetings are hybrid and anyone is welcome to attend, no matter where you are! Please join us for this month’s TOLA chapter meeting at Microsoft Dallas or on Teams on Thursday, September 26, 11:30 am – 1:00 pm. Our guest speaker will be Spencer Brown, Global Engineering, SecOps, from Sophos. Security Operations (SecOps) teams are responsible for ensuring timely, accurate, and context-aware detection and response of cyber threats. During this session, you’ll hear why Microsoft data must be a key source of alerts and telemetry for SecOps teams. Such data, however, needs to be analyzed in the wider context of other tools the organization uses, 24 hours a day, 365 days a year. Partnering with Sophos to address this challenge helps Microsoft Channel Partners support their customers, complement existing Microsoft implementations, and increase revenue.Lunch will be included. Join us online or in-person (lunch included) in Dallas at the Microsoft office.If you aren’t a member of IAMCP yet, you can join for just $1 and gain access to all IAMCP events for 90 days. (Select this option during registration) Register Here > Read More
An VM stuck in “creating”
Hello,
After the outage issue this morning, one of the VMs in our labs has been stuck all day in the “Creating…” state. There is nothing I can do to affect it It is okay to delete that particular VM or reimage, but those options do not work for me. Any information would be appreciated.
Hello, After the outage issue this morning, one of the VMs in our labs has been stuck all day in the “Creating…” state. There is nothing I can do to affect it It is okay to delete that particular VM or reimage, but those options do not work for me. Any information would be appreciated. Read More
Microsoft Purview DLP policy for Azure SQL
Hello,
I understand that Microsoft Purview DLP policies can be commonly used for Exchange, OneDrive, Teams, SharePoint, Endpoints, etc. which are commonly used exfiltration channels.
But can we also use a dlp policy for Azure SQL databases, is there any use case for a DLP policy for Azure SQL database or any other structured data?
Hello, I understand that Microsoft Purview DLP policies can be commonly used for Exchange, OneDrive, Teams, SharePoint, Endpoints, etc. which are commonly used exfiltration channels. But can we also use a dlp policy for Azure SQL databases, is there any use case for a DLP policy for Azure SQL database or any other structured data? Read More
Need to delete a duplicate entries in my outlook calander
Hi, I have mistakenly clicked the keep all conflicts button while create a meeting invite, and it created a 19k+ duplicate invite on my Calander, need to remove those,
Need PowerShell command to perform this operation.
Hi, I have mistakenly clicked the keep all conflicts button while create a meeting invite, and it created a 19k+ duplicate invite on my Calander, need to remove those, Need PowerShell command to perform this operation. Read More
ISSUE RESOLVED: Azure Lab Services – lab plan outage – September 12, 2024
Hello,
Azure Lab Services is currently experiencing an outage affecting customers using Lab Plans for their service. Customers using Lab Accounts are not affected. This issue impacts all operations across all regions.
The root cause has been identified, and a hotfix is being rolled out. We expect service to be fully restored by the end of the business day (CDT) on September 12, 2024. We will provide updates about the outage in this blog post until the issue is fully resolved.
We apologize for any inconvenience and disruption this may cause.
Microsoft Tech Community – Latest Blogs –Read More
Outlook Notification. What action am I to take?
I have a hotmail email address and receive my emails through Outlook. What actions must I take to continue to do so? The latest notification I received with a deadline fast approaching is a bit confusing.
I have a hotmail email address and receive my emails through Outlook. What actions must I take to continue to do so? The latest notification I received with a deadline fast approaching is a bit confusing. Read More
Adding Outlook TO Apple Mail/iCloud, NOT the reverse
I, too, received the email that basically I had 2 or 3 days to conform to your new authentication. I use Thunderbird for permanent holding, but also have been using Apple Mail. I deleted Outlook per instructions (Mail has not recognized the password for months so I was happy to see that you had sent instructions), but when I tried to add it back, it still did not recognize the password or some similar obstacle. All I have seen is your instructions for using iOS, but nothing about Mac OS. (I am one of the several millions who also use a computer.)
I see many related questions but no response to any of them. So let me ask a follow-up: How can I export my folders to MBOX files that can be opened by more flexible clients?
I, too, received the email that basically I had 2 or 3 days to conform to your new authentication. I use Thunderbird for permanent holding, but also have been using Apple Mail. I deleted Outlook per instructions (Mail has not recognized the password for months so I was happy to see that you had sent instructions), but when I tried to add it back, it still did not recognize the password or some similar obstacle. All I have seen is your instructions for using iOS, but nothing about Mac OS. (I am one of the several millions who also use a computer.) I see many related questions but no response to any of them. So let me ask a follow-up: How can I export my folders to MBOX files that can be opened by more flexible clients? Read More
Data Validation Basis Another Cell Inputs
I have a simple sheet. Column A contains inputs that can be A, B C, D, E. The inputs are a drop down list. Column B inputs need to be restricted basis the input in Column A. So if A1 =A, B1 should have an input of the range100-12%,
If A1=B, B1 should have an input 120-140% and so on. Given the inputs in Column A can be dynamic and any of the 5 drop down values how do we restrict values in Column B dynamically to correspond to the input in Column A
I have a simple sheet. Column A contains inputs that can be A, B C, D, E. The inputs are a drop down list. Column B inputs need to be restricted basis the input in Column A. So if A1 =A, B1 should have an input of the range100-12%,If A1=B, B1 should have an input 120-140% and so on. Given the inputs in Column A can be dynamic and any of the 5 drop down values how do we restrict values in Column B dynamically to correspond to the input in Column A Read More
VLOOKUP returning #N/A when using text
Hi there,
Please see a copy of the workbook I’m building: Test – My Yugioh Cards.xlsx
The idea is when I type a card’s name in the “NAME” column in table “TestDeckMain” in sheet “Test Deck”, the rest of the row should auto-populate by pulling information from table “AllCards” in sheet “All Cards”.
I think it’s a format problem of some sort, but from looking up articles and posts I haven’t been able to work it out. I’m hoping someone could take a quick look and see if I’m missing something, I’d be very grateful. I’m mostly self-taught, so apologies if there is any poor design ha ha
I’ve already entered a few different card names with various characters to test different scenarios in case this helps.
Many thanks,
Etienne
Hi there, Please see a copy of the workbook I’m building: Test – My Yugioh Cards.xlsx The idea is when I type a card’s name in the “NAME” column in table “TestDeckMain” in sheet “Test Deck”, the rest of the row should auto-populate by pulling information from table “AllCards” in sheet “All Cards”. I think it’s a format problem of some sort, but from looking up articles and posts I haven’t been able to work it out. I’m hoping someone could take a quick look and see if I’m missing something, I’d be very grateful. I’m mostly self-taught, so apologies if there is any poor design ha ha I’ve already entered a few different card names with various characters to test different scenarios in case this helps. Many thanks,Etienne Read More
Azure Lab Services – Upcoming maintenance update on October 12, 2024
Hello all,
On October 12th, 2024, we will be updating our system between 7:00 AM and 6:00 PM CST. This maintenance will only affect the creation of new Canvas labs or the management of existing Canvas labs through our service. The Canvas labs functionality will be available again after the update.
Refer to this blog post for the latest update on this maintenance:
Cheers,
Fawad
Microsoft Tech Community – Latest Blogs –Read More
Rockford Lhotka and Eric Boyd Share Their Expertise at Visual Studio Live! 2024
At the heart of technological innovation, Visual Studio Live! at Microsoft HQ is the perfect place for developers to enhance their skills and expand their knowledge of the .NET Microsoft Platform. From August 5-9, 2024, the Microsoft Conference Center in Redmond hosted five days of engaging and unbiased education on a wide range of topics, including ASP.NET Core, .NET 7/8, Generative AI, MAUI, JavaScript, TypeScript, Azure, Blazor, and modern data warehouse technology. Attendees had the unique opportunity to interact directly with industry leaders, receive practical guidance, and dive into the latest innovations in software development. We are excited to feature insights from Rockford Lhotka, United States Cloud + AI, DevOps, Open Source Frameworks MVP and Regional Director, and Eric Boyd, United States AI Platform, Microsoft Azure and Regional Director, as they share their experiences at this event.
MVP and RD Rocky Lhotka
Could you share what aspects of VSLive contribute to its success from your perspective?
Rocky: VS Live! provides a great mix of independent speakers who use the products in the real world, and Microsoft speakers who can provide insight into the future of the products. Our audience is primarily business developers who are building software for their companies, so they are looking for practical advice on how to use the tools to solve their problems. The sessions are a mix of introduction to new technology, deep dives into specific technologies and informative looks at the future. We also include career and personal development topics to help people better develop their own career arcs. The speakers are all experts in their fields so the attendees know they are getting the best advice available. Because the events are held across the U.S. attendees can bring their families and make a vacation out of the trip. Orlando for family fun, Las Vegas for nightlife, Redmond for a chance to visit Microsoft headquarters, and a variety of other cities for music, food, sightseeing, and other adventures.
Eric: The VSLive! team does a great job of bringing together exceptional speakers from around the world. And while they are great speakers and presenters they are also practitioners that are building solutions and working daily with the technologies they present, so as an attendee, you’re getting real-world and practical guidance. There are also Microsoft presenters who provide insight and context from the product groups. The session lineup is always a great mix of technologies that people are currently using in production, and technologies that are up and coming that we need to be aware of and considering. And there is a mix of session formats, everything from 20-minute fast focus sessions, 75-minute breakout sessions, keynotes, one-day workshops, and two-day hands-on-labs.
What have been some standout moments for you during the event?
Rocky: Certainly, one highlight was the launch of Visual Studio with .NET by Bill Gates in 2002! Since then, we’ve had many keynotes and announcements from the .NET, Visual Studio, Azure, and other teams at Microsoft.
For me personally though, it is the chance to meet with attendees and speakers and hear their stories. I’ve met people who have been coming to the show for decades, and others who are attending for the first time. I’ve also met people who have changed jobs, started companies, and improved their lives because of connections they made at the show.
Eric: VSLive! hosts a lunch mid-week where speakers have designated tables and attendees join them and converse over a meal. It’s a great time for attendees to ask questions, discuss challenges, and generate new ideas. I really enjoy these lunches. The evening events are also great opportunities for attendees to meet other attendees and presenters.
Have there been instances where your guidance positively impacted an attendee’s experience or perhaps a time when your networking efforts helped facilitated a significant career opportunity for someone?
Rocky: Like many of our speakers, I make an effort to join attendees at lunch and to be available for questions after my sessions. Often I spend time in a comfortable chair in the open areas of the show, having conversations with all sorts of folks.
Over the years I’ve had people come up to me and tell me that they completed a large software project, got a promotion, or got a new job because of our conversations, my presentations, or books.
Recently I’ve been leading an open-source project called Kids ID Kit, which is a free tool for parents to create a digital ID kit for their children. In the past few months three people have joined our development team after hearing about the project from my sessions, and they are helping make the world a better place while honing and building their Blazor and .NET skills.
Before I became a speaker at events, I would usually attend events to get two things: to be inspired about the future, and to solve some pragmatic issue what was blocking me or my team. As a speaker I always try to remember that perspective, and I try to be one of the people who can help people achieve those goals while they are at VS Live!.
Eric: Over the past year I’ve been delivering a two-day hands-on-lab on Python and artificial intelligence. The title is even prefaced with “Elevate Your Career.” And those who attend this workshop are looking to gain a foundational understanding of Python and AI to enhance their careers and get into the rapidly changing and growing world of artificial intelligence. This is exciting for me because it’s usually an audience of Microsoft developers who are not familiar with the Python language and not normally involved in AI related projects and I get to help them lay down the foundations for a potential shift in their careers. On several occasions, I’ve been able to work with attendees after the event on a project and provide guidance and mentoring and help them learn new things and develop new skills throughout the project which has been helpful in their careers.
MVP and RD Eric Boyd
To wrap up, Visual Studio Live! 2024 at Microsoft HQ was an incredible event that brought together developers, software architects, engineers, and designers. Rockford Lhotka and Eric Boyd shared their valuable experiences, providing attendees with practical guidance and real-world insights. Rockford highlighted the importance of connecting with attendees and speakers, sharing stories of how the event has positively impacted careers and projects. While Eric emphasized the hands-on learning opportunities and the chance to work on projects that enhance skills and open new career paths. Their contributions made the event even more enriching, fostering a sense of community and collaboration among participants. VS Live! was not just about learning new technologies but also about building relationships and inspiring growth in the ever-evolving world of technology.
Microsoft Tech Community – Latest Blogs –Read More
Welcome to the Microsoft Incident Response Ninja Hub
We’re excited to announce the Microsoft Incident Response Ninja Hub. This page includes a compilation of guides and resources that the Microsoft Incident Response team has developed on threat hunting, case studies, incident response guides, and more. Many of these pieces were also developed in collaboration with Microsoft’s partners across Microsoft Security, providing a unique view into how the Microsoft Security ecosystem leans on cross-team collaboration to protect our customers.
This page will be continually updated as the team develops and publishes more resources, so be sure to bookmark our Ninja Hub and stay up to date: https://aka.ms/MicrosoftIRNinjaHub
Incident Response (IR) best practices for security teams and leaders
Navigating the Maze of Incident Response: Microsoft Incident Response team guide shares best practices for security teams and leaders
Creating a proactive incident response plan | How to boost your incident response readiness
The art and science behind Microsoft threat hunting: Part 1
The art and science behind Microsoft threat hunting: Part 2
The art and science behind Microsoft threat hunting: Part 3
Microsoft Security tips to reduce risk in mergers and acquisitions
Deep dives and threat hunting guides
One-page guides
Download the new Microsoft Incident Response one-page guides on investigating suspicious activity in Microsoft 365 and Microsoft Entra
Download the Microsoft Incident Response guides on using Windows Internals for digital forensic investigations
Cloud hunting and Microsoft Entra
Threat hunting with Microsoft Graph activity logs
Hunting for MFA manipulations in Entra ID tenants using KQL
Hunting in Azure subscriptions
Good UAL Hunting
Investigating malicious OAuth applications using the Unified Audit Log
Forensic artifacts in Office 365 and where to find them
Follow the Breadcrumbs with Microsoft IR & MDI: Working Together to Fight Identity-based Attacks
How to investigate service provider trust chains in the cloud
Techniques for threat hunting
Fuzzy hashing logs to find malicious activity
Leveraging the Power of KQL in Incident Response
Attacker tactics, techniques, and procedures explained
Proactive Measures: Safeguarding Against Vulnerable Driver Attacks with Effective Monitoring and Prevention Strategies
Defenders beware: A case for post-ransomware investigations
Token tactics: How to prevent, detect, and respond to cloud token theft
Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign
Guidance for investigating attacks using CVE-2023-23397
Protect against CVE-2019-0708: BlueKeep
IIS modules: The evolution of web shells and how to detect them
Web shell attacks continue to rise
Ghost in the shell: Investigating web shell attacks
Tarrask malware uses scheduled tasks for defense evasion
Case studies
Cyberattack Series
Report 1: Solving one of NOBELIUM’s most novel attacks
Report 2: Healthy security habits to fight credential breaches
Report 3: Patch me if you can: Cyberattack Series
Report 4: Protecting credentials against social engineering
Advanced Persistent Threats (APTs) and named Threat Actor groups
Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction | Microsoft Security Blog
A guide to combatting human-operated ransomware: Part 1
A guide to combatting human-operated ransomware: Part 2
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
Destructive malware targeting Ukrainian organizations
DEV-0537 criminal actor targeting organizations for data exfiltration and destruction
Ransomware and case studies
The five-day job: A BlackByte ransomware intrusion case study
LockBit 2.0 ransomware bugs and database recovery attempt: Part 1
LockBit 2.0 ransomware bugs and database recovery attempts: Part 2
Facing the cold chills: A case study of a targeted compromise
Lessons from the field and compromise recovery how-to
Compromise recovery
Octo Tempest: Hybrid identity compromise recovery
Recover ADCS from Compromise
Advice for incident responders on recovery from systemic identity compromises
Lessons from the field on securing your cloud
Total Identity Compromise: Microsoft Incident Response lessons on securing Active Directory
Microsoft Incident Response lessons on preventing cloud identity compromise
Protect your business from password sprays with Microsoft DART recommendations
Microsoft Incident Response tips for managing a mass password reset
Effective strategies and technical recommendations for conducting Mass Password Resets during cybersecurity incidents
How Microsoft Incident Response and Microsoft Defender for Identity work together
A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture
Using Microsoft Security APIs for Incident Response – Part 1
Using Microsoft Security APIs for Incident Response – Part 2
Microsoft Office 365—Do you have a false sense of cloud security?
Lessons from the field on ransomware response
Long-form resources and books
Microsoft Defender for Endpoint in Depth: Take any organization’s endpoint security to the next level
The Definitive Guide to KQL: Using Kusto Query Language for operations, defending, and threat hunting (1st Edition)
Learn more about the Microsoft Incident Response team
DART: the Microsoft cybersecurity team we hope you never meet
How the Microsoft Incident Response team helps customers remediate threats
Microsoft Incident Response Retainer is generally available
An integrated incident response solution with Microsoft and PwC
To stay up to date, follow blogs published to the Security Experts Tech Community Blog and to Microsoft Security Blog.
Microsoft Tech Community – Latest Blogs –Read More