MS-101 syllabus is available at

Typically MS-101 test-takers are mixed up by free products available on the net, therefore they are unsuccessful the Microsoft 365 Mobility and Security exam. Many of us advise to expend a little cost and download the total version of MS-101 practice test, Actual Questions and assure your 100% good results inside the real test.

Exam Code: MS-101 Practice test 2023 by team
MS-101 Microsoft 365 Mobility and Security

Implement modern device services (30-35%)

Implement Mobile Device Management (MDM)

• plan for MDM

• configure MDM integration with Azure AD

• set an MDM authority

• set device enrollment limit for users

Manage device compliance

• plan for device Compliance

• design Conditional Access Policies

• create Conditional Access Policies

• configure device compliance policy

• manage Conditional Access Policies

Plan for devices and apps

• create and configure Microsoft Store for Business

• plan app deployment

• plan device co-management

• plan device monitoring

• plan for device profiles

• plan for Mobile Application Management

• plan mobile device security

Plan Windows 10 deployment

• plan for Windows as a Service (WaaS)

• plan the appropriate Windows 10 Enterprise deployment method

• analyze upgrade readiness for Windows 10

• evaluate and deploy additional Windows 10 Enterprise security features

Implement Microsoft 365 security and threat management (30-35%)

Implement Cloud App Security (CAS)

• configure Cloud App Security (CAS)

• configure Cloud App Security (CAS) policies

• configure Connected apps

• design Cloud App Security (CAS) Solution

• manage Cloud App Security (CAS) alerts

• upload cloud app security (CAS) traffic logs

Implement threat management

• plan a threat management solution

• design Azure Advanced Threat Protection (ATP) implementation

• design Microsoft 365 ATP Policies

• configure Azure ATP

• configure Microsoft 365 ATP Policies

• monitor Advanced Threat Analytics (ATA) incidents

Implement Windows Defender Advanced Threat Protection (ATP)

• plan Windows Defender ATP Solution

• configure preferences

• implement Windows Defender ATP Policies

• enable and configure security features of Windows 10 Enterprise

Manage security reports and alerts

• manage service assurance dashboard

• manage tracing and reporting on Azure AD Identity Protection

• configure and manage Microsoft 365 security alerts

• configure and manage Azure Identity Protection dashboard and alerts

Manage Microsoft 365 governance and compliance (35-40%)

Configure Data Loss Prevention (DLP)

• configure DLP Policies

• design data retention policies in Microsoft 365

• manage DLP exceptions

• monitor DLP policy matches

• manage DLP policy matches

Implement Azure Information Protection (AIP)

• plan AIP solution

• plan for deployment On-Prem rights management Connector

• plan for Windows information Protection (WIP) implementation

• plan for classification labeling

• configure Information Rights Management (IRM) for Workloads

• configure Super User

• deploy AIP Clients

• implement Azure Information Protection policies

• implement AIP tenant key

Manage data governance

• configure information retention

• plan for Microsoft 365 backup

• plan for restoring deleted content

• plan information Retention Policies

Manage auditing

• configure audit log retention

• configure audit policy

• monitor Unified Audit Logs

Manage eDiscovery

• search content by using Security and Compliance Center

• plan for in-place and legal hold

• configure eDiscovery and create cases

Microsoft 365 Mobility and Security
Microsoft Microsoft learn
Killexams : Microsoft Microsoft learn - BingNews Search results Killexams : Microsoft Microsoft learn - BingNews Killexams : Get Microsoft Office 2021 and learn how to use it for just $50 No result found, try new keyword!Microsoft Office is the world’s most ubiquitous office software for good reason. And if you’re not using it yet, now is the time to take advantage of this limited-time deal. Right now, you can get a ... Tue, 22 Aug 2023 20:08:30 -0500 en-us text/html Killexams : Microsoft launches native integration for Python in Excel No result found, try new keyword!With native Python integration with Excel, users will be able to use the new “PY” function to input Python code directly into Excel cells. Tue, 22 Aug 2023 19:07:00 -0500 en text/html Killexams : Python is coming to Microsoft Excel
Eugene Mymrin/Getty Images

Ever wished you could do more with Microsoft Excel? Microsoft just announced the release of a public preview of Python in Excel, which would allow users to add Python code directly into a spreadsheet.

This would enable data analysts, engineers, marketers, and students learning data science to work with Python code to perform complex statistical analysis, advanced visualizations, predictive analytics, and machine learning in Excel. 

Also: How to use ChatGPT to write Excel formulas

Users will be able to enter Python code directly into cells using the new =PY function, as Python will be integrated directly into the Excel grid, with no need to install additional software. 

Microsoft explains that the new functionality leverages the Anaconda distribution of Python, an enterprise geared to data scientists and engineers that is also beginner-friendly. Anaconda includes many pre-packaged libraries and packages like pandas, Matplotlib, scikit-learn, NumPy, and SciPy. 

Date extraction using regular expressions.


As a secure operation, Microsoft says Python in Excel runs on the Microsoft Cloud with enterprise-level security within the Microsoft 365 experience. This means that the code is executed on the Microsoft Cloud and not locally, in an isolated container using Azure Container Instances and separate from other processes to diminish the risk of unauthorized access. 

Also: How to use ChatGPT to write code

The data in users' workbooks is controlled through the specific functions xl()and =PY() to ensure data is secure and only authorized operations are performed. 

The public preview of the Python integration on Microsoft Excel will be available to Microsoft 365 Insiders using the Beta Channel in Excel for Windows. 

Editorial standards
Tue, 22 Aug 2023 05:41:00 -0500 en text/html
Killexams : How to Fix Microsoft Edge Not Responding
Microsoft Edge Not Responding Featured

Microsoft has been systematically working to Strengthen its Edge browser by adding new features and updates on a regular basis, positioning it as a compelling alternative to Google Chrome. Yet, sometimes issues still arise due to various bugs in the Chromium code. This tutorial shares the most effective troubleshooting tips you need to follow if Microsoft Edge is not responding.

Good to know: check out our list of keyboard shortcuts to quickly access the most useful Microsoft Edge features.

Basic Troubleshooting

Before diving into specific solutions, try these general troubleshooting tips if you’re experiencing issues like Microsoft Edge not responding or crashes.

  • Clear cache and browsing data: most browsers automatically save temporary Internet files to help pages load faster. If Microsoft Edge opens but does not load the page, clearing this cache will help resolve the issue.
  • Update Edge to the latest version: you should always ensure that the Edge browser is updated to the latest version to avoid many common problems with Microsoft Edge.
  • Scan your PC for malware: if you suspect that your PC is infected with a virus, causing Edge to not respond, scan your computer for malware using Microsoft Defender (part of Windows Security). Perform all types of scans using Microsoft Defender from the Command Prompt.
  • Restart your computer: if you encounter any unknown issue on your Windows computer, try restarting the PC. In many cases, that’s all it takes to resolve a simple bug.

FYI: want to remove the Bing Chat button from Edge? We can show you how.

1. Close and Reopen Microsoft Edge

If Microsoft Edge is not responding, try properly closing it down via the Task Manager, then restart the browser. In most cases, this will fix the problem.

  1. Press Ctrl + Shift+ Esc to launch the Task Manager.
  2. Click “Processes” in the left pane. Select Microsoft Edge on the right under “Apps,” then click “End task” below the search bar to close the Edge browser.
  1. Reopen the Edge app from either the taskbar or the desktop shortcut, and check whether the issue has been resolved.

Tip: learn how to fix the “Task Manager has been disabled by administrator” error.

2. Repair Microsoft Edge

If the Edge browser opens but stops functioning, attempt to repair it. Before starting, make sure you’ve closed the Microsoft Edge browser and logged in with administrative privileges.

  1. Click the Start menu, and launch the Settings app.
  1. Click “Apps,” in the left pane, then click “Installed Apps” on the right.
  1. Scroll down until you find Microsoft Edge in the list of apps. Click the three-dot icon next to it, and select “Modify” from the menu options. If you see a prompt asking, “Do you want to allow this app to make changes to your device?” press “Yes.”
  1. Click “Repair.”
  1. You will see the progress of the repair.
  1. After a few seconds, the Microsoft Edge browser will relaunch automatically to indicate that the repair has been completed. Do remember that the browser data and settings are not affected by the repair procedure.

3. Disable/Uninstall Extensions

If your Edge browser is not responding properly, it could be because an extension is not working correctly. To troubleshoot this, follow the steps below to deactivate your installed extensions to see whether the problem has been resolved.

  1. Launch the Edge browser, and click the puzzle piece-shaped icon next to the address bar. In the drop-down menu, click “Manage extensions.”
  1. In the “Installed extensions” section, toggle the checkbox to the left of all extensions to disable them.
  1. If the issue has been resolved, you can enable each extension one by one to identify which one is causing the issue. Once you have identified the problematic extension, uninstall it by clicking “Remove.”

Tip: find yourself missing Internet Explorer? Learn how to bring IE back to Windows 11.

4. Close Other Tabs and Apps

Microsoft Edge may fail to respond if you have too many tabs or other programs open on your Windows computer. If you have too many open, try closing all tabs and windows on your browser – except the one displaying the error message.

Additionally, shut down any other applications currently running on your Windows computer, including background apps and processes. If you are downloading a file, pausing until the issue has been resolved is better. Afterward, check to see whether you can access the tab that was not responding in Microsoft Edge.

5. Check Whether Antivirus Software Has Been Updated

Are you using third-party antivirus software, like Norton, McAfee or Kaspersky? If so, you must check whether the virus protection has expired or the software has become outdated. Obsolete or expired software may interfere with the functioning of Microsoft Edge.

Once you have identified the issue, you can renew your virus protection plan or get the latest security update from the software company’s website.

6. Free Up Storage Space on Your PC

All of your apps are probably installed on the C:\ drive of your computer. If you’re experiencing frequent Microsoft Edge crashes, it’s worth checking the storage space on your main drive.

  1. Press Win + E to launch the File Explorer app, and click “This PC.”
  1. Under “Devices and drives,” look for the (C:) drive. Below the drive name, you will see the bar that shows the free space left.
  1. Alternatively, right-click the (C:) drive, and select “Properties” in the context menu.
  1. In the new dialog, you can see the values for “Used Space” and “Free Space” for the C:\ drive.

If the C:\ drive is running low, take prompt action to free up some space. If you’re not sure how to get started, learn how to clean up your C:\ drive.

FYI: learn how to block pop-ups on Windows in Microsoft Edge and other popular browsers.

7. Try Another Browser

Finally, it could be possible that your wireless network is the culprit. To determine whether this is the case, try accessing the webpage that is causing the Edge not responding issue with another browser, such as Chrome, Firefox, or Brave. If the page still won’t load, it’s likely an issue with your network or the website itself.

Try restarting your modem and router to see whether this resolves the problematic Edge situation. However, if the problem persists, there may be an issue with the website itself. In this case, there isn’t much you can do, except try again in a few hours or the next day.

Getting Edge Back on Track

If you still can’t get Edge to work properly, it may be worth reinstalling Microsoft Edge directly from its official website. As a final solution, try restoring the Edge browser settings to default. On the other hand, if your browser is working just fine, learn how to use split screen in Edge for improved multitasking.

Image credit: Unsplash. All screenshots by Meenatchi Nagasubramanian.

Meenatchi Nagasubramanian

Meenatchi is always passionate about learning new technological advancements and would love to try out new gadgets, software, and apps. After quitting her career as an Embedded Software Developer in 2009, she took up a career in content writing.

Subscribe to our newsletter!

Our latest tutorials delivered straight to your inbox

Wed, 23 Aug 2023 03:25:00 -0500 en-US text/html
Killexams : Equip yourself to learn with Microsoft Office for life and a free business course for just $39.97

We may earn revenue from the products available on this page and participate in affiliate programs. Learn more ›

Back-to-School season is an opportunity for learners of all ages to expand their knowledge and get discounted access to valuable tools they can put to work every day. Until August 13 at 11:59 p.m. PST, you can get a lifetime license for Microsoft Office for Windows and a free business course from a renowned instructor. 

The tools you use to work and learn may not always be budget-friendly, even if they’re essential to your ongoing productivity. For those who rely on Microsoft Word, Excel, PowerPoint, or any other apps in the Office Suite, subscription fees can feel like the constant cost of basic computer operations. 

This Back-to-School season, focus on your learning without focusing on a recurring cost. Get a Microsoft Office Pro 2021 Windows Lifetime License for $39.97, and enjoy a free business course with your purchase. You’ll have to act quickly since this price drop only lasts until August 13 at 11:59 p.m. PST.

Get Microsoft Office for life with no recurring costs 

Dedicate yourself to learning without a monthly subscription fee like what you’d be paying to get Microsoft 365. This lifetime license for MS Office Pro 2021, which boasts a 4.2-star rating from PCMag, allows you to install Microsoft Word, Excel, PowerPoint, Outlook, Teams (free version), OneNote, Publisher, Access, and Skype for Business on one Windows computer or PC for life. 

Make sure your computer meets the minimum requirements to download. You must have at least 4GB disk space and be running Windows 10 or 11. If you need to upgrade your operating system, low-cost Windows 11 Pro keys are available. 

This bundle also comes with a course taught by Chris Haroun, a well-known venture capitalist and instructor of business and finance-related courses. While this course will not replace the information you would get from a formal MBA, it does make some of the same content more accessible by showing you how to launch a new business, craft presentations, and pitch ideas. 

Learn more about investing, presenting, and more

Make the most out of a season of learning, and invest in lifelong access to tools that could expand your horizons.

Until August 13 at 11:59 p.m. PST, get a Microsoft Office Pro 2021 for Windows Lifetime License and a Free Entire MBA in 1 Course for just $39.97. No coupon needed. 

Prices subject to change.

Mon, 31 Jul 2023 03:26:00 -0500 Stack Commerce en-US text/html
Killexams : 1 Supercharged Growth Stock That's a Shoo-in to Join Apple and Microsoft in the $2 Trillion Club by 2028 No result found, try new keyword!Multiple growth drivers, a rebounding gaming market, and strong secular tailwinds should combine to drive this industry leader higher. Wed, 23 Aug 2023 02:33:21 -0500 en-us text/html Killexams : Turbocharge Your Career Path With an MBA Training and Microsoft Office Bundle for Just $50

You don’t need to blow a hole in your schedule or budget to gain the skills and knowledge you need to fast-track your business career.

Business people meeting on a boardroom.
Image: StackCommerce

Whether you want to grow your own business or to move up the ladder in the business world as quickly as possible, you may need to learn valuable entrepreneurial knowledge without commuting to classrooms or crashing your budget. While our solution doesn’t replace a formal MBA degree, you can gain additional business knowledge with this MBA course packaged with lifetime access to Microsoft Office Pro 2021.

You can now grab this bundle for only $49.99 (reg. $419.99). With this powerful duo, you can increase your success in current or potential business endeavors!

Taught by Chris Haroun, who boasts experience in venture capital, hedge funds, equities and consulting, you can feel confident that you’re gaining the proper knowledge for your entrepreneurial pursuits. Again, “The 2023 Total MBA Training in One Box” won’t replace an genuine MBA degree, but it can teach you everything from launching a business from scratch to going public.

You’ll discover insights into management consulting businesses and investment banking firms, as well as how they may benefit your company. You can also learn to create financial models from scratch and quickly examine a company’s finances and entire markets by the time this course is over.

Since you’ll get lifetime access to this 4.5-star rated MBA training, you can study at your own pace. Plus, you don’t have to finish the whole course before taking advantage of the practical and professional skills you develop. Best of all, you can conveniently access classes from desktops, laptops and even mobile devices.

As a huge bonus, this bundle includes a lifetime license for the Windows version of Microsoft Office Pro 2021. It includes Excel, Word, Access, Outlook PowerPoint, Publisher, Skype for Business and the free version of Teams. You’ll get an incredible deal on lifetime access to MS Office for your PC. Say goodbye to expensive yearly subscriptions!

Move up the business ladder with help from Microsoft Office Pro 2021 for Windows: Lifetime License + A Free Entire MBA in 1 Course to help you reach your entrepreneurial goals.

Prices and availability are subject to change.

Wed, 23 Aug 2023 08:23:00 -0500 en-US text/html
Killexams : Microsoft releases enhancements for live camera embedding ‘Cameo’ in PowerPoint presentations

Microsoft announced enhancements to the “cameo” functionality in Microsoft PowerPoint for both Windows and Mac platforms.

A cameo in this context refers to a small video feed, often from a camera, that can be embedded into PowerPoint slides. This feature is particularly useful for presentations where you want to include live video content within your slides. Microsoft 365 subscribers can access cameo on the desktop app for Windows and macOS.

Here are the introduced enhancements:

  1. Camera Preview and Source Control: Users can now turn the camera preview on or off and change the camera source while in Slide Show View or Presenter View mode. This allows for greater control over when and how the cameo appears in your presentation.
  2. Improved Design and Consistency: Fresh cameo designs have been added to align with the overall theme of your PowerPoint presentation. With a single click, you can now easily insert these cameo designs into all your slides, creating a cohesive look throughout the presentation.
  3. Personalized Cameo Styles: Users can insert a cameo on a single slide, customize its format, and then apply the same format to all slides with a single click. This ensures that the cameo maintains a consistent style across all slides.



You can learn more about how to apply this in your presentation here.

If you are utilizing these additional features, it has been reported that the camera may not appear when using the cameo. This could be because another application is using the camera. In this case, you may need to select a different camera or disable the camera for the other application.

These enhancements are available to Beta Channel users running specific versions:

  • Windows: Version 2307 (Build 16731.10000) or later
  • Mac: Version 16.76 (Build 23081101) or later

These updates aim to give users greater flexibility and control when integrating live camera feeds into their PowerPoint presentations. It’s a great way to make presentations more engaging and dynamic by incorporating real-time video content directly into your slides.

Wed, 23 Aug 2023 04:41:00 -0500 en-US text/html
Killexams : Microsoft signs 15-year cloud streaming deal with Ubisoft in latest bid to win Activision Blizzard approval

We're thrilled to announce the return of GamesBeat Summit Next, hosted in San Francisco this October, where we will explore the theme of "Playing the Edge." Apply to speak here and learn more about sponsorship opportunities here

Microsoft has signed a 15-year deal to license Call of Duty and other Activision Blizzard games to Ubisoft in its latest bid to win antitrust approval for its $68.7 billion acquisition.

“In January 2022, Microsoft announced the proposed acquisition of Activision Blizzard to advance our goal to bring more creative and innovative games to players everywhere and on any device, said Brad Smith, president of Microsoft, in announcing the deal. “Today, we are taking another important step regarding this transaction. To address the concerns about the impact of the proposed acquisition on cloud game streaming raised by the UK Competition and Markets Authority, we are restructuring the transaction to acquire a narrower set of rights.”

Activision Blizzard CEO Bobby Kotick also praised the agreement and said the integration plan is proceeding.

The United Kingdom is the last country where antitrust clearance is needed for the deal to go through. One of its concerns was whether Microsoft would have a monopoly on cloud streaming technology.

“This includes executing an agreement effective at the closing of our merger that transfers the cloud streaming rights for all current and new Activision Blizzard PC and console games released over the next 15 years to Ubisoft Entertainment. The rights will be in perpetuity,” Smith said.

“As a result of the agreement with Ubisoft, Microsoft believes its proposed acquisition of Activision Blizzard presents a substantially different transaction under UK law than the transaction Microsoft submitted for the CMA’s consideration in 2022. As such, Microsoft today has notified the restructured transaction to the CMA and anticipates that the CMA review processes can be completed before the 90-day extension in its acquisition agreement with Activision Blizzard expires on October 18,” Smith added.

Under the restructured transaction, Microsoft will not be in a position either to release Activision Blizzard games exclusively on its own cloud streaming service—Xbox Cloud Gaming – or to exclusively control the licensing terms of Activision Blizzard games for rival services, Smith said.

Activision teased Call of Duty: Modern Warfare III, coming November 10.
Activision teased Call of Duty: Modern Warfare III, coming November 10.

The agreement provides Ubisoft with a unique opportunity to commercialize the distribution of games via cloud streaming. The agreement will enable Ubisoft to innovate and encourage different business models in the licensing and pricing of these games on cloud streaming services worldwide. Ubisoft will compensate Microsoft for the cloud streaming rights to Activision Blizzard’s games through a one-off payment and through a market-based wholesale pricing mechanism, including an option that supports pricing based on usage. It will also give Ubisoft the opportunity to offer Activision Blizzard’s games to cloud gaming services running non-Windows operating systems.

Smith also said, “Of importance, Microsoft’s obligations to provide cloud streaming rights in the European Economic Area remain in place, in full compliance with Microsoft’s commitments to the European Commission. The agreement with Ubisoft has been structured so that Microsoft will still acquire the rights needed to honor fully its legal obligations under its commitments to the European Commission, as well as its existing contractual obligations to other cloud game streaming providers, including Nvidia, Boosteroid, Ubitus, and Nware. Microsoft is engaging closely with the European Commission to support the EC’s assessment of the agreement and confirmation that the commitments remain undisturbed.”

Rivals like Sony and Nintendo have also signed deals, and in a trial that Microsoft won, Sony voiced its objections to Microsoft gaining a monopoly over Call of Duty. The transaction has been approved in more than 40 countries, and Microsoft said it will be good for players and the industry.

Ubisoft said these rights will further strengthen Ubisoft’s content offering through its subscription service Ubisoft+, as well as allowing Ubisoft to license streaming access of the Activision Blizzard catalog of games, including future releases, to cloud gaming companies, service providers, and console makers. This will help expand access for players across all streaming services, the French company said.

“We’re dedicated to delivering amazing experiences to our players wherever they choose to play,” said Chris Early, senior vice president of strategic partnerships and business development at Ubisoft. “Over the past 15 years we’ve built and honed our online services and distribution ecosystem into one of the most complete in the industry. Today’s deal will give players even more opportunities to access and enjoy some of the biggest brands in gaming.”

GamesBeat's creed when covering the game industry is "where passion meets business." What does this mean? We want to tell you how the news matters to you -- not just as a decision-maker at a game studio, but also as a fan of games. Whether you read our articles, listen to our podcasts, or watch our videos, GamesBeat will help you learn about the industry and enjoy engaging with it. Discover our Briefings.

Tue, 22 Aug 2023 01:49:00 -0500 Dean Takahashi en-US text/html
Killexams : Microsoft Security Experts discuss evolving threats in roundtable chat – Microsoft

The Microsoft Detection and Response Team (DART) has been renamed to Microsoft Incident Response (Microsoft IR). For more information on IR services, go to Microsoft Incident Response
I don’t know about you, but we’re still catching our breath after 2022. Microsoft Security blocked more than 70 billion email and identity threats last year.1 In the same 12-month span, ransomware attacks impacted more than 200 large organizations in the United States alone, spanning government, education, and healthcare.2 With statistics like those, providing a platform to share security insights and first-hand experience feels like a necessity.
With that goal in mind, Microsoft has launched a new kind of security webinar “for experts, by experts.” The new Security Experts Roundtable series will serve as an accessible video platform for cyber defenders to learn about some of the latest threats while gaining a big-picture view of the cybersecurity landscape. Our inaugural episode aired on January 25, 2023, with an expert panel consisting of:
This episode also features a special appearance by Rachel Chernaskey, Director of the Microsoft Digital Threat Analysis Center, who discusses cyber-enabled influence operations. I host a special remote interview with Mark Simos, Lead Cybersecurity Architect at Microsoft, on how to effectively communicate with your board of directors about cybersecurity. We also talk to Peter Anaman, Director and Principal Investigator at the Microsoft Digital Crimes Unit about tracking global cybercrime, and we have a special guest interview with Myrna Soto, Chief Executive Officer (CEO) and Founder of Apogee Executive Advisors, on the state of cybersecurity in the manufacturing sector.
Back in December 2020, Microsoft investigated a new nation-state attacker now known as Nobelium that became a global cybersecurity threat.3 The following year, the hacker gang Lapsus moved into the spotlight with large-scale social engineering and extortion campaigns directed against multiple organizations.4 Those threat groups are still active, but 2022 saw a slowing in their attacks. “We didn’t have too many high-profile mass-casualty events,” Ping points out. “But we did see a continuation of ransomware, identity compromises, and attacks centered on endpoints.”
The ransomware as a service (RaaS) ecosystem has continued to grow.5 Jeremy singles out DEV-0401, also known as Bronze Starlight or Emperor Dragon, as a China-based threat actor that’s “shifted their payloads to LockBit 2.0, developing their technology and emerging some of their tradecraft in order to evade detection and target our customers more prolifically.”6 Jeremy also calls out DEV-0846 as a provider of custom ransomware,7 as well as Russia’s Iridium as a source of ongoing attacks against transportation and logistics industries in Ukraine and Poland.8 He also cites Russia-based actor DEV-0586 as using ransomware as a ruse to target customers, then following up with destructive data “wiper” attacks.9
In his position as Director of Microsoft Defender Experts, Ryan brings a unique perspective on the changing threat landscape.10 “It’s been a proliferation of credential theft activity, largely stemming from adversary-in-the-middle attacks.” He points out that this kind of attack “underscores the importance of having a strategy for detection and hunting that’s beyond the endpoint; for example, in the email and identity space.”
“Identity compromises have been on the rise,” Ping concurs. “Attackers are just taking advantage of any vectors of entry that any customer has in their environment. So, it’s really important customers exercise good basic security hygiene.” She stresses that defenders should think of their environment as one organic whole, instead of separate parts. “If you have anything that touches the external world—domain controllers, email—those are all potential vectors of entry by attackers.” In short, protecting against the constantly evolving threats of today (and tomorrow) requires embracing a Zero Trust comprehensive approach to security.11
Cyber-enabled influence operations don’t grab headlines the way ransomware attacks do, but their effects are more pernicious. In this kind of cybercrime, a nation-state or non-state actor seeks to shift public opinion or change behavior through subversive means online. In Jeremy’s talk with Rachel, she breaks down how these types of attacks unfold in three phases:
The most prolific influence actors are labeled advanced persistent manipulators (APMs). Rachel uses the analogy that “APMs are to the information space what APTs (advanced persistent threats) are to cyberspace.” APMs are usually nation-state actors, though not always. Increasingly, the Microsoft Digital Threat Analysis Center (DTAC) sees non-state or private-sector actors employing the same influence techniques. In this way, a threat actor that wages a successful cyberattack might repurpose that capability for subsequent influence operations.
Rachel explains how DTAC uses the “four M model:” message, messenger, medium, and method. The message is just the rhetoric or the content that an actor seeks to spread, which typically aligns with the nation-state’s geopolitical goals. The messengers include the influencers, correspondence, and propaganda outlets that amplify the message in the digital environment. The mediums are the platforms and technologies used to spread the message, with video typically being the most effective. And finally, the methods consist of anything from a hack-and-leak operation to using bots or computational propaganda, or real-world elements like party-to-party political engagement.
So why should private organizations be concerned with cyber-influence operations? “Influence operations inherently seek to sow distrust, and that creates challenges between businesses and users,” Rachel explains. “Increasingly, our team is looking at the nexus between cyberattacks and subsequent influence operations to understand the full picture and better combat these digital threats.”
The Microsoft Digital Crimes Unit (DCU) consists of a global cross-disciplinarian team of lawyers, investigators, data scientists, engineers, analysts, and business professionals.12 The DCU is committed to fighting cybercrime globally through the application of technology, forensics, civil actions, criminal referrals, public and private partnerships, and the determined assistance of 8,500 Microsoft security researchers and security engineers. The DCU focuses on five key areas: Business Email Compromise (BEC), Ransomware, Malware, Tech Support Fraud, and Malicious Use of Microsoft Azure. According to Peter Anaman, Director and Principal Investigator at DCU, their investigations reveal that cybercriminals are moving away from a “spray-and-pray” approach toward the as a service model. Along with ransomware, cybercriminals are extending their retail services into new areas such as phishing as a service (PhaaS) and distributed denial of service (DDoS).
Threat actors have even created specialized tools to facilitate BEC, including phishing kits and lists of Checked email addresses targeting specific roles, such as C-suite leaders or accounts-payable employees. As part of the service, the seller will design the email template and even scrub the responses to make sure they’re valid. “All for a subscription model of, like, USD200 dollars a month,” Peter explains. DCU investigative evidence has observed a more than 70 percent increase in these services.1 “We’re finding that there’s a higher number of people who are committing these crimes. They have greater know-how on different technologies and online platforms that could be used as part of the [attack] vector.”
Regardless of the type of cybercrime, DCU goes after threat actors by executing on three main strategies:
In addition to arrest and prosecution, DCU deters cybercrime by disrupting the technical infrastructure used by criminals, causing them to lose their investments. In 2022, DCU helped to take down more than 500,000 unique phishing URLs hosted outside Microsoft while disrupting cybercriminals’ technical infrastructure, such as virtual machines, email, homoglyph domain names, and public blockchain websites.
DCU also works with Microsoft DART to gather intelligence and share it with other security professionals. Some of those indicators—a URL, domain name, or phishing email—may help with future investigations. “That intelligence [we gather] feeds back into our machine learning models,” Peter explains. “If that phishing page or kit is used again there will be better measures to block it at the gate, so our monitoring systems become stronger over time.”
When asked what an organization can do to protect itself, Peter suggests sticking to three cybersecurity basics. First: “Use multifactor authentication,” he stresses. “Ninety percent of [attacks] could have been stopped just by having multifactor authentication.” Second: “Practice [cyber] hygiene. Don’t just click links because you think it comes from a friend.” Cyber hygiene includes installing all software patches and system upgrades as soon as they become available. And third: “You’re really looking at the Zero Trust model,” Peter says. “Enforce least privilege [access]” so people only have access to the information they need. Bonus tip: “Make sure you have the same level of security on your personal email as you do on your work [email].”
In this segment, I have a chance to speak with one of my favorite folks at Microsoft. Mark Simos is Lead Cybersecurity Architect, Microsoft, (and PowerPoint super genius) with more than two decades of experience, so he knows something about dealing with a board of directors. Whether you work for a public or private company, the board is responsible for oversight. That means making sure that the leadership team is not only managing the business but also managing risks. And cybercrime is one of the biggest risks today’s organization contends with.
But for the board to understand the organization’s security positioning, they need to grasp how it relates to the business. Unlike dealing with finances, legal issues, or people management, cybersecurity is a new area for a lot of board members. According to Mark, a big part of winning them over is “making sure that the board members understand that cybersecurity is not just a technical problem to be solved, check, and move on. It’s an ongoing risk.”
In our talk, Mark lays out three basic things the board needs to know:
Bonus tips:
Mark provides a wealth of free resources you can access anytime on Mark’s List.13 Also, there’s a chief information security officer (CISO) workshop available as public videos and as a live workshop from Microsoft Unified (formerly Premier Support). The workshop provides plenty of material to help accelerate a productive relationship with your board, including:
Often board members don’t consider that security decisions can be made by asset owners, not just security teams. Mark suggests stressing the holistic aspect of cybersecurity as a differentiator from typical business unit concerns. “With security, it doesn’t matter where the leak is on the boat; it’s still going to sink,” he says. “So, it’s really important for folks to work together as a team and recognize that ‘I’m not just accepting the risk for me; I’m accepting it for everyone.’”
For the last segment of the webinar, we invited an expert to weigh in on one of the most-attacked industry segments across the globe—manufacturing. Myrna Soto is the CEO and founder of Apogee Executive Advisors, and a board member of prominent companies such as Headspace Health, CMS Energy, Banco Popular, Spirit Airlines, and many more. Cybersecurity in the manufacturing sector carries added urgency because many of these entities are part of the nation’s critical infrastructure—whether it’s manufacturing pharmaceuticals, supporting transportation, or feeding the power grid.
The smart factory has introduced more automation into the manufacturing ecosystem, creating new vulnerabilities. “One of the biggest challenges is the number of third-party connections,” Myrna explains. “It relates to how entities are interacting with one another; how certain companies have either air-gapped their Internet of Things (IoT) networks or not.” Myrna points out that the supply chain is never holistically managed by one entity, which means those third-party interactions are critical. She mentions the ability to encrypt certain data in machine-to-machine communications as a crucial part of securing an interconnected manufacturing ecosystem. “The ability to understand where assets are across the ecosystem is one of the key components that need attention,” she points out.
With the prospect of intellectual property loss, disruption to critical infrastructure, along with health and safety risks, Myra sees manufacturing as one area where security teams and board members need to work together with urgency. I asked her to offer some insights gleaned from time spent on the other side of the table—particularly what not to do. “Probably the most annoying thing is the tendency to provide us a deluge of data without the appropriate business context,” she relates. “I’ve seen my share of charts around malware detections, charts on network penetrations. That is difficult for most non-technical board members to understand.”
Be sure to watch the full Security Experts Roundtable episode. We’ll be doing one of these every other month until they kick us off the stage, so remember to sign up for our May episode. Before we wrap up for today, I’d like to invite you to join us on March 28, 2023, for a brand-new event: Microsoft Secure. This event will bring together a community of defenders, innovators, and security experts in a setting where we can share insights, ideas, and real-world skills to help create a safer world for all. Register today, and I’ll see you there!
For more cybersecurity insights and the latest on threat intelligence, visit Microsoft Security Insider.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.
1Microsoft Digital Defense Report 2022, Microsoft. 2022.
2Based on internal research conducted by Microsoft Digital Crimes Unit, January 2023.
3The hunt for NOBELIUM, the most sophisticated nation-state attack in history, John Lambert. November 10, 2021.
4DEV-0537 criminal actor targeting organizations for data exfiltration and destruction, Microsoft Threat Intelligence Center. March 22, 2022.
5Ransomware as a service: Understanding the cybercrime gig economy and how to protect yourself, Microsoft Defender Threat Intelligence. May 9, 2022.
6Part 1: LockBit 2.0 ransomware bugs and database recovery attempts, Danielle Veluz. March 11, 2022.
7Monthly news—January 2023, Heike Ritter. January 11, 2023.
8New “Prestige” ransomware impacts organizations in Ukraine and Poland, Microsoft Security Threat Intelligence. October 14, 2022.
9Destructive malware targeting Ukrainian organizations, Microsoft Threat Intelligence Center. January 15, 2022.
10Microsoft Defender Experts for Hunting proactively hunts threats, Microsoft Security Experts. August 3, 2022.
11Implementing a Zero Trust security model at Microsoft, Inside Track staff. January 10, 2023.
12Digital Crimes Unit: Leading the fight against cybercrime, Microsoft. May 3, 2022.
13Mark’s List, Mark Simos.
Microsoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as Midnight Blizzard (previously tracked as NOBELIUM).
In a latest investigation by Microsoft Incident Response of a BlackByte 2.0 ransomware attack, we found that the threat actor progressed through the full attack chain, from initial access to impact, in less than five days, causing significant business disruption for the victim organization.
Microsoft detected a unique operation where threat actors carried out destructive actions in both on-premises and cloud environments.
This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397.
Microsoft is a leader in cybersecurity, and we embrace our responsibility to make the world a safer place.


Wed, 23 Aug 2023 09:45:00 -0500 Deidre Richardson en-US text/html
MS-101 exam dump and training guide direct download
Training Exams List