Easily deploy .NET apps to Azure Container Apps with default configuration for data protection

The Azure Container Apps and .NET team have made it easier than ever to deploy your .NET application by supporting automatic configuration for data protection. This support is currently available as an opt-in feature in the Container Apps API version 2… Continue reading Easily deploy .NET apps to Azure Container Apps with default configuration for data protection

Introducing Bulk Senders Insight: Optimizing Bulk Email Management for Enterprises

Bulk emails, ranging from promotions and transactional updates to targeted marketing campaigns, play a crucial role in modern enterprise communications. Yet, determining the right balance of these messages—what should be allowed and what should be bloc… Continue reading Introducing Bulk Senders Insight: Optimizing Bulk Email Management for Enterprises

Demystifying Exchange Online Provisioning: Architecture, Exchange Object Types, and Attributes

We wanted to demystify the process of syncing and provisioning of various recipient objects in Exchange Online. Some of this content might be already familiar to you but some will be new and will (hopefully) help you understand and troubleshoot most is… Continue reading Demystifying Exchange Online Provisioning: Architecture, Exchange Object Types, and Attributes

Announcing quarantine release integration in MDO hunting experience!!

We are excited to introduce the new quarantine release integration within Microsoft Defender for Office 365 as part of the hunting experience. This enhancement allows Security Operators (SecOps) to address false positives more efficiently and with grea… Continue reading Announcing quarantine release integration in MDO hunting experience!!

Abstracts: July 29, 2024

A lack of appropriate data, decreased model performance, and other obstacles have made it difficult to expand the input language models can receive. Li Lyna Zhang introduces LongRoPE, a method capable of extending content windows to more than 2 million tokens.

The post Abstracts: July 29, 2024 appeared first on Microsoft Research.

Continue reading Abstracts: July 29, 2024

Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption

Microsoft Security researchers have observed a vulnerability used by various ransomware operators to get full administrative access to domain-joined ESXi hypervisors and encrypt the virtual machines running on them. The vulnerability involves creating a group called “ESX Admins” in Active Directory and adding an attacker-controlled user account to this group. This manipulation of the Active Directory group takes advantage of a privilege escalation vulnerability (CVE-2024-37085) in ESXi hypervisors that grants the added user full administrative access to the ESXi hypervisor. The vulnerability was fixed by VMware in their June release and ESXi administrators should install this security update.

The post Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption appeared first on Microsoft Security Blog.

Continue reading Ransomware operators exploit ESXi hypervisor vulnerability for mass encryption