Select Page
Animation showing the refreshed user interface in the Azure portal

Azure.Source – Volume 53

Now in preview Protect data in use with the public preview of Azure confidential computing - Years of work with our silicon vendors have allowed us to bring application isolation technology to hardware in our datacenters to support this new ... continue reading
Everything you need to know about Windows Server 2019 – Part 3

Everything you need to know about Windows Server 2019 – Part 3

This blog post was authored by Dean Wells, Principal Program Manager, Windows Server. In the preceding blogs, you were given a video-tour of some of the high-level advancements made in Windows Server 2019 that touched on areas such as the ... continue reading
PowerShell Injection Hunter: Security Auditing for PowerShell Scripts

PowerShell Injection Hunter: Security Auditing for PowerShell Scripts

At the DEFCON security conference last year, we presented the session: “Get $pwnd: Attacking Battle Hardened Windows Server“. In this talk, we went through some of the incredibly powerful ways that administrators can secure their high-value systems (for example, Just ... continue reading

Sharing research and discoveries at PWN2OWN

The annual PWN2OWN exploit contest at the CanSecWest conference in Vancouver, British Columbia, Canada, brings together some of the top security talent from across the globe in a friendly competition. For the participants, these events are a platform to demonstrate ... continue reading
FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines

FinFisher exposed: A researcher’s tale of defeating traps, tricks, and complex virtual machines

Office 365 Advanced Threat Protection (Office 365 ATP) blocked many notable zero-day exploits in 2017. In our analysis, one activity group stood out: NEODYMIUM. This threat actor is remarkable for two reasons: Its access to sophisticated zero-day exploits for Microsoft ... continue reading
#Microsoft Secure #DevOps Kit of #Azure to Secure your Cloud #Security

#Microsoft Secure #DevOps Kit of #Azure to Secure your Cloud #Security

Overview The “Secure DevOps Kit for Azure” (will be referred to as ‘AzSDK’ henceforth) is a collection of scripts, tools, extensions, automations, etc. that caters to the end to end Azure subscription and resource security needs for dev ops teams ... continue reading
Use Group Policy Preferences to Manage the Local Administrator Group

Use Group Policy Preferences to Manage the Local Administrator Group

Hello Everyone! Graeme Bray back with you today to talk about how you can reduce the audit and risk surface within your environment. If you can’t tell, Microsoft has taken a strong stance towards security. In a previous life, I ... continue reading

PowerShell Constrained Language Mode

PowerShell Constrained Language Mode What is PowerShell Constrained Language? PowerShell Constrained Language is a language mode of PowerShell designed to support day-to-day administrative tasks, yet restrict access to sensitive language elements that can be used to invoke arbitrary Windows APIs ... continue reading

Defending Against PowerShell Attacks

The security industry is ablaze with news about how PowerShell is being used by both commodity malware and attackers alike. Surely there’s got to be a way to defend yourself against these attacks! There absolutely is. PowerShell is – by ... continue reading
Loading...