Microsoft Cloud Library

As we all know, the cloud paradigm shifts in IT continue. When I worked in corporate IT - heck, when I started blogging out here - on-prem was really all there was. Active Directory, GPOs and WINS were all the ... continue reading

Microsoft uncovered high-severity vulnerabilities in a mobile framework owned by mce Systems and used by multiple large mobile service providers in pre-installed Android System apps that potentially exposed users to remote (albeit complex) or local attacks. The vulnerabilities, which affected ... continue reading

Hello folks, After a discussion with a customer where they were expressing their “displeasure” with the number of alert notifications that the IT department was receiving from environments that were not critical but still in need of monitoring. I started ... continue reading

On April 24, 2022, a privilege escalation hacking tool, KrbRelayUp, was publicly disclosed on GitHub by security researcher Mor Davidovich. KrbRelayUp is a wrapper that can streamline the use of some features in Rubeus, KrbRelay, SCMUACBypass, PowerMad/SharpMad, Whisker, and ADCSPwn ... continue reading

Today, I am so incredibly excited to announce that we’re beginning the rollout of security defaults to existing Microsoft customers who haven’t yet rolled out security defaults or Azure AD Conditional Access. The Identity security team blocks tens of millions ... continue reading

Microsoft is committed to the responsible advancement of AI to enable every person and organization to achieve more. Over the last few months, we have talked about advancements in our Azure infrastructure, Azure Cognitive Services, and Azure Machine Learning to ... continue reading

Microsoft is committed to the responsible advancement of AI to enable every person and organization to achieve more. Over the last few months, we have talked about advancements in our Azure infrastructure, Azure Cognitive Services, and Azure Machine Learning to ... continue reading

Based upon your feedback, you can now offset monthly maintenance window schedules to better align deployments with the release of monthly security updates. For example, using an offset of two days after the second Tuesday of the month, sets the ... continue reading

XDP (eXpress Data Path) is a high performance, programmable network data path that is already a Linux Kernel project with a significant community (Google, Amazon, Intel, Mellanox, etc.) around it. “XDP for Windows” is our new open source XDP interface ... continue reading

I am excited and energized to present to you a codefest on the Microsoft Identity Platform. The solutions for a secure, diverse, and inclusive future require different perspectives, fresh ideas, and new voices. We look forward to seeing many of ... continue reading

To be completely honest, in the past I didn't pay attention to MSBuild it was MSIgnite that I paid attention to or attended. My background is Infrastructure, if I code it's some PowerShell but hey that can mean you are ... continue reading

Welcome to Microsoft Build, the event that’s all about celebrating the developer community! The work you do has the power to transform entire industries and keep critical businesses and services running through innovative solutions and applications. I couldn’t be more ... continue reading

Developers are essential to the world we live in today, and the work you do is critical to powering organizations in every industry. Every developer and development team brings new ideas and innovation. Our ambition with the Microsoft Cloud and ... continue reading

Developers are essential to the world we live in today, and the work you do is critical to powering organizations in every industry. Every developer and development team brings new ideas and innovation. Our ambition with the Microsoft Cloud and ... continue reading

We are moving to a world where every application needs to be intelligent and adaptive to real-time model learning. As businesses build modern data capabilities, they must make decisions at the speed of human thought. Developers are challenged by this, ... continue reading

Amplification attacks are one of the most common distributed denial of service (DDoS) attack vectors. These attacks are typically categorized as flooding or volumetric attacks, where the attacker succeeds in generating more traffic than the target can process, resulting in ... continue reading

“Compliance is all about risk management and lessening risk, and the same is true of Zero Trust.” —Abbas Kudrati Risk management, the process of developing a strategy for addressing risk throughout its lifecycle, normally involves four phases: risk identification, assessment, ... continue reading

Microsoft security researchers recently observed that web skimming campaigns now employ various obfuscation techniques to deliver and hide skimming scripts. It’s a shift from earlier tactics where attackers conspicuously injected malicious scripts into e-commerce platforms and content management systems (CMSs) ... continue reading

Hi, Jonas here! Or as we say in the north of Germany: "Moin Moin!" I’m a Microsoft Senior Customer Engineer with a broad spectrum of interests. Due to recent events multiple customers have questioned their infrastructure security concept and approached me with ... continue reading

In the last six months, we observed a 254% increase in activity from a Linux trojan called XorDdos. First discovered in 2014 by the research group MalwareMustDie, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers as ... continue reading

Data is the lifeblood of any organization. Whether you’re a Chief Information Security Officer (CISO) or aspiring to become one, protecting sensitive business data will be your main priority. But the job isn’t getting any easier. In 2021, the number ... continue reading

One of the things I like to do on my spare time is browse around forums, such as Reddit, Stack Overflow, and others, to check on questions people have around Windows containers that are not showing up on comments or ... continue reading

Hello! I’m Sue Bohn, Microsoft Vice President of Program Management for Identity and Network Access. In this Voice of the ISV blog post, Jeremy Goldstein, Product Marketing Manager, and David Baldwin, Director of Product Management at SentinelOne, explain how Singularity ... continue reading

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. The acceleration of cloud journeys fueled by the pandemic and ever-increasing concerns about data security and information privacy have made access management ... continue reading

The steep rise in cryptocurrency market capitalization, not surprisingly, mirrors a marked increase in threats and attacks that target or leverage cryptocurrencies. But Microsoft researchers are observing an even more interesting trend: the evolution of related malware and their techniques, ... continue reading

Hello ladies and gentlemen, How many times have you found yourself in the need of monitoring a custom KPI? How many times did you need to react to a situation in which a given number of records in a database ... continue reading

It has been three years since SAP Sapphire last occurred in person, and I was thrilled to meet with our customers and partners again this week. As SAP Sapphire comes to a close, I am taking a moment to reflect ... continue reading

On September 9th, 2021, Microsoft announced the general availability of Zone-Redundant Storage (ZRS) for Azure Disk Storage, including Azure Shared Disk. What makes this interesting is that you can now build shared storage based failover cluster instances that span Availability ... continue reading

When working with Infrastructure as Code (IaC) it’s difficult to know sometimes where to start. You have a couple of options, go to the Terraform on Azure documentation, then figure out how to write some Terraform templates. Or you can ... continue reading

The MITRE Center for Threat-Informed Defense, Microsoft, and other industry partners collaborated on a project that created a repeatable methodology for developing a top MITRE ATT&CK® techniques list. The method aims to facilitate navigation of the ATT&CK framework, which could ... continue reading