Select Page
A diagram of the attack chain. It presents the flow of activity from left to right, starting with the attacker gaining access to its target tenant and leading to spam messages being sent to targets.

Malicious OAuth applications used to compromise email servers and spread spam

Microsoft researchers recently investigated an attack where malicious OAuth applications were deployed on compromised cloud tenants and then used to control Exchange servers and spread spam. The investigation revealed that the threat actor launched credential stuffing attacks against high-risk accounts ... continue reading
SMB authentication rate limiter now on by default in Windows Insider

SMB authentication rate limiter now on by default in Windows Insider

Heya folks, Ned here again. Back in the spring of 2022 we released a new SMB preview feature: the SMB authentication rate limiter. It is available in Windows 11 Insider and Windows Server Insider builds. IT staff often enable access to the SMB server service ... continue reading
Diagram explaining the threat hunting cycle.

The art and science behind Microsoft threat hunting: Part 2

We discussed Microsoft Detection and Response Team’s (DART) threat hunting principles in part 1 of The art and science behind Microsoft threat hunting blog series. In this follow-up post, we will talk about some general hunting strategies, frameworks, tools, and ... continue reading
Two graphs showing that 39 percent of incidents were detected by Microsoft Defender for Cloud, while 23 percent were detected by Microsoft Sentinel.

Secure your endpoints with Transparity and Microsoft

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA.  Endpoint protection platforms (EPPs) are dead and no longer sufficient to protect your organization, right? Wrong. When it comes to cybersecurity, the ... continue reading
PaC-Deploy-Scripts.png

Azure Enterprise Policy as Code – A New Approach

We work closely with customers using Azure Policy and have seen many different methods of deploying and maintaining it, from manual to over-complicated automated methods, everyone has a unique way of doing it. This code was developed to make policy ... continue reading
BrandonWilson_1-1662757157500.png

Check This Out! (CTO!) Guide (August 2022)

  Hi everyone! Brandon Wilson here once again with this month’s “Check This Out!” (CTO!) guide.   These posts are only intended to be your guide, to lead you to some content of interest, and are just a way we ... continue reading
Paddy_D_0-1659736274514.png

Modernizing Endpoint Management – Encryption – Part 1

Introduction: We understand the benefits of modernizing endpoint management using Microsoft Endpoint Manager (MEM) for both physical and virtual endpoints (W365). We see organizations of different types & sizes are in different phases in their cloud journey. There are businesses ... continue reading
fbinotto_0-1662504725093.png

Fun with Azure VPN

Introduction   Hi folks! My name is Felipe Binotto, Cloud Solution Architect, based in Australia. I decided to make this post for a couple reasons. The first reason is to demonstrate how you can quickly build a hub between your ... continue reading
Say goodbye to unmanaged Azure AD accounts for B2B collaboration

Say goodbye to unmanaged Azure AD accounts for B2B collaboration

Hello friends,    Today I’m announcing the end of unmanaged (“viral”) accounts for B2B collaboration in Azure Active Directory (Azure AD), part of Microsoft Entra. This has been a major pain point for many customers, contributing to increased support costs, ... continue reading
varghesejoji_1-1659711460733.png

Upgrading AKS Using REST API

Introduction   This blog covers the usage of Microsoft.ContainerService REST APIs to demonstrate upgrade options on an AKS cluster. It also goes through the authentication setup to call these APIs using POSTMAN and we also look at options using CURL ... continue reading