Select Page

Adopting guidance from the US National Cybersecurity Strategy to secure the Internet of Things

The recently published United States National Cybersecurity Strategy warns that many popular Internet of Things (IoT) devices are not sufficiently secure to protect against many of today’s common cybersecurity threats.1 The strategy also cautions that many of these IoT devices ... continue reading
The care and feeding of Azure Arc for Servers

The care and feeding of Azure Arc for Servers

Microsoft Azure has a great set of capabilities for managing non-Azure based servers, including monitoring, policy evaluation, inventory and change tracking, and security tools. Access to those services for non-Azure servers may be via Azure Arc – specifically installation of ... continue reading

Bitlocker is not resuming after reboot count has been reached

Hi,   I'm Helmut Wagensonner, a Cloud Solution Architect Engineer at Microsoft. Recently, I ran into an unexpected Bitlocker behavior at a customer. It turned out that this behavior is on purpose so I thought I let you know about ... continue reading
Annotated screenshot of file information showing modification dates and file names matching BlackLotus-associated files.

Guidance for investigating attacks using CVE-2022-21894: The BlackLotus campaign

This guide provides steps that organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2022-21894 via a Unified Extensible Firmware Interface (UEFI) bootkit called BlackLotus. UEFI bootkits are particularly dangerous as they run ... continue reading
Microsoft-logo-flag only.JPG

Check This Out! (CTO!) Guide (March 2023)

  Hi everyone! Brandon Wilson here once again with this month’s “Check This Out!” (CTO!) guide. These posts are only intended to be your guide, to lead you to some content of interest, and are just a way we are ... continue reading
msfoxworks_1-1679040500807.png

Change Configuration Manager Site Server OS – In-place Upgrade Reference

Hello!   My name is Herbert Fuchs and together with other members of the Customer Success Unit and the Customer Service & Support Organization we want to help our Customers with This Blog-Series. We gathered information and put our field ... continue reading
Paddy_D_0-1659736274514.png

Modernizing Endpoint Management – Encryption – Part 1

Introduction: We understand the benefits of modernizing endpoint management using Microsoft Endpoint Manager (MEM) for both physical and virtual endpoints (W365). We see organizations of different types & sizes are in different phases in their cloud journey. There are businesses ... continue reading
Infection chain describing the usual tactics and techniques used by DEV-0270 actor group.

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

Microsoft threat intelligence teams have been tracking multiple ransomware campaigns and have tied these attacks to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS. Microsoft assesses with moderate confidence that DEV-0270 conducts malicious network operations, including ... continue reading
PaddyDamodharan_14-1660355299530.png

Modernizing Endpoint Management – Encryption – Part 2

Introduction: In part 1, we saw how to use MEM portal to view and recover Bitlocker recovery keys for ConfigMgr clients that are tenant attached. In part 2 of this blog, we will see how to migrate Bitlocker keys to ... continue reading
Paddy_D_0-1659736274514.png

Modernizing Endpoint Management – Encryption – Part1

Introduction: We understand the benefits of modernizing endpoint management using Microsoft Endpoint Manager (MEM) for both physical and virtual endpoints (W365). We see organizations of different types & sizes are in different phases in their cloud journey. There are businesses ... continue reading