Select Page

Solving one of NOBELIUM’s most novel attacks: Cyberattack Series

Our story begins with eight Microsoft Detection and Response Team (DART) analysts gathered around a customer’s conference room to solve a cybersecurity mystery. Joined by members of the customer’s cybersecurity team, they were there to figure out how a Russia-based ... continue reading
TLS

Secure your application traffic with Application Gateway mTLS

I am happy to share that Azure Application Gateway now supports mutual transport layer security (mTLS) and online certificate status protocol (OCSP). This was one of the key questions from our customers as they were looking for more secure communication ... continue reading
Graphic detailing three different waves of identity attacks. First is password attacks, which consist of breach replay, password spray, and phishing. Next is multifactor authentication attacks, which includes SIM-jacking, multifactor authentication fatigue, adversary in the middle. Third is post-authentication attacks, including token theft and consent phishing.

2023 identity security trends and solutions from Microsoft

Welcome to 2023! I wanted to kick this year off by having a quick look at the trends in identity security, what you can do about it, and what Microsoft is doing to help you. One of the things we ... continue reading
Bar graph showing showing how password-related attacks have been constantly growing between 2018 and 2022.

​​Microsoft Entra: 5 identity priorities for 2023

Welcome to 2023. After the pandemic upended how we work, learn, play, and manage our lives, we find ourselves more connected than ever, with more convenient access to an ever-wider range of online tools and experiences. But as our global ... continue reading
hewagen_0-1671804677570.png

Windows 10 or Windows 11 GPO ADMX – An Update

Hi community,   I am Helmut Wagensonner, a Cloud Solution Architect – Engineer at Microsoft. In a former blog (https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/windows-10-or-windows-11-gpo-admx-which-one-to-use-for-your/ba-p/3063322), where I did a comparison between Windows 10 and Windows 11 ADMX files, I promised in my comments to do ... continue reading
End user passwordless utopia

End user passwordless utopia

With all the different technologies available in Azure and Azure Active Directory (Azure AD), it’s easy to miss the bigger picture and how they all play into the end user experience.  This includes:  Azure AD Multifactor authentication (MFA) Passwordless authentication ... continue reading
This depicts a woman sitting at a desk. She is facing the reader, but she's smiling at someone (unpictured) in the distance.

Microsoft Azure CLX: A personalized program to learn Azure

The rise of cloud computing has created demand for proven cloud experts. That’s why we’ve launched the Microsoft Azure Connected Learning Experience (CLX) program, designed to help aspiring learners and IT professionals become Microsoft Azure cloud pros. CLX is a ... continue reading
5 tips for IIS on containers: #4 Solving for Horizontal Scale

5 tips for IIS on containers: #4 Solving for Horizontal Scale

Fourth up in this blog series!  Solving for Horizontal Scale with IIS and Containers.   Make sure to check out the other topics in the blog on SSL certificate lifecycle management, IIS app pools and websites and Hardcoded configurations Azure Kubernetes Service Since each node on ... continue reading
5 tips for IIS on containers: #3 Hardcoded configuration

5 tips for IIS on containers: #3 Hardcoded configuration

We’re getting into the third topic of our blog post series about IIS on Windows containers. In case you missed, check out the blog on SSL certificate lifecycle management and IIS app pools and websites. Today, we’re covering hardcoded configurations ... continue reading
Screenshot of a BATLOADER landing site that poses as a TeamViewer website hosting a fake installer.

DEV-0569 finds new ways to deliver Royal ransomware, various payloads

Recent activity from the threat actor that Microsoft tracks as DEV-0569, known to distribute various payloads, has led to the deployment of the Royal ransomware, which first emerged in September 2022 and is being distributed by multiple threat actors. Observed ... continue reading