Hey folks, Ned here again with another guest post. Today we discuss hardening the SMB protocol in Windows against interception attacks, previously referred to as “Man-in-the-Middle” attacks. As you know, interception attacks involve manipulating communications between client and server. An ... continue reading

As a follow up to our previous post on VMware and Hyper-V Working Together, VMware has released a version of VMware Workstation that works with the Windows Hypervisor Platform (WHP). This release adds support for VMware Workstation running side by ... continue reading

Gaining kernel privileges by taking advantage of legitimate but vulnerable kernel drivers has become an established tool of choice for advanced adversaries. Multiple malware attacks, including RobbinHood, Uroburos, Derusbi, GrayFish, and Sauron, and campaigns by the threat actor STRONTIUM, have ... continue reading

Hello everyone, my name is Daniel Metzger and I am a Senior Premier Field Engineer for Secure Infrastructure based in Switzerland. Lately I have done quite a few Public Key Infrastructure (PKI) migrations for customers mostly because their certification authorities ... continue reading

Hello everyone, my name is Daniel Metzger and I am a Senior Premier Field Engineer for Secure Infrastructure based in Switzerland. In this post, I am going to show you how to use a minimal set of Group Policy objects ... continue reading

Summary: Easily identify if Credential Guard is enabled using the Get-ComputerInfo Cmdlet in Windows 10 Question: Hey Doctor Scripto, how can I tell if CredentialGuard has been enabled on my Windows 10 computer? Answer: Just use the Get-ComputerInfo Cmdlet and ... continue reading

Recent developments in security research and real-world attacks demonstrate that as more protections are proactively built into the OS and in connected services, attackers are looking for other avenues of exploitation with firmware emerging as a top target. In the ... continue reading

Yesterday VMware demonstrated a pre-release version of VMware Workstation with early support for the Windows Hypervisor Platform in the What's New in VMware Fusion and VMware Workstation session at VMworld. In Windows 10 we have introduced many security features that ... continue reading

First published on TECHNET on Apr 24, 2017 [This blog post was originally published at: https://blogs.technet.microsoft.com/hybridcloud/2017/04/11/rest-easy-with-regulatory-compliance-in-windows-server-2016/] Last month we learned that Windows Server 2016 has achieved Common Criteria certification for the General Purpose OS protection profile. This international standard is ... continue reading

First published on TECHNET on Feb 21, 2017 Credential guard protects the credential derivatives like NTLM hash and Kerberos tickets; this TechNet article has a very detailed explanation as well as deployment guidelines. There was a recent change in this ... continue reading