Select Page
How to Defend Users from Interception Attacks via SMB Client Defense

How to Defend Users from Interception Attacks via SMB Client Defense

Hey folks, Ned here again with another guest post. Today we discuss hardening the SMB protocol in Windows against interception attacks, previously referred to as “Man-in-the-Middle” attacks. As you know, interception attacks involve manipulating communications between client and server. An ... continue reading

VMware Workstation and Hyper-V

As a follow up to our previous post on VMware and Hyper-V Working Together, VMware has released a version of VMware Workstation that works with the Windows Hypervisor Platform (WHP). This release adds support for VMware Workstation running side by ... continue reading
Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks

Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks

Gaining kernel privileges by taking advantage of legitimate but vulnerable kernel drivers has become an established tool of choice for advanced adversaries. Multiple malware attacks, including RobbinHood, Uroburos, Derusbi, GrayFish, and Sauron, and campaigns by the threat actor STRONTIUM, have ... continue reading
Building the Totally Network Isolated Root Certification Authority

Building the Totally Network Isolated Root Certification Authority

Hello everyone, my name is Daniel Metzger and I am a Senior Premier Field Engineer for Secure Infrastructure based in Switzerland. Lately I have done quite a few Public Key Infrastructure (PKI) migrations for customers mostly because their certification authorities ... continue reading
Initially Isolate Tier 0 Assets with Group Policy to Start Administrative Tiering

Initially Isolate Tier 0 Assets with Group Policy to Start Administrative Tiering

Hello everyone, my name is Daniel Metzger and I am a Senior Premier Field Engineer for Secure Infrastructure based in Switzerland. In this post, I am going to show you how to use a minimal set of Group Policy objects ... continue reading
A picture containing scissors Description automatically generated

PowerTip: Identify if CredentialGuard is enabled with Windows PowerShell

Summary: Easily identify if Credential Guard is enabled using the Get-ComputerInfo Cmdlet in Windows 10 Question: Hey Doctor Scripto, how can I tell if CredentialGuard has been enabled on my Windows 10 computer? Answer: Just use the Get-ComputerInfo Cmdlet and ... continue reading
Microsoft and partners design new device security requirements to protect against targeted firmware attacks

Microsoft and partners design new device security requirements to protect against targeted firmware attacks

Recent developments in security research and real-world attacks demonstrate that as more protections are proactively built into the OS and in connected services, attackers are looking for other avenues of exploitation with firmware emerging as a top target. In the ... continue reading
IMG_0566.jpg

VMware Workstation and Hyper-V – Working Together

Yesterday VMware demonstrated a pre-release version of VMware Workstation with early support for the Windows Hypervisor Platform in the What's New in VMware Fusion and VMware Workstation session at VMworld. In Windows 10 we have introduced many security features that ... continue reading

Rest easy with regulatory compliance in Windows Server 2016

First published on TECHNET on Apr 24, 2017 [This blog post was originally published at: https://blogs.technet.microsoft.com/hybridcloud/2017/04/11/rest-easy-with-regulatory-compliance-in-windows-server-2016/] Last month we learned that Windows Server 2016 has achieved Common Criteria certification for the General Purpose OS protection profile. This international standard is ... continue reading

Why you should not enable Credential Guard on Domain Controllers?

First published on TECHNET on Feb 21, 2017 Credential guard protects the credential derivatives like NTLM hash and Kerberos tickets; this TechNet article has a very detailed explanation as well as deployment guidelines. There was a recent change in this ... continue reading