Select Page
Image from scenario one: Ransomware

Rethinking cyber scenarios—learning (and training) as you defend

In two recent posts I discussed with Circadence the increasing importance of gamification for cybersecurity learning and how to get started as a practitioner while being supported by an enterprise learning officer or security team lead. In this third and ... continue reading
JB Hunt truck, linking to video

Turning to a new chapter of Windows Server innovation

Today, January 14, 2020, marks the end of support for Windows Server 2008 and Windows Server 2008 R2. Customers loved these releases, which introduced advancements such as the shift from 32-bit to 64-bit computing and server virtualization. While support for ... continue reading
Threat hunting in Azure Advanced Threat Protection (ATP)

Threat hunting in Azure Advanced Threat Protection (ATP)

As members of Microsoft’s Detection and Response Team (DART), we’ve seen a significant increase in adversaries “living off the land” and using compromised account credentials for malicious purposes. From an investigation standpoint, tracking adversaries using this method is quite difficult ... continue reading
Image of security workers in an office.

CISO series: Lessons learned from the Microsoft SOC—Part 3b: A day in the life

The Lessons learned from the Microsoft SOC blog series is designed to share our approach and experience with security operations center (SOC) operations. We share strategies and learnings from our SOC, which protects Microsoft, and our Detection and Response Team ... continue reading
Mobile threat defense and intelligence are a core part of cyber defense

Mobile threat defense and intelligence are a core part of cyber defense

The modern workplace is a mobile workplace. Today’s organizations rely on mobility to increase productivity and improve the customer experience. But the proliferation of smartphones and other mobile devices has also expanded the attack surface of roughly 5 billion mobile ... continue reading
Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks

Data science for cybersecurity: A probabilistic time series model for detecting RDP inbound brute force attacks

Computers with Windows Remote Desktop Protocol (RDP) exposed to the internet are an attractive target for adversaries because they present a simple and effective way to gain access to a network. Brute forcing RDP, a secure network communications protocol that ... continue reading
A diagram showing the recommended migration paths for Windows Server Roles

Protect workloads still running on Windows Server 2008 and 2008 R2

Over the last couple of years, we havesharedwhy it is business critical to migrate and upgrade apps and services running on Windows Server 2008 and 2008 R2. As you are aware, on January 14th, 2020, support for Windows Server 2008 ... continue reading
Hyper-V for Developers on Windows 10

Hyper-V for Developers on Windows 10

Hyper-V is more known as a server virtualization technology; however, since Windows 8, it is also available in the client operating system. In Windows 10, Microsoft improved the experience drastically to make Hyper-V an excellent solution for developers and IT ... continue reading
clipboard_image_4.png

Hyper-V Powering Windows Features

December 2019 Hyper-V is Microsoft’s hardware virtualization technology that initially released with Windows Server 2008 to support server virtualization and has since become a core component of many Microsoft products and features. These features range from enhancing security to empowering ... continue reading
Multi-stage downloader Trojan sLoad abuses BITS almost exclusively for malicious activities

Multi-stage downloader Trojan sLoad abuses BITS almost exclusively for malicious activities

Many of today’s threats evolve to incorporate as many living-off-the-land techniques as possible into the attack chain. The PowerShell-based downloader Trojan known as sLoad, however, puts all its bets on BITS. Background Intelligent Transfer Service (BITS) is a component of ... continue reading