In the past, we left defining the security configuration for Windows 10 as a task for every customer to sort out. As a result, we saw as many different configurations as we saw customers. Standardization has many advantages, so we ... continue reading

If you use PowerShell on-premises, chances are good you use PSRemoting (or PowerShell Remoting). It allows you to manage systems using remoting tools like Enter-PSSession and Invoke-Command. When you move to Azure, you have similar tooling available when you enable ... continue reading

In early March, we discovered a cyberattack that used an exploit for CVE-2018-20250, an old WinRar vulnerability disclosed just several weeks prior, and targeted organizations in the satellite and communications industry. A complex attack chain incorporating multiple code execution techniques ... continue reading

The “Top 10 actions to secure your environment” series outlines fundamental steps you can take with your investment in Microsoft 365 security solutions. In “Step 8. Protect your documents and email,” you’ll learn how to deploy Azure Information Protection and ... continue reading

In the month of February, we saw an average of 300,000 phishing attempts across Microsoft’s browsing platforms daily. Our security experts expect these attempted scams to become increasingly more prevalent through the April 15 Tax Day, especially in the two ... continue reading

This series outlines the most fundamental steps you can take with your investment in Microsoft 365 security solutions. In “Step 7. Discover shadow IT and take control of cloud apps,” you’ll learn how to set up Microsoft Cloud App Security ... continue reading

With Microsoft continuously improving kernel mitigations and raising the bar for exploiting native kernel components, third-party kernel drivers are becoming a more appealing target for attackers and an important area of research for security analysts. A vulnerability in a signed ... continue reading

First published on TECHNET on Apr 30, 2018 After running the PAW TAP program on the solution explained in this blogpost , I received tons of interests and great feedback. While the team is investigating on a plan, a lot ... continue reading

First published on TECHNET on Mar 10, 2018 After Windows Defender Application Control (WDAC, formerly known as Code Integrity) was released in Windows Server 2016, I wrote a blog post on it, it was a very effective way to do ... continue reading

First published on TECHNET on Oct 17, 2017 Continuing with the PAW series, in this blog post, I'd like to share the details of what we are planning to configure the host. I'd love to hear your thoughts, feedback about ... continue reading