Select Page
Table showing differences between phishing kits and phishing-as-a-service

Catching the big fish: Analyzing a large-scale phishing-as-a-service operation

In researching phishing attacks, we came across a campaign that used a rather high volume of newly created and unique subdomains—over 300,000 in a single run. This investigation led us down a rabbit hole as we unearthed one of the ... continue reading
Image demonstrating process to start utilizing Valimail Authenticate.

Get free DMARC visibility with Valimail Authenticate and Microsoft Office 365

This blog post is part of the Microsoft Intelligent Security Association guest blog series. Learn more about MISA. Phishing and email spoofing not only erode brand trust but also leave recipients vulnerable to financial loss and serious invasions of privacy. These tactics have ... continue reading
wernerrall_0-1628083927509.png

Azure & Desired State Configuration Part 3/4

Scenario In Part 1 and Part 2 we saw how we could deploy a web server on a new VM in using a Desired State Configuration file using Azure Devops and even The Azure Portal. The next section will describe ... continue reading
Step by step: Adding multiple IP addresses to an Azure Virtual Machine with PowerShell

Step by step: Adding multiple IP addresses to an Azure Virtual Machine with PowerShell

When creating a new Azure virtual machine using the Azure portal, you can create and assign a static public IP address to it, but what if you need it to have more than one? In this article, we'll use PowerShell ... continue reading
Attack flow for Mozi botnet.

How to proactively defend against Mozi IoT botnet

Mozi is a peer-to-peer (P2P) botnet that uses a BitTorrent-like network to infect IoT devices such as network gateways and digital video records (DVRs). It works by exploiting weak telnet passwords1 and nearly a dozen unpatched IoT vulnerabilities2 and it’s ... continue reading
Diagram showing chain of attacks from the LemonDuck and LemonCat infrastructure, detailing specific attacker behavior common to both and highlight behavior unique to each infra

When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks

[Note: In this two-part blog series, we expose a modern malware infrastructure and provide guidance for protecting against the wide range of threats it enables. Part 1 covered the evolution of the threat, how it spreads, and how it impacts ... continue reading
TelemetryFinal.gif

Log Sensor & Telemetry Services in Isolated Network

Dear IT Pros, We knew that it is normal for Domain Controller and critical servers to be in isolated network without internet access. How could we provide the cloud-based, Azure log analytic services for these objects? The services could originate ... continue reading
CNO-DNN.png

Failover Clustering in Azure

Azure is a cloud computing platform with an ever-expanding set of services to help you build solutions to meet your business goals. Azure services range from simple web services for hosting your business presence in the cloud to running fully ... continue reading
WAftring_0-1625249038859.png

Diagnosing Network Isolation Issues

Hi all, Will Aftring here from Windows Networking Support. I wanted to chat about how Network Isolation interacts with Universal Windows Platform (UWP) applications and how / why you may want to alter some of these settings in respect to ... continue reading
Windows Insiders gain new DNS over HTTPS controls

Windows Insiders gain new DNS over HTTPS controls

Credit and thanks to Alexandru Jercaianu and Vladimir Cernov for implementation work Over the last year, we have been improving the DNS over HTTPS (DoH) functionality in the Windows DNS client. Now we are pleased to introduce you to the ... continue reading