Select Page
1.png

Windows 10 or Windows 11 GPO ADMX – Which one to use for your central store?

Hi community, My name is Helmut Wagensonner. I’m a Customer Engineer at Microsoft and this blog should help you to understand, which Administrative Templates (admx) to choose for your Windows 11 / Windows 10 mixed environment. Remember how it was ... continue reading
Screenshot of Threat and Vulnerability Management

Guidance for preventing, detecting, and hunting for CVE-2021-44228 Log4j 2 exploitation

Microsoft’s unified threat intelligence team, comprising the Microsoft Threat Intelligence Center (MSTIC), Microsoft 365 Defender Threat Intelligence Team, RiskIQ, and the Microsoft Detection and Response Team (DART), among others, have been tracking threats taking advantage of CVE-2021-44228, a remote code ... continue reading
Azure Security product name changes – Microsoft Ignite November 2021

Azure Security product name changes – Microsoft Ignite November 2021

Do you remember that on release in Feb 2010, Azure was known as Windows Azure? It took four years before it was renamed to Microsoft Azure, to more accurately reflect that it wasn’t just for Windows workloads. This November, some ... continue reading
Step-by-Step Guide: Active Directory Migration from Windows Server 2008 R2 to Windows Server 2022

Step-by-Step Guide: Active Directory Migration from Windows Server 2008 R2 to Windows Server 2022

Windows Server 2008 and Windows Server 2008 R2 Operating system reached the end of their support cycle on the 14th of January 2020. Because of this many organizations wanted to migrate away from these legacy operating systems. End-of-life operating systems ... continue reading
Timeline showing the transition from Global pre-Covid onsite work for Microsoft employees beginning at around 100,000 employees entering Microsoft buildings in January 2020 and falling to around 30,000 employees by August of 2021.

New insights on cybersecurity in the age of hybrid work

As we approach the last week of Cybersecurity Awareness Month, I think about what is top of mind for myself and my peers in security. The past year has continued the 2020s major shift in the way organizations operate. Recent ... continue reading
Making DoH Discoverable: Introducing DDR

Making DoH Discoverable: Introducing DDR

Credit and thanks to Alexandru Jercaianu for implementation work DNS over HTTPS (DoH) in the DNS client exited preview and became a supported feature with the Windows Server 2022 and Windows 11 releases. Unlike plain-text DNS, DoH requires a template ... continue reading
Microsoft Sysinternals report in VirusTotal.

New Microsoft Sysmon report in VirusTotal improves security

Today, following the 25th year anniversary of Microsoft Sysinternals, we are announcing the general availability of a new Microsoft Sysmon report in VirusTotal. Whether you’re an IT professional or a developer, you’re probably already using Microsoft Sysinternals utilities to help you ... continue reading
Customized property permission = ExtendedRights in ActiveDirectoryRights

Understanding Get-ACL and AD Drive Output

Understanding Active Directory ACL using PowerShell can be a bit tricky. There are no out-of-the-box cmdlets with ActiveDirectory PowerShell module to help in settings the permission quickly. While there are no cmdlets, you can nevertheless manage AD permissions using the ... continue reading
Table showing differences between phishing kits and phishing-as-a-service

Catching the big fish: Analyzing a large-scale phishing-as-a-service operation

In researching phishing attacks, we came across a campaign that used a rather high volume of newly created and unique subdomains—over 300,000 in a single run. This investigation led us down a rabbit hole as we unearthed one of the ... continue reading
AZ-800 Study Guide: Administering Windows Server Hybrid Core Infrastructure

AZ-800 Study Guide: Administering Windows Server Hybrid Core Infrastructure

In this exam guide you’ll see which MS Learn modules map against exam functional groups and which docs.microsoft.com articles map against specific exam objective items for the AZ-800 Administering Windows Server Hybrid Core Infrastructure exam. This exam is required for ... continue reading