Select Page
Open Source XDP for Windows

Open Source XDP for Windows

XDP (eXpress Data Path) is a high performance, programmable network data path that is already a Linux Kernel project with a significant community (Google, Amazon, Intel, Mellanox, etc.) around it. “XDP for Windows” is our new open source XDP interface ... continue reading
Figure 1 displays a diagram depicting a typical attack flow for XorDdos malware. The attacker communicates with a bot to SSH brute force a target device and download XorDdos. The malware then performs several techniques for evasion and persistence before connecting with the attacker's C2 server to send data and receive commands.

Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices

In the last six months, we observed a 254% increase in activity from a Linux trojan called XorDdos. First discovered in 2014 by the research group MalwareMustDie, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers as ... continue reading
Docker Host network alternatives for Windows containers

Docker Host network alternatives for Windows containers

One of the things I like to do on my spare time is browse around forums, such as Reddit, Stack Overflow, and others, to check on questions people have around Windows containers that are not showing up on comments or ... continue reading
WillAftring_0-1651759798268.png

Introduction to Network Trace Analysis Part 0: Laying the Groundwork

Hi everyone, this is Will Aftring again with the Windows Debug team, here to lay the groundwork for a new series on how to get started with network trace analysis. This is not an introduction to networking. Many of the networking ... continue reading
2022-04-19_09-59-54.png

SMB1 now disabled by default for Windows 11 Home Insiders builds

Heya folks, Ned here again. I have a pretty big announcement: we've started the final phase of disabling SMB1 in Windows. As you probably know, we began shipping Windows 10 and Windows Server with SMB1 not installed by default in ... continue reading
An open road with text overlay stating “Honor the past, be honest about the present, and hope for the future.”

A clearer lens on Zero Trust security strategy: Part 1

Today’s world is flooded with definitions and perspectives on Zero Trust, so we are kicking off a blog series to bring clarity to what Zero Trust is and what it means. This first blog will draw on the past, present, ... continue reading
The Microsoft vulnerable driver blocklist feature enabled in the Core isolation page within the Windows Security app.

New security features for Windows 11 will help protect hybrid work

Attackers haven’t wasted any time capitalizing on the rapid move to hybrid work. Every day cybercriminals and nation-states alike have improved their targeting, speed, and accuracy as the world adapted to working outside the office. These changes have put “cybersecurity ... continue reading
Microsoft Defender for Cloud Dashboard featuring security posture chart, Firewall manage, regulatory compliance status, and workload protections.

3 steps to secure your multicloud and hybrid infrastructure with Azure Arc

As businesses around the world grapple with the growth of an industrialized, organized attacker ecosystem, the need for customers to secure multicloud and hybrid infrastructure and workloads is increasingly urgent. Today, organizations face an attacker ecosystem that is highly economically ... continue reading
Two phones displaying a woman's driver license. First image shares all information on the card. Second image only shares the name and age.

Why decentralization is the future of digital identities

Our identity is increasingly becoming digitized—more of our hard copy credentials are converting into digital formats. We use these digital credentials to work, learn, play, socialize, shop, and consume services online and offline every day. It’s so convenient and expected ... continue reading
Azure Resource Graph Explorer Window with query and results, to demonstrate fetching data from the HealthResources table.

Advancing Azure Virtual Machine availability monitoring with Project Flash

“As we head into the fourth calendar year of the Advancing Reliability blog series, empowering organizations to run their workloads reliably on Azure remains one of our top priorities. We continually invest in evolving the Azure platform to help achieve ... continue reading