Select Page
nsis-old-vs-new

Ransomware operators are hiding malware deeper in installer packages

We are seeing a wave of new NSIS installers used in ransomware campaigns. These new installers pack significant updates, indicating a collective move by attackers to once again dodge AV detection by changing the way they package malicious code. These ... continue reading
cloud-based-storage-management

StorSimple in CSP

In February a long-awaited Azure solution - virtual StorSimple - became available for all CSP partners. Azure StorSimple is a Hybrid Storage solution from Microsoft. It can be deployed as a physical device or as a virtual appliance, and it ... continue reading

Loading files from Azure Blob Storage into Azure SQL Database

Azure SQL Database enables you to directly load files stored on Azure Blob Storage using the BULK INSERT T-SQL command and OPENROWSET function. WITH (DATA_SOURCE = 'MyAzureBlobStorageAccount'); BULK INSERT is existing command in T-SQL language that enables you to load files from file system into a table.continue reading
ORCA_Banner

(Part 1) Windows Server 2016 – Shielded Virtual Machines Overview

In this video we will take a look at the new security feature in Windows Server 2016 – Shielded Virtual Machines. This feature is much more than just encryption but rather a Hyper-V powered virtualization guarded fabric that brings a ... continue reading

Why Bitlocker takes longer to complete the encryption in Windows 10 as compared to Windows 7

Hello, my name is Ritesh Sinha and I am a Support Escalation Engineer on the Windows team. Today’s blog will cover “Why Bitlocker takes longer to complete the encryption in Windows 10 as compared to Windows 7”. A brief summary ... continue reading
Email message masquerading as a fax but carrying TrojanDownloader:JS/Crimace.A as attachment

Fake fax ushers in revival of a ransomware family

"Criminal case against you" is a message that may understandably cause panic. That’s what a recent spam campaign hopes happens, increasing the likelihood of recipients opening the malicious attachment. We recently discovered a new threat that uses email messages pretending ... continue reading
The graph shows that Locky machine encounters has recently been low

The new .LNK between spam and Locky infection

Just when it seems the Ransom:Win32/Locky activity has slowed down, our continuous monitoring of the ransomware family reveals a new workaround that the authors might be using to keep it going. The decline in Locky activity can be attributed to ... continue reading
Shielded Virtual Machines in Windows Server 2016

Shielded Virtual Machines in Windows Server 2016

Learn how to ensure your Virtual Machines are always protected and encrypted when running on Windows Server 2016 hosts ... continue reading

Taking backup of encrypted Azure VMs with ADE (Azure Disk Encryption) using Azure Backup in OMS

We see customers migrating or deploying workloads on Azure have started encrypting their virtual machines using ADE (Azure Disk Encryption) and looking for a backup solution that supports protecting those encrypted VMs in a simple and cost effctive manner. We ... continue reading
Sample email lures potential Certor victim shows as it pretends to be a document (.docx file) from a legitimate company

Double-click me not: Malicious proxy settings in OLE Embedded Script

Attackers have been using social engineering to avoid the increasing costs of exploitation due to the significant hardening and exploit mitigations investments in Windows. Tricking a user into running a malicious file or malware can be cheaper for an attacker ... continue reading