Select Page
Execution stages of the exploit package and corresponding functionality

Detecting and mitigating elevation-of-privilege exploit for CVE-2017-0005

On March 14, 2017, Microsoft released security bulletin MS17-013 to address CVE-2017-0005, a vulnerability in the Windows Win32k component that could potentially allow elevation of privileges. A report from a trusted partner identified a zero-day exploit for this vulnerability. The ... continue reading
figure-1

Five reasons to run SQL Server 2016 on Windows Server 2016 — No. 1: Security

This is the first blog in a five-part series. Keep an eye out for upcoming posts, which will cover cutting costs and improving performance of storage, BI, and analytics; improving uptime and reliability; reaching data insights faster by running analytics ... continue reading
nsis-old-vs-new

Ransomware operators are hiding malware deeper in installer packages

We are seeing a wave of new NSIS installers used in ransomware campaigns. These new installers pack significant updates, indicating a collective move by attackers to once again dodge AV detection by changing the way they package malicious code. These ... continue reading
cloud-based-storage-management

StorSimple in CSP

In February a long-awaited Azure solution - virtual StorSimple - became available for all CSP partners. Azure StorSimple is a Hybrid Storage solution from Microsoft. It can be deployed as a physical device or as a virtual appliance, and it ... continue reading

Loading files from Azure Blob Storage into Azure SQL Database

Azure SQL Database enables you to directly load files stored on Azure Blob Storage using the BULK INSERT T-SQL command and OPENROWSET function. WITH (DATA_SOURCE = 'MyAzureBlobStorageAccount'); BULK INSERT is existing command in T-SQL language that enables you to load files from file system into a table.continue reading
ORCA_Banner

(Part 1) Windows Server 2016 – Shielded Virtual Machines Overview

In this video we will take a look at the new security feature in Windows Server 2016 – Shielded Virtual Machines. This feature is much more than just encryption but rather a Hyper-V powered virtualization guarded fabric that brings a ... continue reading
Email message masquerading as a fax but carrying TrojanDownloader:JS/Crimace.A as attachment

Fake fax ushers in revival of a ransomware family

"Criminal case against you" is a message that may understandably cause panic. That’s what a recent spam campaign hopes happens, increasing the likelihood of recipients opening the malicious attachment. We recently discovered a new threat that uses email messages pretending ... continue reading
The graph shows that Locky machine encounters has recently been low

The new .LNK between spam and Locky infection

Just when it seems the Ransom:Win32/Locky activity has slowed down, our continuous monitoring of the ransomware family reveals a new workaround that the authors might be using to keep it going. The decline in Locky activity can be attributed to ... continue reading
Shielded Virtual Machines in Windows Server 2016

Shielded Virtual Machines in Windows Server 2016

Learn how to ensure your Virtual Machines are always protected and encrypted when running on Windows Server 2016 hosts ... continue reading

Taking backup of encrypted Azure VMs with ADE (Azure Disk Encryption) using Azure Backup in OMS

We see customers migrating or deploying workloads on Azure have started encrypting their virtual machines using ADE (Azure Disk Encryption) and looking for a backup solution that supports protecting those encrypted VMs in a simple and cost effctive manner. We ... continue reading