SMB authentication rate limiter now on by default in Windows Insider
Heya folks, Ned here again. Back in the spring of 2022 we released a new SMB preview feature: the SMB authentication rate limiter. It is available in Windows 11 Insider and Windows Server Insider builds. IT staff often enable access to the SMB server service ... continue reading
Microsoft shares what’s next in machine learning at NVIDIA GTC
Finding scalable solutions for today’s global challenges requires forward-thinking, transformative tools. As environmental, economic, and public health concerns mount, Microsoft Azure is addressing these challenges head on with high-performance computing (HPC), AI, and machine learning. The behind-the-scenes power for everything ... continue reading
Check This Out! (CTO!) Guide (August 2022)
Hi everyone! Brandon Wilson here once again with this month’s “Check This Out!” (CTO!) guide. These posts are only intended to be your guide, to lead you to some content of interest, and are just a way we ... continue reading
Profiling DEV-0270: PHOSPHORUS’ ransomware operations
Microsoft threat intelligence teams have been tracking multiple ransomware campaigns and have tied these attacks to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS. Microsoft assesses with moderate confidence that DEV-0270 conducts malicious network operations, including ... continue reading
Az Stack HCI: Software Defined Networking (SDN) extensions reach General Availability for WAC
Software Defined Networking is Azure-inspired Networking in your datacenter and at the edge, learn more below: Plan for and deploy SDN infrastructure on Azure Stack HCI - Learn | Microsoft Docs Implement Datacenter Firewall and Software Load Balancer on Azure ... continue reading
Enhance Azure Firewall policy management with Tufin SecureTrack integration
Organizations today are faced with growing network challenges with hundreds of network assets deployed in hybrid and multi-cloud environments. Daily tasks such as enabling access or troubleshooting network connectivity issues have become increasingly more complex and spread across different teams ... continue reading
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone
Microsoft security researchers have discovered a post-compromise capability we’re calling MagicWeb, which is used by a threat actor we track as NOBELIUM to maintain persistent access to compromised environments. NOBELIUM remains highly active, executing multiple campaigns in parallel targeting government ... continue reading
Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks
Microsoft has observed the Sliver command-and-control (C2) framework now being adopted and integrated in intrusion campaigns by nation-state threat actors, cybercrime groups directly supporting ransomware and extortion, and other threat actors to evade detection. We’ve seen these actors use Sliver ... continue reading
Connect with Microsoft Security experts at the 2022 Gartner Identity & Access Management Summit
The transition to a remote and hybrid workforce happened fast during a time of uncertainty, and IT professionals rose to the challenge with ingenuity and dedication. But two years in, many IT teams are still responding with patchwork solutions to ... continue reading
Dive deep into NAT gateway’s SNAT port behavior
In our last blog, we examined a scenario on how network address translation (NAT) gateway mitigates connection failures happening at the same destination endpoint with its randomized source network address translation (SNAT) port selection and reuse timers. In addition to ... continue reading
