Select Page
SMB authentication rate limiter now on by default in Windows Insider

SMB authentication rate limiter now on by default in Windows Insider

Heya folks, Ned here again. Back in the spring of 2022 we released a new SMB preview feature: the SMB authentication rate limiter. It is available in Windows 11 Insider and Windows Server Insider builds. IT staff often enable access to the SMB server service ... continue reading

Microsoft shares what’s next in machine learning at NVIDIA GTC

Finding scalable solutions for today’s global challenges requires forward-thinking, transformative tools. As environmental, economic, and public health concerns mount, Microsoft Azure is addressing these challenges head on with high-performance computing (HPC), AI, and machine learning. The behind-the-scenes power for everything ... continue reading

Check This Out! (CTO!) Guide (August 2022)

  Hi everyone! Brandon Wilson here once again with this month’s “Check This Out!” (CTO!) guide.   These posts are only intended to be your guide, to lead you to some content of interest, and are just a way we ... continue reading
Infection chain describing the usual tactics and techniques used by DEV-0270 actor group.

Profiling DEV-0270: PHOSPHORUS’ ransomware operations

Microsoft threat intelligence teams have been tracking multiple ransomware campaigns and have tied these attacks to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS. Microsoft assesses with moderate confidence that DEV-0270 conducts malicious network operations, including ... continue reading
Az Stack HCI: Software Defined Networking (SDN) extensions reach General Availability for WAC

Az Stack HCI: Software Defined Networking (SDN) extensions reach General Availability for WAC

Software Defined Networking is Azure-inspired Networking in your datacenter and at the edge, learn more below: Plan for and deploy SDN infrastructure on Azure Stack HCI - Learn | Microsoft Docs  Implement Datacenter Firewall and Software Load Balancer on Azure ... continue reading
Tufin SecureTrack provides automatic policy change tracking, with side-by-side comparison for easy identification of misconfiguration and risky changes.

Enhance Azure Firewall policy management with Tufin SecureTrack integration

Organizations today are faced with growing network challenges with hundreds of network assets deployed in hybrid and multi-cloud environments. Daily tasks such as enabling access or troubleshooting network connectivity issues have become increasingly more complex and spread across different teams ... continue reading
Screenshot of a section of a configuration file.

MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone

Microsoft security researchers have discovered a post-compromise capability we’re calling MagicWeb, which is used by a threat actor we track as NOBELIUM to maintain persistent access to compromised environments. NOBELIUM remains highly active, executing multiple campaigns in parallel targeting government ... continue reading
Screenshot of a Sliver implant configuration data extracted from the process memory of a Sliver backdoor.

Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks

Microsoft has observed the Sliver command-and-control (C2) framework now being adopted and integrated in intrusion campaigns by nation-state threat actors, cybercrime groups directly supporting ransomware and extortion, and other threat actors to evade detection. We’ve seen these actors use Sliver ... continue reading
Balaji Parimi, Microsoft Partner Product Management

Connect with Microsoft Security experts at the 2022 Gartner Identity & Access Management Summit

The transition to a remote and hybrid workforce happened fast during a time of uncertainty, and IT professionals rose to the challenge with ingenuity and dedication. But two years in, many IT teams are still responding with patchwork solutions to ... continue reading
Diagram showing traffic flow from a virtual machine in a NAT gateway configured subnet to a NAT gateway public IP before connecting to a destination endpoint over the internet.

Dive deep into NAT gateway’s SNAT port behavior

In our last blog, we examined a scenario on how network address translation (NAT) gateway mitigates connection failures happening at the same destination endpoint with its randomized source network address translation (SNAT) port selection and reuse timers. In addition to ... continue reading