Select Page

FAQs from the Field on KRBTGT Reset

Hello Everyone, my name is Zoheb Shaikh and I’m a Solution Engineer working with Microsoft Mission Critical team (SfMC). Today I’ll share with you some FAQs on KRBTGT reset. Introduction Recently I had couple of customers asking many questions on ... continue reading

Sophisticated cybersecurity threats demand collaborative, global response

Microsoft’s response to Solorigate Since December, the United States, its government, and other critical institutions including security firms have been addressing the world’s latest serious nation-state cyberattack, sometimes referred to as ‘Solorigate’ or ‘SUNBURST.’ As we shared earlier this is ... continue reading
Zero Trust Principles

Using Zero Trust principles to protect against sophisticated attacks like Solorigate

The Solorigate supply chain attack has captured the focus of the world over the last month. This attack was simultaneously sophisticated and ordinary. The actor demonstrated sophistication in the breadth of tactics used to penetrate, expand across, and persist in ... continue reading
Introducing Packet Monitor

Introducing Packet Monitor

Network connectivity issues are often hard to diagnose. There are multiple machines involved in a single data transfer; at least two endpoints and a complex network infrastructure in the middle. Lately, with the introduction of network virtualization, more of the ... continue reading
Advice for incident responders on recovery from systemic identity compromises

Advice for incident responders on recovery from systemic identity compromises

As Microsoft alongside our industry partners and the security community continues to investigate the extent of the Solorigate attack, our goal is to provide the latest threat intelligence including IOCs and guidance across our products and solutions to help the ... continue reading
f1.png

Are Your IaaS Domain Controllers Secured in Azure?

Hi Everyone, Zoheb here again with my colleague Tim Beasley. Today, we will be sharing some best practices to help ensure that your VMs (virtual machines) (including Domain Controllers) are secure in your Azure/Cloud environment. I would like to start ... continue reading
WindowsAdminCenter-Start.png

Using Windows Admin Center on-premises to manage Azure Windows Server VMs

Contributed by @Orin Thomas Currently the Windows Admin Center (WAC) add-in for the Azure Portal is in preview. Unfortunately, at the time of writing, the preview is oversubscribed, and you might be waiting for a while before the feature becomes ... continue reading
Aerial view of port and freeways leading to downtown Singapore.

Defending the power grid against supply chain attacks: Part 3 – Risk management strategies for the utilities industry

Over the last fifteen years, attacks against critical infrastructure (figure1) have steadily increased in both volume and sophistication. Because of the strategic importance of this industry to national security and economic stability, these organizations are targeted by sophisticated, patient, and ... continue reading
Defending the power grid against supply chain attacks—Part 2: Securing hardware and software

Defending the power grid against supply chain attacks—Part 2: Securing hardware and software

Artificial intelligence (AI) and connected devices have fueled digital transformation in the utilities industry. These technological advances promise to reduce costs and increase the efficiency of energy generation, transmission, and distribution. They’ve also created new vulnerabilities. Cybercriminals, nation state actors, ... continue reading
Initially Isolate Tier 0 Assets with Group Policy to Start Administrative Tiering

Initially Isolate Tier 0 Assets with Group Policy to Start Administrative Tiering

Hello everyone, my name is Daniel Metzger and I am a Senior Premier Field Engineer for Secure Infrastructure based in Switzerland. In this post, I am going to show you how to use a minimal set of Group Policy objects ... continue reading