Select Page
wernerrall_0-1628070359608.png

Azure & Desired State Configuration Part 1/4

Scenario I recently had a customer that requested some demo's on how they could use Azure Automation, Azure Devops and PowerShell Desired State Configuration to Automate their deployments and increase the quality of deployments. In this 4 Part Series I ... continue reading
Screenshot of email

Attackers use Morse code, other encryption methods in evasive phishing campaign

Cybercriminals attempt to change tactics as fast as security and protection technologies do. During our year-long investigation of a targeted, invoice-themed XLS.HTML phishing campaign, attackers changed obfuscation and encryption mechanisms every 37 days on average, demonstrating high motivation and skill ... continue reading
DisassemblePoSh01.png

Disassemble Powershell Commandlets

Hey community, I am Helmut Wagensonner, a Customer Engineer at Microsoft and with today’s blog I show you, how to look behind the implementation of Powershell CMDLets. Ever wondered how the Microsoft guys code their powershell Commands? Ever wanted to ... continue reading
Autocomplete in PowerShell

Autocomplete in PowerShell

Autocomplete is something we all like, right? Helps with those moments when we can't quite remember the spelling of a word or the syntax for a command or where we're learning something new and need some help. I know I ... continue reading
2021-07-29_18-25-55.jpg

Configure SMB Signing with Confidence

Heya folks, Ned here again. Many years ago, we made configuring SMB signing in Windows pretty complicated. Then, years later, we made it even more complicated in an attempt to be less complicated. Today I'm here to explain the SMB ... continue reading
:smile:

Azure Arc: – How To Update Arc Agent Using Azure Automation

Hi there , in my previous post named Maintain Your Microsoft Monitoring Agent Up To Date With Azure Automation, I discussed a possible method for updating the Microsoft Monitoring Agent (MMA) at scale. Today I would like to talk to ... continue reading

How to Update or Add a Registry Key Value with PowerShell

Q: I am having a problem trying to update the registry. I am using the New-ItemProperty cmdlet, but it fails if the registry key does not exist. I added the –Force parameter, but it still does not create the registry ... continue reading
Diagram showing chain of attacks from the LemonDuck and LemonCat infrastructure, detailing specific attacker behavior common to both and highlight behavior unique to each infra

When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks

[Note: In this two-part blog series, we expose a modern malware infrastructure and provide guidance for protecting against the wide range of threats it enables. Part 1 covered the evolution of the threat, how it spreads, and how it impacts ... continue reading
:smile:

Azure Kubernetes Services – Start & Stop Your AKS Cluster on Schedule using Azure Automation

Hi everybody, here I am again to show you a possible way to start and stop your AKS cluster on schedule. This could be something important if you’re aiming at saving money and are in the middle of a Microsoft ... continue reading
Screenshots of VirusTotal.com showing file properties of original GoldMax malware and the new variant

Combing through the fuzz: Using fuzzy hashing and deep learning to counter malware detection evasion techniques

Today’s cybersecurity threats continue to find ways to fly and stay under the radar. Cybercriminals use polymorphic malware because a slight change in the binary code or script could allow the said threats to avoid detection by traditional antivirus software ... continue reading