When coin miners evolve, Part 2: Hunting down LemonDuck and LemonCat attacks
[Note: In this two-part blog series, we expose a modern malware infrastructure and provide guidance for protecting against the wide range of threats it enables. Part 1 covered the evolution of the threat, how it spreads, and how it impacts ... continue reading
What the heck is the File Server “role” in Windows Server???
Heya folks, Ned here again. Today I clear up an old idiosyncrasy of Windows Server: if the SMB Server service is always installed, why is there a role called "File Server" and what does enabling it do? Let's... role ;) ... continue reading
Log Sensor & Telemetry Services in Isolated Network
Dear IT Pros, We knew that it is normal for Domain Controller and critical servers to be in isolated network without internet access. How could we provide the cloud-based, Azure log analytic services for these objects? The services could originate ... continue reading
When coin miners evolve, Part 1: Exposing LemonDuck and LemonCat, modern mining malware infrastructure
[Note: In this two-part blog series, we expose a modern malware infrastructure and provide guidance for protecting against the wide range of threats it enables. Part 1 covers the evolution of the threat, how it spreads, and how it impacts ... continue reading
Security Settings for Failover Clustering
Security is at the forefront of many administrator's minds and with Failover Clustering, we did some improvements with Windows Server 2019 and Azure Stack HCI with regards to security. Since the beginning of time, Failover Clustering has always had a ... continue reading
Windows Server 2022 Azure Edition in Public Preview
Windows Server Azure Edition is a special version of Windows Server built specifically to run either as an Azure IaaS VM in Azure or as a VM on an Azure Stack HCI cluster. Unlike the traditional Standard or Datacenter editions, ... continue reading
SMB Compression in Windows Server 2022 and Windows Insider
Heya folks, Ned here again. Today I announced the new SMB compression feature for Windows Server 2022 and Windows Insider at the Windows Server 2022, Best on Azure webinar. A proper article will be on docs.microsoft.com in the next 24 ... continue reading
Storage Migration Service now supports NetApp
Heya folks, Ned here again. Eagle-eyed readers may have noticed in the April 22, 2021-KB5001384 monthly update for Windows Server 2019 - and now in the May 2021 Patch Tuesday - we added support for migrating from NetApp FAS arrays ... continue reading
How Do I Discover Changes to an AD Group’s Membership
Q: Is there an easy way to detect and changes to important the membership of AD Groups? A: Easy using PowerShell 7, WMI, and the CIM Cmdlets. WMI Windows Management Instrumentation (WMI) is an important component of the Windows operating ... continue reading
Stopping Carbanak+FIN7: How Microsoft led in the MITRE Engenuity® ATT&CK® Evaluation
In MITRE Engenuity’s recent Carbanak+FIN7 ATT&CK Evaluation, Microsoft demonstrated that we can stop advanced, real-world attacks by threat actor groups with our industry-leading security capabilities. In this year’s evaluation, we engaged our unified Microsoft 365 Defender stack, with market-leading capabilities ... continue reading
