In the last six months, we observed a 254% increase in activity from a Linux trojan called XorDdos. First discovered in 2014 by the research group MalwareMustDie, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers as ... continue reading

Hi everyone, this is Will Aftring again with the Windows Debug team, here to lay the groundwork for a new series on how to get started with network trace analysis. This is not an introduction to networking. Many of the networking ... continue reading

There are many niche areas within infrastructure and security, but we find that most IT Pros have a very broad set of responsibilities, touching different products and tasks. If you’re working in a Microsoft-focussed environment, especially one that is using ... continue reading

James Kehr here with the Windows networking support team. This article covers details about mDNS and recommended best practices when trying to control the protocol designed to make life easier. Starting with Windows 10 1703 Microsoft has included native support ... continue reading

HTTP/3 is a major change to HTTP. It switches away from using TCP as a transport and TLS separately to using QUIC as a transport which has TLS 1.3 or higher built in. These changes mean that migrating from HTTP/2 ... continue reading

Trickbot, a sophisticated trojan that has evolved significantly since its discovery in 2016, has continually expanded its capabilities and, even with disruption efforts and news of its infrastructure going offline, it has managed to remain one of the most persistent ... continue reading

Receiving Distributed Denial of Service (DDoS) attack threats? DDoS threats have seen a significant rise in frequency lately, and Microsoft stopped numerous large-scale DDoS attacks last year. This guide provides an overview of what Microsoft provides at the platform level, ... continue reading

When you go to deploy a server or any part of our infrastructure manually, how long does it take you? Can you do a manual deployment end to end without any mistakes? Now, how do you scale that? This is ... continue reading

Secrets from the Deep - The DNS Analytical Log - Part 5   Hi Team, it's Eric Jansen again, here today to continue where we left off in Part 4 of the series. In the last episode, we discussed how ... continue reading

The Microsoft Compromise Recovery Security Practice has observed how the security industry has evolved over the last few years as consumers, businesses, and industry professionals continue to adapt to the changing landscape. We have seen the emergence of new frameworks, ... continue reading