Improving performance has always been a major goal for MsQuic. Recently, we have put in a lot of effort into getting ultra-low latency with MsQuic. We have prototyped a fully functioning XDP data path for MsQuic to bypass Windows TCP/IP ... continue reading

Microsoft threat intelligence teams have been tracking multiple ransomware campaigns and have tied these attacks to DEV-0270, also known as Nemesis Kitten, a sub-group of Iranian actor PHOSPHORUS. Microsoft assesses with moderate confidence that DEV-0270 conducts malicious network operations, including ... continue reading

Hi Everybody - Dan Cuomo, Principal PM on the Azure Edge and Platform, Core Networking team, here to talk about some changes we're making to NIC certification in the Windows Server Catalog. During OS deployment (and periodically after that), you ... continue reading

Microsoft has observed the Sliver command-and-control (C2) framework now being adopted and integrated in intrusion campaigns by nation-state threat actors, cybercrime groups directly supporting ransomware and extortion, and other threat actors to evade detection. We’ve seen these actors use Sliver ... continue reading

When we first released Network ATC, we greatly simplified the deployment and on-going management of host networking in Azure Stack HCI. Whether it was the simple yet powerful deployment experience, a “that was easy” cluster expansion process, or increased reliability ... continue reading

Hello folks, Lately, I had to replace my home network’s edge devicefirewall with one that would allow me to connect to my Azure cloud environment using a site-to-site VPN. I set up an Azure Bastion host to enable remote access ... continue reading

Hello Folks, I’m not sure when this became a series, but it’s looking like it’s going to be ongoing. I’m hoping it can give the community a sense of how you can slowly adopt cloud services to enhance your on-prem ... continue reading

Attackers are increasingly leveraging Internet Information Services (IIS) extensions as covert backdoors into servers, which hide deep in target environments and provide a durable persistence mechanism for attackers. While prior research has been published on specific incidents and variants, little ... continue reading

Attackers are increasingly leveraging Internet Information Services (IIS) extensions as covert backdoors into servers, which hide deep in target environments and provide a durable persistence mechanism for attackers. While prior research has been published on specific incidents and variants, little ... continue reading

Update on July 20, 2022 CTP is now GA. No changes for users who have installed CTP in their environment. Users on V1/V2, follow instructions highlighted in MP guide to update. ================================== We are back with the latest version of ... continue reading