Select Page
HoussemDellai_0-1673854658508.png

Public and private AKS clusters demystified

Introduction  Azure Kubernetes Service (AKS) is the managed kubernetes service in Azure. It has two main components: worker nodes and control plane. The worker nodes are the VMs where customer applications will be deployed into. The control plane is the component that ... continue reading
hewagen_0-1671804677570.png

Windows 10 or Windows 11 GPO ADMX – An Update

Hi community,   I am Helmut Wagensonner, a Cloud Solution Architect – Engineer at Microsoft. In a former blog (https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/windows-10-or-windows-11-gpo-admx-which-one-to-use-for-your/ba-p/3063322), where I did a comparison between Windows 10 and Windows 11 ADMX files, I promised in my comments to do ... continue reading
Screenshot of malware code, a script that is used to download a remote code administration tool

Microsoft research uncovers new Zerobot capabilities

Botnet malware operations are a constantly evolving threat to devices and networks. Threat actors target Internet of Things (IoT) devices for recruitment into malicious operations as IoT devices’ configurations often leave them exposed, and the number of internet-connected devices continue ... continue reading
A geographical map that presents the countries where the devices affected by the botnet are located. Countries with affected devices are highlighted on the map in blue.

MCCrash: Cross-platform DDoS botnet targets private Minecraft servers

Malware operations continue to rapidly evolve as threat actors add new capabilities to existing botnets, increasingly targeting and recruiting new types of devices. Attackers update malware to target additional operating systems, ranging from PCs to IoT devices, growing their infrastructure ... continue reading
SIOS installer

How to cluster SAP ASCS/SCS with SIOS DataKeeper on VMware ESXi Servers

This article describes the steps you take to prepare the VMware infrastructure for installing and configuring a high-availability SAP ASCS/SCS instance on a Windows failover cluster by using SIOS DataKeeper as the replicated cluster storage. Create the ASCS VMs For ... continue reading
The figure shows three panels each of an Azure region: East Asia, UK West, and South Africa North, that each contain a virtual network. Within each virtual network, there are 2 virtual machines that are meant to represent the backend resources. In addition, each panel shows a regional Azure Load Balancer that points to each backend resource. This symbolizes that the load balancer distributes traffic to each of the backend resources. Furthermore, above all 3 panels is an Azure cross region Load Balancer, that points to each individual regional load balancer. The Auto DMS’s end user, shown by a user icon, will interact with the cross region load balancer to request information from the backend.

Build a globally resilient architecture with Azure Load Balancer

Azure Load Balancer’s global tier is a cloud-native global network load balancing solution. With cross-region Load Balancer, customers can distribute traffic across multiple Azure regions with ultra-low latency and high performance. To better understand the use case of Azure’s cross-region ... continue reading
Timeline of events for a recent ransomware incident.

Defenders beware: A case for post-ransomware investigations

Ransomware is one of the most pervasive threats that Microsoft Detection and Response Team (DART) responds to today. The groups behind these attacks continue to add sophistication to their tactics, techniques, and procedures (TTPs) as most network security postures increase ... continue reading
WillAftring_0-1666007660035.png

Introduction to Network Trace Analysis 2: Jumping into TCP Connectivity

Introduction to Network Trace Analysis 2: Jumping into TCP Connectivity  Howdy everyone, I hope you're hungry we have a feast of information we will be going through today. Our topic will be the transmission control protocol (TCP) and what you ... continue reading
LEDBAT Background Data Transfer for Windows

LEDBAT Background Data Transfer for Windows

LEDBAT is the background data transfer product built into the Windows networking stack and recommended by the Windows Data Transport team for moving bulk data without interfering with foreground traffic. LEDBAT has a couple of advantages that make it our ... continue reading
Attack chain diagram of ZINC campaign showing steps and related activities

ZINC weaponizing open-source software

In recent months, Microsoft has detected a wide range of social engineering campaigns using weaponized legitimate open-source software by an actor we track as ZINC. Microsoft Threat Intelligence Center (MSTIC) observed activity targeting employees in organizations across multiple industries including ... continue reading