Select Page
AppGuard Policies

Microsoft Defender Application Guard for Office

  Introduction   This is John Barbare and I am a Sr Customer Engineer at Microsoft focusing on all things in the Cybersecurity space. In this blog I will focus on a future release of Microsoft Defender Application Guard for Office available in limited preview for Windows 10 20H2. Windows 10 20H2 is now available for commercial customers to ... continue reading
Microsoft Endpoint Manager: Create & Audit an ASR Policy

Microsoft Endpoint Manager: Create & Audit an ASR Policy

IntroductionThis is John Barbare and I am a Sr Premier Field Engineer at Microsoft focusing on all things in the Cybersecurity space. In this tutorial I will walk you through the steps of creating an Attack Surface Reduction (ASR) rule ... continue reading
Diagram showing X64 stage 1 address translation from virtual address to guest physical address

Introducing Kernel Data Protection, a new platform security technology for preventing data corruption

Attackers, confronted by security technologies that prevent memory corruption, like Code Integrity (CI) and Control Flow Guard (CFG), are expectedly shifting their techniques towards data corruption. Attackers use data corruption techniques to target system security policy, escalate privileges, tamper with ... continue reading
Diagram showing how the Thunderspy attack works

Secured-core PCs help customers stay ahead of advanced data theft

Researchers at the Eindhoven University of Technology recently revealed information around “Thunderspy,” an attack that relies on leveraging direct memory access (DMA) functionality to compromise devices. An attacker with physical access to a system can use Thunderspy to read and ... continue reading
Mitigating vulnerabilities in endpoint network stacks

Mitigating vulnerabilities in endpoint network stacks

The skyrocketing demand for tools that enable real-time collaboration, remote desktops for accessing company information, and other services that enable remote work underlines the tremendous importance of building and shipping secure products and services. While this is magnified as organizations ... continue reading
Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks

Secured-core PCs: A brief showcase of chip-to-cloud security against kernel attacks

Gaining kernel privileges by taking advantage of legitimate but vulnerable kernel drivers has become an established tool of choice for advanced adversaries. Multiple malware attacks, including RobbinHood, Uroburos, Derusbi, GrayFish, and Sauron, and campaigns by the threat actor STRONTIUM, have ... continue reading

Automated CA installs using VB script on Windows Server 2008 and 2008R2 [UPDATED]

First published on TECHNET on Sep 18, 2009 Starting with Windows Server 2008 the CA product team introduced a set of COM objects that can be used to control the installation of CAs. Using VBScript you can quickly automate the ... continue reading

Using VBScript to install CA on WS2008R2 server core

First published on TECHNET on Sep 18, 2009 In my previous post I provided a script used for setup and installation of a CA using VBScript. The same script is capable of installing a CA on server core, where there ... continue reading
clipboard_image_4.png

Hyper-V Powering Windows Features

December 2019 Hyper-V is Microsoft’s hardware virtualization technology that initially released with Windows Server 2008 to support server virtualization and has since become a core component of many Microsoft products and features. These features range from enhancing security to empowering ... continue reading
Microsoft and partners design new device security requirements to protect against targeted firmware attacks

Microsoft and partners design new device security requirements to protect against targeted firmware attacks

Recent developments in security research and real-world attacks demonstrate that as more protections are proactively built into the OS and in connected services, attackers are looking for other avenues of exploitation with firmware emerging as a top target. In the ... continue reading