Microsoft Entra Private Access: An Identity-Centric Zero Trust Network Access Solution
On July 11, 2023, we introduced Microsoft’s identity-centric security service edge (SSE) solution and two new services: Microsoft Entra Private Access and Microsoft Entra Internet Access, which are now in public preview. In this blog, we take a deeper look ... continue reading
Flax Typhoon using legitimate software to quietly access Taiwanese organizations
Summary Microsoft has identified a nation-state activity group tracked as Flax Typhoon, based in China, that is targeting dozens of organizations in Taiwan with the likely intention of performing espionage. Flax Typhoon gains and maintains long-term access to Taiwanese organizations’ ... continue reading
Do I Need VPN Connectivity for Windows Hello for Business Registration
Hello everyone, my name is Zoheb Shaikh and I’m a Solution Engineer working with the Microsoft Mission Critical team (SfMC). Today I’ll share an interesting discussion about Windows Hello and the need for VPN/Connectivity with Domain Controllers. Recently I ... continue reading
Analysis of Storm-0558 techniques for unauthorized email access
Executive summary On July 11, 2023, Microsoft published two blogs detailing a malicious campaign by a threat actor tracked as Storm-0558 that targeted customer email that we’ve detected and mitigated: Microsoft Security Response Center and Microsoft on the Issues. As we ... continue reading
The care and feeding of Azure Arc for Servers
Microsoft Azure has a great set of capabilities for managing non-Azure based servers, including monitoring, policy evaluation, inventory and change tracking, and security tools. Access to those services for non-Azure servers may be via Azure Arc – specifically installation of ... continue reading
The five-day job: A BlackByte ransomware intrusion case study
As ransomware attacks continue to grow in number and sophistication, threat actors can quickly impact business operations if organizations are not well prepared. In a recent investigation by Microsoft Incident Response (previously known as Microsoft Detection and Response Team – ... continue reading
IoT devices and Linux-based systems targeted by OpenSSH trojan campaign
Cryptojacking, the illicit use of computing resources to mine cryptocurrency, has become increasingly prevalent in recent years, with attackers building a cybercriminal economy around attack tools, infrastructure, and services to generate revenue from targeting a wide range of vulnerable systems, ... continue reading
Azure Landing Zone Accelerator for AVS – Using a Central Hub in Azure
Options for network connectivity with AVS There are many options for network connectivity when it comes to Azure VMware Solution. This post reviews utilizing a central hub network in Azure. Network Architecture Use ExpressRoute for maximum bandwidth from on-premises. VPN is also ... continue reading
Azure Virtual WAN now supports full mesh secure hub connectivity
In May 2023, we announced the general availability of Routing intent and routing policies for all Virtual WAN customers. This feature is powered by the Virtual WAN routing infrastructure and enables Azure Firewall customers to set up policies for private ... continue reading
Network Design Guide for Azure VMware Solution
I have previously talked about Azure VMware Solution Landing Zone Accelerator (AVS LZ) and the automation tools in my previous blog post. This open-source solution provides an architectural approach and reference implementation to prepare Azure landing zone subscriptions for a scalable ... continue reading
