Buenos días and welcome to número tres in the holiday ’23 series. This one is sure to please the crowd – it’s the NEW AND IMPROVED easy to setup/deploy/use solution for when IT Ops/Support needs a local admin ID and password to perform some management task(s) on a Windows endpoint. As many people know, we …
The Twelve Days of Blog-mas: No.3 – Windows Local Admin Password Solution (LAPS) Continue Reading
Heya folks, Ned here again. Today I’m sharing advice on migrating from Distributed File System Replication (DFSR) to Storage Replica. This includes deciding when SR is a good replacement, inventorying your DFSR and DFS Namespaces, backing up your existing configuration, validating your existing replication and converging it, migrating to SR, then updating your disaster recovery …
DR 2.0: Migrating from DFSR to Storage Replica Continue Reading
Extending our commitment to help customers be secure by default, today we’re announcing the auto-rollout of Microsoft Entra Conditional Access policies that will automatically protect tenants based on risk signals, licensing, and usage. We’ve designed these policies based on our deep knowledge of the current cyberthreat landscape to help our customers strengthen their security baseline, …
Today Microsoft Incident Response is excited to announce a new collaboration with PwC to expand our joint incident response and recovery capability. In this global alliance, Microsoft begins the initial containment and investigation, bringing a deep understanding of a company’s infrastructure to help evict the bad actors faster and more effectively. PwC can then work on …
An integrated incident response solution with Microsoft and PwC Continue Reading
Microsoft has been tracking activity related to the financially motivated threat actor Octo Tempest, whose evolving campaigns represent a growing concern for organizations across multiple industries. Octo Tempest leverages broad social engineering campaigns to compromise organizations across the globe with the goal of financial extortion. With their extensive range of tactics, techniques, and procedures (TTPs), …
SQL Server has brought reliability and security to mission-critical workloads for 30 years. SQL Server 2022, released November 2022, delivers performance enhancements as well as Azure connectivity for disaster recovery, analytics, and governance. Now customers like Mediterranean Shipping Company (MSC) are using SQL Server 2022 to expand their capabilities to better support a truly worldwide …
Protect SQL Server 2014 workloads with Azure flexibility Continue Reading
Introduction Hi folks! My name is Felipe Binotto, Cloud Solution Architect, based in Australia. In this post, I will provide some tips and clarifications about Azure Firewall based on my experience from the field. Topics The following are the topics we are going to discuss. Azure Firewall Policy Inheritance Azure Firewall Rule Processing Logic Azure …
>Virtual machines are arguably still one of the most fundamental core infrastructure components when it comes to cloud computing. Whether you are hosting databases, custom apps, runner jobs, or leveraging them as nodes for your container hosts, VMs are core to your arsenal of options. At the same time, given they are designed to host …
Optimizing your Azure VMs – 3 Simple Steps to Cloud Efficiency Continue Reading
Hello everyone, Jerry Devore back again after to along break from blogging to talk about Active Directory hardening. In my role at Microsoft, I have found every organization has room to improve when it comes to hardening Active Directory. Many times, customers are aware of issues but are afraid of unintended impacts if they make …
Active Directory Hardening Series – Part 1 – Disabling NTLMv1 Continue Reading
The threat actor that Microsoft tracks as Storm-0324 is a financially motivated group known to gain initial access using email-based initial infection vectors and then hand off access to compromised networks to other threat actors. These handoffs frequently lead to ransomware deployment. Beginning in July 2023, Storm-0324 was observed distributing payloads using an open-source tool …
Malware distributor Storm-0324 facilitates ransomware access Continue Reading
