DNS

Introducing DNR support for Windows Insiders

>A huge thank you to Alex Jercaianu, Justin Sapp, Kosi Nwabueze, and Milan Justel for implementing this feature! Discovery of Network-designated Resolvers (DNR) is an upcoming IETF standard to discover encrypted DNS servers. Before DNR, devices getting DNS server from their local network would not be able to use encrypted DNS without manually finding out […]

Introducing DNR support for Windows Insiders Continue Reading

Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction

Microsoft has been tracking activity related to the financially motivated threat actor Octo Tempest, whose evolving campaigns represent a growing concern for organizations across multiple industries. Octo Tempest leverages broad social engineering campaigns to compromise organizations across the globe with the goal of financial extortion. With their extensive range of tactics, techniques, and procedures (TTPs),

Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction Continue Reading

Service Endpoints vs Private Endpoints

For a long time, if you were using the multi-tenant, PaaS version on many Azure services, then you had to access them over the internet with no way to restrict access just to your resources. This restriction was primarily down to the complexity of doing this sort of restrictions with a multi-tenant service. At that

Service Endpoints vs Private Endpoints Continue Reading

Wired for Hybrid What’s New in Azure Networking September 2023 Edition

Hello Folks, Azure Networking is the foundation of your infrastructure in Azure. Each month we bring you an update on What’s new in Azure Networking. In this blog post, we’ll cover what’s new with Azure Networking in September 2023.  In this blog post, we will cover the following announcements and how they can help you. Gateway Load

Wired for Hybrid What’s New in Azure Networking September 2023 Edition Continue Reading

Quick-Start Guide to Azure Private Endpoints with AKS & Storage

Introduction Azure Private Endpoints (PE) offer a robust and secure method for establishing connections via a private link. This blog focuses on utilizing PEs to link a Private Azure Kubernetes Service (AKS) cluster with a Storage account, aiming to assist in quick Proof-of-Concept setups. Although we spotlight the Storage service, the insights can be seamlessly

Quick-Start Guide to Azure Private Endpoints with AKS & Storage Continue Reading

What’s New: Introducing Microsoft Sentinel Web Session Essentials Solution.

Thank you for liking and using both our ASIM based domain solutions, Network session and DNS essentials. Today, we are announcing the new web session Essentials solution in Public Preview. This is a domain solution and third Microsoft Sentinel solution to leverage Advanced Security Information Model (ASIM). This solution provides a set of generic OOTB

What’s New: Introducing Microsoft Sentinel Web Session Essentials Solution. Continue Reading

Azure Firewall Tips from the Field

Introduction Hi folks! My name is Felipe Binotto, Cloud Solution Architect, based in Australia. In this post, I will provide some tips and clarifications about Azure Firewall based on my experience from the field. Topics The following are the topics we are going to discuss. Azure Firewall Policy Inheritance Azure Firewall Rule Processing Logic Azure

Azure Firewall Tips from the Field Continue Reading

SMB NTLM blocking now supported in Windows Insider

Heya folks, Ned here again. Beginning in Windows 11 Insider Preview Build 25951 (Canary), the SMB client now supports blocking NTLM for remote outbound connections. This changes legacy behavior, where Windows SPNEGO would negotiate Kerberos, NTLM, and other mechanisms with the destination server to decide on a supported security package. NTLM in this case refers to all versions

SMB NTLM blocking now supported in Windows Insider Continue Reading

AKS Egress Traffic demystified

AKS Egress Traffic with Load Balancer, NAT Gateway, and User Defined Route Introduction Welcome to this lab where we will explore the different outbound types in Azure Kubernetes Service (AKS). Outbound traffic refers to the network traffic that originates from a pod or node in a cluster and is destined for external destinations. Outbound traffic

AKS Egress Traffic demystified Continue Reading

Cloud storage security: What’s new in the threat matrix

Today, we announce the release of a second version of the threat matrix for storage services, a structured tool that assists in identifying and analyzing potential security threats on data stored in cloud storage services. The matrix, first released in April 2021 as detailed in the blog post Threat matrix for storage services Cybercriminals target

Cloud storage security: What’s new in the threat matrix Continue Reading