As Windows organizations migrate toward cloud-based environments, they often lose context of their full stack. In addition to securing their on-premises servers, they now need to deal with virtual servers, managed services, and platform-as-a-service offerings. Cloud-based resources require organizations to relinquish control over physical infrastructure and limit their access to underlying operating systems.

Linux and Unix admins are accustomed to using Open Secure Shell (OpenSSH) to connect to servers because it has been included in those systems for decades. Windows users, on the other hand, have traditionally had to download third-party tools like Putty or WinSCP to utilize SSH capabilities. However, that changed when OpenSSH became available as an optional feature in Windows 10 and Windows Server 2019.

Organizations usually rely on remote work capabilities, leading them to use cloud systems. But with increased use of cloud infrastructure, the vulnerability to cyberattacks increases. One such is the Privilege Escalation attack, a complex threat to any network. Multiple defense strategies are required to detect and prevent privilege escalation attacks, but understanding what this attack means is important even before that.

The Windows Local Administrator Password Solution ( Windows LAPS) is a built-in Windows feature designed to seamlessly handle and safeguard the password for a local administrator account on devices joined to either Microsoft Enterprise or Windows Server Active Directory domains. Additionally, Windows LAPS can be utilized to automatically manage and secure the Directory Services Restore Mode (DSRM) account password on Windows Server Active Directory domain controllers.

Windows administrators have cautioned that after applying the KB5035855 and KB5035857 updates, released as part of March 2024 Patch Tuesday for Windows Server 2016 and Windows Server 2022, domain controllers running the updated versions of Windows Server may experience crashes and reboots. Affected servers are freezing and rebooting stemming from a memory leak in the Local Security Authority Subsystem Service (LSASS), leading to continually increasing memory usage over time.

This policy enables users on the network to establish connections with the computer, and it’s necessary for several network protocols such as Server Message Block (SMB), NetBIOS, Common Internet File System (CIFS), and Component Object Model Plus (COM+).

When I want to explain Windows Storage Spaces (formerly known as Windows Storage Pools), I always refer to RAID (Redundant Array of Independent Disks). Almost every IT Admin is familiar with the concept of RAID technology. Let’s take a moment to refresh our memory.

LAN Manager (LM) authentication level is a security setting that determines how Windows systems authenticate network connections. It is a legacy authentication protocol developed by Microsoft for use in older versions of Windows network operations. There are three main protocols involved in LAN Manager Authentication: The LAN Manager Authentication Level setting allows you to choose which protocols your system will use or accept for authentication.