Windows Security

Windows Security | News, how-tos, features, reviews, and videos

security risk - phishing / malware / social engineering
A Microsoft update gets ready on a screen also displaying a COVID-19 coronavirus visualization.

A hacker attacks from within a Windows system.

How to prevent attackers from using Windows against you

Attackers use standard Microsoft components such as DLLs or PowerShell to avoid detection. These tips will make such "living off the land" attacks harder to execute.

Scripting code displays on a laptop in a dark room.

How to prevent scripting attacks in Microsoft Office

The rise in phishing attempts requires another look at your Microsoft Office settings to minimize the risk of a user executing a malicious script.

CSO > global security

How to set up your network to prevent data loss

Critical data is at risk from both insider and external threats. Here's how to configure your Windows network for data loss prevention (DLP).

Windows security and protection [Windows logo/locks]

How to fight hidden malware on Windows networks

Attackers are more clever about how they hide malicious files. Countering that starts with knowing what services belong on your network.

User ID + password / credentials / authentication

5 steps to avoid credential dumping attacks

Use these five techniques on your Windows network to find and limit risk from vulnerabilities that make your organization vulnerable to credential dumping attacks.

CSO > Security mechanisms vs. fiery threats

How to set up Windows Firewall to limit network access

By enabling Windows Firewall with the proper settings, you can help shut out attackers and limit lateral movement if a breach occurs.

IT staff setting server hardware in a data center.

The 9 Windows Server security settings you need to get right

With all the improvements Microsoft has made in Windows and Windows Server, it’s time to evaluate whether your security settings are as effective as they could be.

Microsoft Windows 7 security patches/updates

How to implement Windows 7, Server 2008 security updates after end-of-life

Microsoft has ended support for Windows 7 and Windows Server 2008, but you can purchase extended security updates. Here's what you need to do to implement them.

Microsoft Windows  >  Defending against attacks

3 ways to make your Windows network harder to attack

Start the new year right by checking these three areas for potential vulnerabilities in your Windows network. Don't make it easy for attackers.

Windows logo / life preserver / rescue / recovery / fix / resolve / solution

How to fix insecure LDAP binds to prevent exposed Windows admin credentials

Although Microsoft has a permanent fix on the way, it's possible that you're exposing domain admin account credentials in cleartext. Here's how to check for and solve that problem.

access control / authentication / privileges / security

Two tips to make multifactor authentication for Office 365 more effective

Here's how to set up "break glass" accounts for emergency admin access to Microsoft Office 365 and brand your Office 365 log-in page to foil fake pages.

An armored knight armor with halo and wings holds a shield, layered in Microsoft brand colors.

How to use Microsoft Compliance Score to improve data protection

The new Compliance Score console in Microsoft 365 offers templates and advice to help meet the ever-growing list of regulatory data protection and privacy rules.

targeted holiday attacks  >  a red bow impaled by a hook, surrounded by abstract binary code

How to protect your business from holiday attacks

Attackers see opportunity in the holidays, but these simple steps and considerations can help block their efforts.

browser security

How to secure your DNS traffic under Windows

DNS traffic is prone to snooping, and it’s often far too easy for attackers to hijack and change a company’s DNS settings. These simple steps will amp up your DNS protection.

Cryptojacking  >  Binary skull, code and bitcoin symbols invade systems as malware

Cryptominers and fileless PowerShell techniques make for a dangerous combo

This new dual-payload cryptojacking malware can disable Windows Antimalware Scan Interface and inject itself directly into memory of legitimate processes.

Laptop displaying the Microsoft logo and a laptop user beneath a digital 'Security' sign.

How to manage Windows 10 1903 and 1909 security updates

Your Windows update controls might be out of date if you haven't reviewed them since the 1803 update or earlier. Here are the new settings you need to know.

Windows logo / life preserver / rescue / recovery / fix / resolve / solution

How to build a Windows disaster recovery toolkit

Sooner or later, a security incident will shut down or disrupt your network. You'll be better prepared with these items in your disaster recovery toolkit.

ON-OFF  >  Pressing a power switch.

How to disable LLMNR in Windows Server

Link-Local Multicast Name Resolution is usually not needed in modern networks and leaves the door open to man-in-the-middle attacks. Here's how to shut it off.

Load More