Category: Security

This was one of the main blockers of Firefox adoption in the enterprise :



PowerShell remoting with SSH:


How to use SFTP (and SSH) with Powershell?

or Using WinSCP:

Else other:

SFTP powershell snap-in:

and paying software:


example of code using POSH SSH to use SFTP for secure file transfer (certified working! ;)))

$sftpUser = “myaccount”
$sftpServer = “103.x.y.z”
$LocalFile = “d:\data\filetoupload.txt”
$sftpPass = ConvertTo-SecureString -String “ttIJP0YPuPS6” -AsPlainText -Force
$sftpCred = new-object -typename System.Management.Automation.PSCredential -argumentlist $sftpUser, $sftpPass
$sftpSession = New-SFTPSession -ComputerName $sftpServer -Credential $sftpCred

Set-SFTPFile -SFTPSession $sftpSession -LocalFile $Localfile -RemotePath “/tmp/mydirectory/” -Overwrite




Now you can download and install Kali Linux directly from the Microsoft App Store on Windows 10 just like any other application:

First install the Linux subsystem and restart:

You can even do the same by opening PowerShell as Administrator and running the following command and restart your computer.

Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Windows-Subsystem-Linux



About Office 365 message encryption:

New Office 365 Message Encryption capabilities built on top of Azure Information Protection, your organization can use protected email communication with people inside and outside your organization. The new OME capabilities work with other Office 365 organizations,, Gmail, and other email services

OME How to:


Those laptops must run the latest Windows 10 OS with all the new security features and security best practices like:

  • Apply a Hardening Security Baseline from Microsoft Security Compliance Manager (SCM)
  • Enable Secure Boot with UEFI
  • Impose Software Restrictions using AppLocker
  • Enable Full Disk Encryption.
  • Impose Restrictions on USB ports.
  • Implement Network Isolation via host firewall
  • Install and configure the Device Guard, Windows defender ATP or equivalent + Crowdstrike or equivalent
  • Don’t allow Internet access from a browser.
  • Install Minimal Software.
  • Allow Minimal Administrative Accounts (gad-xxxx accounts in our case)
  • Implement a Hardened OU for the PAWs into the GAD of MUCMSPDOM


Run the script below on the client machine that’s generating the WMI corruption errors. It recompiles all .mof WMI files found in the %windir%\System32\Wbem\Repository folder.

  • @ECHO OFFsc config winmgmt start= auto

    reg add HKLM\SOFTWARE\Microsoft\Ole /v EnableDCOM /t REG_SZ /d “Y” /f
    reg add HKLM\SOFTWARE\Microsoft\Ole /v LegacyAuthenticationLevel /t REG_DWORD /d “2” /f
    reg add HKLM\SOFTWARE\Microsoft\Ole /v LegacyImpersonationLevel /t REG_DWORD /d “3” /f

    reg delete HKLM\SOFTWARE\Microsoft\Ole /v DefaultLaunchPermission /f
    reg delete HKLM\SOFTWARE\Microsoft\Ole /v MachineAccessRestriction /f
    reg delete HKLM\SOFTWARE\Microsoft\Ole /v MachineLaunchRestriction /f

    NET STOP SharedAccess

    NET STOP winmgmt

    CD %WINDIR%\System32\Wbem\Repository
    DEL /F /Q /S %WINDIR%\System32\Wbem\Repository\*.*
    CD %WINDIR%\system32\wbem

    REGSVR32 /s %WINDIR%\system32\scecli.dll
    REGSVR32 /s %WINDIR%\system32\userenv.dll

    MOFCOMP cimwin32.mof
    MOFCOMP cimwin32.mfl
    MOFCOMP rsop.mof
    MOFCOMP rsop.mfl
    FOR /f %%s IN (‘DIR /b /s *.dll’) DO REGSVR32 /s %%s
    FOR /f %%s IN (‘DIR /b *.mof’) DO MOFCOMP %%s
    FOR /f %%s IN (‘DIR /b *.mfl’) DO MOFCOMP %%s
    MOFCOMP exwmi.mof
    MOFCOMP -n:root\cimv2\applications\exchange wbemcons.mof
    MOFCOMP -n:root\cimv2\applications\exchange smtpcons.mof
    MOFCOMP exmgmt.mof

    rundll32 wbemupgd, UpgradeRepository

    NET STOP Cryptsvc
    DEL /F /Q /S %WINDIR%\System32\catroot2\*.*
    DEL /F /Q C:\WINDOWS\security\logs\*.log
    NET START Cryptsvc

    cd c:\windows\system32
    lodctr /R
    cd c:\windows\sysWOW64
    lodctr /R


    msiexec /unregister
    msiexec /regserver
    REGSVR32 /s msi.dll

    NET START winmgmt
    NET START SharedAccess

    Execute the commands below in an elevated Command Prompt on the client machine that’s generating the WMI corruption errors. This is an alternate way of resetting the WMI repository to the initial state when the operating system was first installed:

          Winmgmt.exe /standalonehost
          Winmgmt.exe /resetrepository

          Winmgmt.exe /salvagerepository


  • Execute the command below in an elevated Command Prompt on the client machine that’s generating the WMI corruption errors. It checks the integrity of Windows operating system files and attempts to repair errors it finds.
    sfc /scannow
  • If all else fails, reinstall the Windows operating system on the client machine that’s generating the WMI corruption errors.




Latest news:





If you’re looking for a deep-dive course on strategic approaches to building better cybersecurity defenses in your organization, look at the Microsoft Cybersecurity Reference Architecture.

Planning and implementing a security strategy to protect a hybrid of on-premises and cloud assets against advanced cybersecurity threats is one of the greatest challenges facing information security organizations today. Microsoft has built a set of strategies and integrated capabilities to help you solve these challenges and is continuing to invest in making this easier.

This training course explore real-life use cases to help address your organization’s security issues, and offer guidance on protecting an enterprise that spans cloud and mobile devices outside your network controls. Explore common challenges and recommended approaches for threat protection, building an identity-based security perimeter, information protection, and software as a service (SaaS) security. Plus, take a look at device and datacenter security, along with threat detection along the kill chain.

The course outline includes:

  • Overview
  • Building an Identity Security Perimeter
  • Threat Detection
  • Server and Azure Security

Watch the deep dive