Select Page
Graph.png

Understanding “Solorigate”‘s Identity IOCs – for Identity Vendors and their customers.

Microsoft recently disclosed a set of complex techniques used by an advanced actor to execute attacks against several key customers. While we detected anomalies by analyzing requests from customer environments to the Microsoft 365 cloud, the attacks generalize to any ... continue reading
PassTests.gif

Have Your Company's Systems Passed All the Security Tests?

Dear IT Pros, Happy Holiday and Merry Christmas! I would like to make this article more fluid and less dry, with the hope that not all my blog articles’ contents are too serious and too long to read. Let me ... continue reading
Protecting Microsoft 365 from on-premises attacks

Protecting Microsoft 365 from on-premises attacks

Many customers connect their private corporate networks to Microsoft 365 to benefit their users, devices, and applications. However, there are many well-documented ways these private networks can be compromised. As we have seen in recent events related to the SolarWinds ... continue reading
Microsoft Secure Score screen image

A “quick wins” approach to securing Azure Active Directory and Office 365 and improving your security posture

In the last post, we discussed Office 365 and how enabling certain features without understanding all the components can lead to a false sense of security. We demonstrated how implementing a break glass account, multi-factor authentication (MFA), and the removal ... continue reading
™

Terranova Security Gone Phishing Tournament reveals continued weak spot in cybersecurity

The Terranova Security annual Gone Phishing Tournament wrapped up in October 2020, spanning 98 countries and industries including healthcare, consumer goods, transport, energy, IT, finance, education, manufacturing, and more. Using templates created from actual phishing attacks created by Microsoft Security, ... continue reading
Azure Defender for Resource Manager monitors resource management operations to protect your Azure environment.

New cloud-native breadth threat protection capabilities in Azure Defender

As the world adapts to working remotely, the threat landscape is constantly evolving, and security teams struggle to protect workloads with multiple solutions that are often not well integrated nor comprehensive enough. This results in serious threats avoiding detection, as ... continue reading
Orgs with ZeroLogon exploitation attempts by red teams and real attackers starting September 13, 2020

Zerologon is now detected by Microsoft Defender for Identity

There has been a huge focus on the recently patched CVE-2020-1472 Netlogon Elevation of Privilege vulnerability, widely known as ZeroLogon. While Microsoft strongly recommends that you deploy the latest security updates to your servers and devices, we also want to ... continue reading
RS2.gif

Demystifying Ransomware Attacks Against Microsoft Defender Solution

Hi IT Pros, As you have known it, Ransomware is in aggravated assault mode at this time of year 2020, the joint cybersecurity advisory comes from the Cybersecurity Infrastructure and Security Agency (CISA), the Federal Bureau of Investigation (FBI), and ... continue reading
tantran55_0-1597056629964.png

Microsoft Defender for Endpoint Linux – Configuration and Operation Command List

Hello Blog Readers, I have summarized the Linux Configuration and Operation commands in this cheat sheet for your convenient use. Enjoy your MD for Endpoint Linux run! MD for Endpoint Linux Commands Group Scenario Command Configuration Turn on/off real-time protection ... continue reading
tantran55_0-1596287884005.png

Deploying Microsoft Defender for Endpoint on Linux Servers.

Hi IT Pro, The following is step-by-step document for Defender for Endpoint Linux (MD ATP for Linux) deployment. Let's start your MD for Endpoint Linux deployment! ________________________________ Microsoft Defender for Endpoint Linux (MD ATP) support for Linux with kernel version ... continue reading