Select Page
Automated E-mail from MEM

Use Power Automate to Extend Microsoft Endpoint Configuration Manager Application Approvals

The native application approval functionality within Microsoft Endpoint Configuration Manager, or MECM (which is still often referred to as SCCM, ConfigMgr, and Configuration Manager) originally only allowed defined MECM admins to approve application requests from the Application Catalog and Software ... continue reading
Delaying the End of Support Date for Configuration Manager current branch version 1810

Delaying the End of Support Date for Configuration Manager current branch version 1810

At Microsoft, our top priority is the health and safety of our employees, customers, partners, and communities. Many of us are now working remotely, and all of us have had our day-to-day lives impacted in unique ways. We have been ... continue reading
Frequent questions about using Conditional Access to secure remote access

Frequent questions about using Conditional Access to secure remote access

Industry trends and changes in the way we work usually span years, with organizations evolving at their own pace. But we're living in unusual times. Organizations asking employees to work from home to slow the spread of COVID-19 are making ... continue reading
1_split-tunnel-001.PNG

Mastering Configuration Manager Bandwidth limitations for VPN connected Clients

Hi, Jonas, Roland and Stefan here! We are Microsoft Premier Field Engineers (PFEs) based in Germany focused on Microsoft Endpoint Manager related topics. Due to the current situation we get a lot of questions from our customers around Configuration Manger ... continue reading
Image: Initial Access Execution Persistence Privilege Escalation Defense Evasion Credential Access Discovery Lateral Movement Impact Using Cloud credentials Exec into container Backdoor container Privileged container Clear container logs List K8S secrets Access the K8S API server Access cloud resources Data Destruction Compromised images in registry bash/cmd inside container Writable hostPath mount Cluster-admin binding Delete K8S events Mount service principal Access Kubelet API Container service account Resource Hijacking Kubeconfig file New container Kubernetes CronJob hostPath mount Pod / container name similarity Access container service account Network mapping Cluster internal networking Denial of service Application vulnerability Application exploit (RCE) Access cloud resources Connect from Proxy server Applications credentials in configuration files Access Kubernetes dashboard Applications credentials in configuration files Exposed Dashboard SSH server running inside container Instance Metadata API Writable volume mounts on the host Access Kubernetes dashboard Access tiller endpoint

Attack matrix for Kubernetes

Kubernetes, the most popular container orchestration system and one of the fastest-growing projects in the history of open source, becomes a significant part of many companies’ compute stack. The flexibility and scalability of containers encourage many developers to move their ... continue reading

Microsoft works with healthcare organizations to protect from popular ransomware during COVID-19 crisis: Here’s what to do

True to form, human-operated ransomware campaigns are always on prowl for any path of least resistance to gain initial access to target organizations. During this time of crisis, as organizations have moved to a remote workforce, ransomware operators have found ... continue reading
blog2.png

Managing Patch Tuesday with Configuration Manager in a remote work world

The global health crisis has dramatically changed life for all of us. We are working to get you the information and guidance you need to keep your people productive and secure. Two weeks from today is Patch Tuesday, which will ... continue reading
Azure Advisor: Meet your personalized cloud consultant service

Azure Advisor: Meet your personalized cloud consultant service

Does it feel like you’re always firefighting problems, especially when you talk about cloud services? Did you know that Azure has a FREE service that lets you be proactive to potential issues and pitfalls? It’s called Azure Advisor and this ... continue reading
Managing remote machines with cloud management gateway in Microsoft Endpoint Configuration Manager

Managing remote machines with cloud management gateway in Microsoft Endpoint Configuration Manager

In light of the global situation that has escalated over the past weeks regarding COVID-19 and the coronavirus; there has been a significant increase in the number people working from home. Indeed, myself and the rest of the Microsoft Endpoint ... continue reading

Work remotely, stay secure—guidance for CISOs

With many employees suddenly working from home, there are things an organization and employees can do to help remain productive without increasing cybersecurity risk. While employees in this new remote work situation will be thinking about how to stay in ... continue reading