Background Many customers face challenges in managing their Conditional Access (CA) policies. Over time, they accumulate more and more policies that are created ad-hoc to solve specific business scenarios, resulting in a loss of overview and increased troubleshooting efforts. Microsoft has provided guidance on how to structure your Conditional Access policies in a way that …
Adversary-in-the-Middle (AiTM) phishing attacks represent an emerging and concerning trend, surpassing conventional phishing methods in their sophistication. These attacks possess the capability to maneuver around the security measures of multifactor authentication (MFA) by leveraging reverse-proxy functionality. One prominent actor, identified as DEV-1101 and tracked by Microsoft, stands responsible for the development, facilitation, and promotion of …
Cloud cybersecurity is of paramount importance in today’s digital landscape, as organizations increasingly rely on cloud services to store and manage sensitive data, applications, and infrastructure. Attacks on cloud infrastructure pose severe risks to organizations such as data theft, ransomware attacks, crypto mining attacks, and service disruption. During a cyber-attack, after gaining initial access to …
Defender for cloud’s Agentless secret scanning for virtual machines is now generally available! Continue Reading
In this article Microsoft Global Network Default Public Access Service Endpoints Private Link Internet Routing Preference Azure Services and the solutions you deploy into Azure are connected to the Microsoft global wide-area network also known as the Microsoft Global Network or the Azure Backbone. There are a few different ways to connect to an Azure …
Connecting to Azure Services on the Microsoft Global Network Continue Reading
Microsoft has observed ongoing activity from mobile banking trojan campaigns targeting users in India with social media messages designed to steal users’ information for financial fraud. Using social media platforms like WhatsApp and Telegram, attackers are sending messages designed to lure users into installing a malicious app on their mobile device by impersonating legitimate organizations, …
Social engineering attacks lure Indian users to install Android banking trojans Continue Reading
Hi All! Jerry Devore back again with another hardening Active Directory topic. Before we jump into the technical stuff, I would like to briefly share some tips for structuring a protocol hardening project. I picked up these suggestions from working with customers who have been successful in their protocol hardening efforts. Tip #1 – Collaborate …
Active Directory Hardening Series – Part 2 – Removing SMBv1 Continue Reading
Unveiling the Public Preview of Azure Machine Learning OneLake datastore. Microsoft Fabric, now generally available, is the all-in-one analytics solution for enterprises, offering a comprehensive suite of services, including data lake, data engineering, and data integration, all in one place. OneLake is where customers can grow their data gravity by unifying their data across clouds, …
Avail the power of Microsoft Fabric from within Azure Machine Learning Continue Reading
Introduction A comprehensive overview of the most frequently used and discussed architecture patterns among our customers in various domains. 1) AOAI with Azure Frontdoor for loadbalancing Architecture diagram: Key Highlights: If you set equal weights for all origins and a high latency sensitivity in Azure Front Door, it will consider all origins that have a …
Azure OpenAI Architecture Patterns and implementation steps Continue Reading
Introduction Today we are announcing a new Microsoft Sentinel Solution for Dynamics 365 Finance and Operations in public preview. This is a premium solution focused on monitoring, detecting threats and responding to incidents in customer’s highly sensitive a business-critical ERP systems powered by Dynamics 365 Finance and Operations. The solution monitors and protects your Dynamics 365 …
What’s new: Microsoft Sentinel Solution for Dynamics 365 Finance and Operations Continue Reading
Firstly, I would like to thank Benjamin Kovacevic and Yael Bergman for their help with this article. While the existing Sentinel GCP Pub/Sub Audit Logs connector documented here provides a way to ingest GCP platform audit logs, ingesting GCP Firewall logs or VPS logs remains a needed capability. In this blog post I will show a simple way …
Architecture Guidance: How to ingest GCP FirewallVPC logs into Microsoft Sentinel Continue Reading
