Microsoft Defender for Cloud Monthly news December 2023 Edition This is our monthly “What’s new” blog post, summarizing product updates and various new assets we released over the past month. In this edition, we are looking at all the goodness from November 2023. Microsoft Defender for Cloud We’re announcing the General Availability (GA) of agentless …
Hi All! Jerry Devore back again with another hardening Active Directory topic. Before we jump into the technical stuff, I would like to briefly share some tips for structuring a protocol hardening project. I picked up these suggestions from working with customers who have been successful in their protocol hardening efforts. Tip #1 – Collaborate …
Active Directory Hardening Series – Part 2 – Removing SMBv1 Continue Reading
Microsoft Azure is constantly evolving to meet the needs of its growing user base. In response to the feedback and requirements of developers, we have announced a new SKU for Azure Bastion: Bastion Developer. This service, now in public preview, will be a game-changer for developers seeking secure, cost-effective, and hassle-free connectivity to their Azure …
Since early October 2023, Microsoft has observed two North Korean nation-state threat actors – Diamond Sleet and Onyx Sleet – exploiting CVE-2023-42793, a remote-code execution vulnerability affecting multiple versions of JetBrains TeamCity server. TeamCity is a continuous integration/continuous deployment (CI/CD) application used by organizations for DevOps and other software development activities. In past operations, Diamond …
Introduction Hi folks! My name is Felipe Binotto, Cloud Solution Architect, based in Australia. In this post, I will provide some tips and clarifications about Azure Firewall based on my experience from the field. Topics The following are the topics we are going to discuss. Azure Firewall Policy Inheritance Azure Firewall Rule Processing Logic Azure …
Author: Asaf Nakash (@Asaf_Nakash), Senior Program Manager, Microsoft Defender for Cloud Co-authors: @Catalin Esanu, Senior Program Manager, Microsoft Defender for Cloud @Maayan Naaman Rand , Senior Program Manager, Microsoft Defender for Cloud In recent years we’ve witnessed an accelerated migration of data to the cloud with data sprawl with security blind spots as unintended consequences. Attackers have turned …
New expanded visibility into multicloud data security in Microsoft Defender for Cloud Continue Reading
Since February 2023, Microsoft has observed password spray activity against thousands of organizations carried out by an actor we track as Peach Sandstorm (HOLMIUM). Peach Sandstorm is an Iranian nation-state threat actor who has recently pursued organizations in the satellite, defense, and pharmaceutical sectors around the globe. Based upon the profile of victim organizations targeted …
On July 11, 2023, we introduced Microsoft’s identity-centric security service edge (SSE) solution and two new services: Microsoft Entra Private Access and Microsoft Entra Internet Access, which are now in public preview. In this blog, we take a deeper look into Microsoft Entra Private Access. Figure 1: Traditional network security stacks and legacy VPNs are …
Summary Microsoft has identified a nation-state activity group tracked as Flax Typhoon, based in China, that is targeting dozens of organizations in Taiwan with the likely intention of performing espionage. Flax Typhoon gains and maintains long-term access to Taiwanese organizations’ networks with minimal use of malware, relying on tools built into the operating system, along …
Flax Typhoon using legitimate software to quietly access Taiwanese organizations Continue Reading
When connecting to Azure VMs, there are a few ways you can establishing the connection. If using Windows VMs, most likely, you are connecting through Remote Desktop Protocol (RDP) session, so you can open a remote GUI session. However, opening the RDP port (3389) to the internet is not a secure best practice. Instead, many …
How to configure the RDP connection for Azure VMs via Azure Bastion Continue Reading
