In this article, I'm going to show you how to customize endpoint security settings in Microsoft Intune. Including how to change security baseline settings, how to make sure devices are running a specific operating system version (or later), and how to configure Windows and iOS disk encryption settings. Microsoft provides a series of recommended security… Read More
This month, Microsoft released a fix for the MSHTML zero-day that emerged earlier in September. And it fixes a serious remote code execution bug in the WLAN AutoConfig service. There's also a fix for a serious bug in Apple iOS. So, let's get started! Microsoft fixes MSHTML zero-day Earlier this month, Microsoft released a security… Read More
Back in March 2021, Microsoft introduced a passwordless sign-in experience for work or school accounts. With the help of the Microsoft Authenticator app, Windows Hello, or FIDO2 security keys, corporate users can sign into services connected to Azure Active Directory (AD), like Microsoft 365, without needing to remember their account password. Microsoft has been pushing… Read More
September 7th, Microsoft released a security advisory for a remote code execution vulnerability (CVE-2021-40444) in Microsoft MSHTML, the rendering engine that Office apps use in Windows to display web content. Microsoft says that it is investigating reports of targeted attacks that try to exploit the MSHTML flaw using specially designed Microsoft Office files. The announcement… Read More
Zero Trust is a security model that can be applied to Microsoft 365. It focuses on improving security by verifying and testing both the identity and device before granting access to resources. You can think of Zero Trust as a way of working, wherein you take it for granted that every user and device accessing… Read More
by Brad Sams
Microsoft has released an out-of-band patch that will plug up a hole in a known zero-day exploit. Known as PrintNightmare, the patch is now being released via Windows Update. At the heart of the issue is a remote code vulnerability that would allow an attacker to use Windows Print Spooler to perform privileged file operations.… Read More
with 1 Comment by Ru Campbell
When approaching a rollout of Microsoft Defender for Endpoint (MDE) for your organization, it can be difficult to know where to start. In my last article, MDE was explained at a high level: what it is and why you should care. This time, we will get into the weeds of how to actually plan for… Read More
with 1 Comment by Ru Campbell
Microsoft Defender for Endpoint (MDE, previously known as Microsoft Defender Advanced Threat Protection) is Microsoft's endpoint security platform that goes far and beyond the traditional anti-malware engine and firewall to protect against the modern cybersecurity threats an organization faces. An evolving solution since it was first announced in 2016, MDE is part of the Microsoft… Read More
by Aidan Finn
Microsoft’s Build conference was on last week and it gave us lots of AI, Machine Learning, and every other type of “machines doe it better” cloud tech announcements. But there were also a few infrastructure announcements during the month. I’ve become the “Azure networking” person at my job, so it’s no surprise (to me) that… Read More
Last week Microsoft announced improvements to its cloud-native SIEM product, Azure Sentinel. In an effort to make Sentinel more efficient for Security Operations (SecOps) teams, Microsoft has improved the quality of rules and includes more innate intelligence out-of-the-box. There's also built-in support for SAP in preview. Plus, other features like UEBA and entity pages, which… Read More
by Ru Campbell
As you make the move from Microsoft on-premises infrastructure to the cloud, you'll move from Group Policy management of your endpoints to MDM management. This move isn't always a "lift and shift" process because there isn't always a 1-to-1 relationship between the settings available in Group Policy and those in Intune. Additionally, you need to… Read More
with 3 Comments by Ru Campbell
When we think about administrative rights on Intune-enrolled Windows 10 devices, we need to consider two possible device states for that device: Azure AD joined (AADJ), or Hybrid Azure AD joined (HAADJ). This is due to the different administrative roles available at the directory level. For Azure AD joined devices, at the time of performing… Read More
Microsoft announced at its Ignite conference earlier this year that it is extending its Secured-Core initiative to Windows Server 2022. Currently available for selected Windows 10 devices, Secured-Core requires hardware to meet new standards that follow isolation best practices and to have minimal trust of firmware. Microsoft says that Secured-Core devices are intended for industries… Read More
with 1 Comment by Russell Smith
As part of the Automatic VM Guest Patching for Azure VMs preview announced at Ignite in March, Microsoft introduced Windows Server hotpatching. Hotpatching lets organizations apply security patches to Windows Server without rebooting. A feature that's been part of other server platforms for years, hotpatching finally comes to Windows Server. But there are some caveats.… Read More
by Aidan Finn
Over the last couple of weeks, I’ve spotted lots of tiny little changes in the Azure Portal. And my feeds have lit up over the last few hours. There must be a big Microsoft conference happening right around now? Yup, Microsoft Ignite (March 2021) is here and that means there will be lots of cool… Read More
Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.
In this webinar, you will learn:
Sponsored by:
