Regardless the size of the organization. There is always one or few macros setup in excel files that does some tasks for the users. These macros are so critical to the business, and most of the time employees' tasks are evolving around them.And most of the time, people who create the macros in the organization … Continue reading How Office Macros Expand the Attack Surface
Tag: Defender
I May Have Finally Launched my YouTube Channel
This is something I wanted to do from a long time and I guess finally I did it. Launching my own YouTube channel. I gave a lot of thought to planning the goal of this channel and what content I want to bring in and I'm so excited to share my knowledge in this form … Continue reading I May Have Finally Launched my YouTube Channel
Hardening Exchange Online Security with Microsoft Entra, Intune, and Defender XDR
Your emails are now in the cloud, specifically Microsoft 365 - Exchange Online (EXO). Now what? For many organizations emails are the heart and soul of communication and past records and they use the same On-premises methods to protect emails in the cloud. Regardless, defending it from bad actors is a must because this is … Continue reading Hardening Exchange Online Security with Microsoft Entra, Intune, and Defender XDR
Microsoft Defender for Endpoint – Passive Mode
Passive mode and EDR in block mode. It's fair to assume that if Defender is not the "Active" or the "Primary" AV on the computer, then that will be running in Passive mode. However, in the Defender world, it is one of the states where you can leave Defender running. However, that might not be … Continue reading Microsoft Defender for Endpoint – Passive Mode
How to Track Devices with a Faulty MDE Sensor Health State, Using a Logic App Workflow?
The MDE Sensor Health what we like to see is "Active". The sensor health we don't want is "Inactive" or "Misconfigured". But sometimes it is almost impossible to track the sensor status of all the devices every day so the devices will be all healthy. However, in order to properly communicate with Defender, the endpoint's … Continue reading How to Track Devices with a Faulty MDE Sensor Health State, Using a Logic App Workflow?
How to Enable the New Security Settings Management Feature in Defender Security Portal
In Public Preview at the time of the writing. This is a much-needed feature I believe. Also in most of the IT departments due to the tasks being segregated among different admins, most of the time it is a team game and you need 2 different admins (Intune Administrator and a Security Administrator) to collaborate … Continue reading How to Enable the New Security Settings Management Feature in Defender Security Portal
Latest Microsoft Authenticator App/ MFA Improvements
Exciting new improvements in the Microsoft Authenticator front. This is a step towards phishing attacks that can lead to accidental MFA approvals. We all know about MFA fatigue by now and how much damage a bad actor can make when an account holder makes one wrong move. This will trend will not stop, but this … Continue reading Latest Microsoft Authenticator App/ MFA Improvements
TLS 1.0 and TLS 1.1 End is Near!
If you are an Office 365 admin like myself, you may have received many notifications from Microsoft regarding the TLS 1.0 being deprecated in their infrastructure which in result will affect their customers if they don't move to TLS 1.2 in time. They've 1st informed this will be valid from 31st Oct 2018, but have … Continue reading TLS 1.0 and TLS 1.1 End is Near!
EMS Route 