Podcasts about Microsoft Defender

  • 168PODCASTS
  • 365EPISODES
  • 40mAVG DURATION
  • 1WEEKLY EPISODE
  • May 12, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about Microsoft Defender

Latest podcast episodes about Microsoft Defender

The CyberWire
No quick fix for a ClickFix attack.

The CyberWire

Play Episode Listen Later May 12, 2025 32:26


A major student engagement platform falls victim to the ClickFix social engineering attack. Google settles privacy allegations with Texas for over one point three billion dollars. Stores across the UK face empty shelves due to an ongoing cyberattack. Ascension Health reports that over 437,000 patients were affected by a third-party data breach. A critical zero-day vulnerability in SAP NetWeaver is being actively exploited. Researchers uncover two major cybersecurity threats targeting IT admins and cloud systems. U.S. prosecutors charge three Russians and one Kazakhstani in connection with the takedown of two major botnets. A new tool disables Microsoft Defender by tricking Windows into thinking a legitimate antivirus is installed. Tim Starks, Senior Reporter from CyberScoop, discusses congressional reactions to White House budget cut proposals for CISA. Fair use faces limits in generative AI. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We welcome back Tim Starks, Senior Reporter from CyberScoop, discussing congressional reactions to White House budget cut proposals for CISA. You can find background information in these articles:  House appropriators have reservations — or worse — about proposed CISA cuts⁠ ⁠Sen. Murphy: Trump administration has ‘illegally gutted funding for cybersecurity⁠' Selected Reading iClicker website compromised with fake ClickFix CAPTCHA installing malware (BeyondMachines.net) Google Agrees to $1.3 Billion Settlement in Texas Privacy Lawsuits (SecurityWeek) Fears 'hackers still in the system' leave Co-op shelves running empty across UK (The Record) 437,000 Impacted by Ascension Health Data Breach (SecurityWeek) SAP NetWeaver Vulnerability Exploited in Wild by Chinese Hackers (Cyber Security News) New SEO Poisoning Campaign Targeting IT Admins With Malware (Hackread) Three Russians, one Kazakhstani charged in takedown of Anyproxy and 5socks botnets (The Record) Defendnot — A New Tool That Disables Windows Defender by Posing as an Antivirus Solution (Cyber Security News) Five Takeaways from the Copyright Office's Controversial New AI Report (Copyright Lately)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

It's a Numbers Game
EP099 – Enhancing Cyber Defence: Insights from Nick O'Donovan

It's a Numbers Game

Play Episode Listen Later May 6, 2025 27:05


In this episode, we reconnect with Nick O'Donovan, who provides an overview of Huntress' operations, particularly their growth and expansion into Europe, with a focus on enhancing relationships with MSPs. He highlights Huntress' efforts in recruiting and maintaining a strong team, despite industry challenges, and the success of their recent roadshow series. Nick also discusses the company's product offerings, including EDR, Microsoft 365 identity protection, security awareness, phishing solutions, and a SIEM offering. Key topics covered include the importance of affordable security solutions for small to medium businesses, the integration with Microsoft Defender, and Huntress' innovative Neighbourhood Watch program. The episode concludes with valuable advice for MSPs on improving their closure rates for upselling security products to clients.    00:00 Introduction and Reconnection  00:26 Overview of Huntress  01:02 Huntress' European Expansion  01:43 Roadshow Success and Community Engagement  03:14 Recruitment Challenges and Strategies  04:25 Neighbourhood Watch Program  08:15 Approaching Cybersecurity as an MSP  16:50 Security Awareness Training  20:37 Final Thoughts and Tips for MSPs    Connect with Nick O'Donovan on LinkedIn by clicking here –https://www.linkedin.com/in/nicholasodonovan    Connect with Daniel Welling on LinkedIn by clicking here – https://www.linkedin.com/in/daniel-welling-54659715/     Connect with Adam Morris on LinkedIn by clicking here – https://www.linkedin.com/in/adamcmorris/   Visit The MSP Finance Team website, simply click here – https://www.mspfinanceteam.com/    We look forward to catching up with you on the next one. Stay tuned! 

Chill Chill Security
EP2095: Chill Chill Security - ข้อมูลรั่วไหล อันเกิดจากการใช้งาน Microsoft Defender XDR + Any.run

Chill Chill Security

Play Episode Listen Later Apr 30, 2025 7:39


Sponsor by ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠SEC Playground⁠⁠

Microsoft Mechanics Podcast
Protect AI apps with Microsoft Defender

Microsoft Mechanics Podcast

Play Episode Listen Later Apr 29, 2025 15:00 Transcription Available


Stay in control with Microsoft Defender. You can identify which AI apps and cloud services are in use across your environment, evaluate their risk levels, and allow or block them as needed—all from one place. Whether it's a sanctioned tool or a shadow AI app, you're equipped to set the right policies and respond fast to emerging threats. Defender XDR gives you the visibility to track complex attack paths—linking signals across endpoints, identities, and cloud apps. Investigate real-time alerts, protect sensitive data from misuse in AI tools like Copilot, and enforce controls even for in-house developed apps using system prompts and Azure AI Foundry. Rob Lefferts, Microsoft Security CVP, joins Jeremy Chapman to share how you can safeguard your AI-powered environment with a unified security approach. ► QUICK LINKS: 00:00 - Stay in control with Microsoft Defender 00:39 - Identify and protect AI apps 02:04 - View cloud apps and website in use 04:14 - Allow or block cloud apps 07:14 - Address security risks of internally developed apps 08:44 - Example in-house developed app 09:40 - System prompt 10:39 - Controls in Azure AI Foundry 12:28 - Defender XDR 14:19 - Wrap up ► Link References Get started at https://aka.ms/ProtectAIapps ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics   

Ctrl+Alt+Azure
287 - Microsoft Tech Updates

Ctrl+Alt+Azure

Play Episode Listen Later Apr 23, 2025 30:40


In this week's episode, we look at recent Microsoft Tech updates. By popular request, we're expanding the scope beyond just Azure to include Microsoft 365, Power Platform, and similar Microsoft platforms and capabilities. What's new? What's interesting? What's retiring?(00:00) - Intro and catching up.(03:45) - Show content starts.Show links- What's new in Microsoft Sentinel- What's new in Microsoft Defender for Cloud features- CDN Domain URL change for Agents in Pipelines - Azure DevOps Blog- ActiveX disabled now in Microsoft 365- I/O performance analysis in SQL Server on Azure VMs- AI agents for beginners- Azure Networking capabilities for Copilot in Azure Feedback - Give us feedback!

Blue Security
Side-by-Side with Third-Party Products

Blue Security

Play Episode Listen Later Apr 15, 2025 40:32


SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the integration of Microsoft Security Solutions with third-party security tools. They explore how organizations can leverage Microsoft Defender for Endpoint, Defender for Office, Entra, Intune, and Cloud Access Security Broker solutions to enhance their security posture. The conversation emphasizes the importance of utilizing existing tools to gain additional insights and telemetry, ensuring a more robust security framework without conflicts or performance degradation.----------------------------------------------------YouTube Video Link: https://youtu.be/kE2cVwjPzYs----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/defender-endpoint/microsoft-defender-antivirus-compatibilityhttps://learn.microsoft.com/en-us/intune/intune-service/protect/device-compliance-partners#supported-device-compliance-partnershttps://learn.microsoft.com/en-us/defender-cloud-apps/zscaler-integrationhttps://learn.microsoft.com/en-us/defender-cloud-apps/additional-integrations----------------------------------------------------Contact Us:Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpodYouTube:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠----------------------------------------------------Adam BrewerTwitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewerLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

Talk Microsoft 365
MVP Summit Insights, Copilot Reasoning & Security-Updates

Talk Microsoft 365

Play Episode Listen Later Apr 2, 2025 33:45 Transcription Available


(Disclaimer: erstellt mit Chat GPT)Hallo liebe Community! Michael und Thorsten melden sich live vom Microsoft MVP Summit in Redmond! Trotz Dauerregen gibt es viele spannende News rund um Copilot-Agents, Microsoft Viva und neue Sicherheitsfunktionen für Microsoft Teams. Außerdem diskutieren sie, warum manchmal auch kleine Verbesserungen einen großen Unterschied machen.

Microsoft Mechanics Podcast
Introducing Microsoft Purview Data Security Investigations

Microsoft Mechanics Podcast

Play Episode Listen Later Mar 24, 2025 13:54


Investigate data security, risk and leak cases faster by leveraging AI-driven insights with Microsoft Purview Data Security Investigations. This goes beyond the superficial metadata and activity-only signals found in incident management and SIEM tools, by analyzing the content itself within compromised files, emails, messages, and Microsoft Copilot interactions. Data Security Investigations allows you to pinpoint sensitive data and assess risks at a deeper level—quickly understanding the value of what's been exposed. Then by mapping connections between compromised data and activities, you can easily find the source of the security risk or exposure. And using real-time risk insights, you can also apply the right protections to minimize future vulnerabilities. Data Security Investigations is also integrated with Microsoft Defender incident management as part your broader SOC toolset. Nick Robinson, Microsoft Purview Principal Product Manager, joins Jeremy Chapman to share how to enhance your ability to safeguard critical information.  ► QUICK LINKS: 00:00 - Microsoft Purview Data Security Investigations 01:00 - Risks of data theft & data leaks 03:20 - Start an investigation 04:45 - Results of an investigation 06:15 - Vector-based search & semantic indexing 08:00 - Use AI for the investigation 09:21 - Map activities 10:44 - Connect SOC & Data Security teams 11:21 - Known leaked information 12:26 - Steps to get DSI up and running 13:15 - Wrap up  ► Link References Get started at https://aka.ms/DataSecurityInvestigations Stay up-to-date with our blog at https://aka.ms/DSIBlog ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

Let's Talk Azure!
S6E8 - Mapping the Threatscape: Security Explorer & Attack Paths in Microsoft Defender for Cloud

Let's Talk Azure!

Play Episode Listen Later Mar 21, 2025 47:54 Transcription Available


In this episode, we dive into two great features of Microsoft Defender for Cloud: Security Explorer and Attack Paths. Join us as we unpack how these tools leverage the Cloud Security Graph to help you hunt down risks, map potential attack routes, and prioritize your cloud security efforts like never before. Whether you're managing Azure, AWS, or a hybrid setup, this episode is packed with insights to level up your defense strategy. What You'll Learn: How the Cloud Security Graph provides a unified view of your multicloud environment. Using Security Explorer to proactively identify vulnerabilities and misconfigurations with custom queries. Visualizing Attack Paths to see how attackers could move from an entry point to your critical assets. Practical tips for prioritizing fixes and boosting your Secure Score. Real-world examples of these tools in action and how to get started today. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Ctrl+Alt+Azure
282 - Microsoft Tech Updates

Ctrl+Alt+Azure

Play Episode Listen Later Mar 19, 2025 27:50


In this week's episode, we look at recent Microsoft Tech updates. By popular request, we're expanding the scope beyond just Azure to include Microsoft 365, Power Platform, and similar Microsoft platforms and capabilities. What's new? What's interesting? What's retiring?(00:00) - Intro and catching up.(04:15) - Show content starts.Show links- What's new in Microsoft Defender for Cloud features- Azure updates | Microsoft Azure- Vaulted Backup Support for Azure Files- Log Analytics Simple Mode- Azure AI Foundry new models- Secure and govern AI AppsFeedback - Give us feedback!

Cyber Bites
Cyber Bites - 14th March 2025

Cyber Bites

Play Episode Listen Later Mar 13, 2025 5:39


* Critical PHP Vulnerability Under Mass Exploitation Worldwide* Hacktivist Group Claims Responsibility for X Outages, Musk Blames "Massive Cyberattack"* Cybercriminals Use Bogus Copyright Claims to Spread Malware on YouTube* Former Software Developer Found Guilty of Sabotaging Employer's Systems* Melbourne Man Charged in Mobile Number Porting ScamCritical PHP Vulnerability Under Mass Exploitation Worldwidehttps://www.bleepingcomputer.com/news/security/critical-php-rce-vulnerability-mass-exploited-in-new-attacks/A critical PHP remote code execution vulnerability, CVE-2024-4577, is being actively exploited in widespread attacks targeting Windows systems globally.The vulnerability, patched in June 2024, allows unauthenticated attackers to execute arbitrary code, leading to complete system compromise.While initial reports indicated targeted attacks against Japanese organizations, new data reveals a significant increase in exploitation attempts worldwide, including the United States, Singapore, Germany, and China.Threat intelligence firm GreyNoise reports observing a surge in exploitation attempts since January 2025, with numerous exploit codes available online.The attacks involve attempts to steal credentials, establish persistence, elevate privileges, and deploy adversarial tools. This vulnerability has also been previously exploited by ransomware groups and to deploy new malware.Hacktivist Group Claims Responsibility for X Outages, Musk Blames "Massive Cyberattack"https://www.bleepingcomputer.com/news/security/x-hit-by-massive-cyberattack-amid-dark-storms-ddos-claims/https://www.abc.net.au/news/2025-03-11/elon-musk-says-x-outages-result-of-cyber-attack/105035078The hacktivist group Dark Storm has claimed responsibility for distributed denial-of-service (DDoS) attacks that caused multiple worldwide outages on the X platform. X owner Elon Musk confirmed a "massive cyberattack" against the platform, stating it was conducted with significant resources and potentially involved a large, coordinated group or a nation-state.Dark Storm, a pro-Palestinian group active since 2023, posted evidence of their attacks on Telegram, including screenshots and links to website availability monitoring tools. X has since implemented DDoS protection from Cloudflare, displaying captchas to users connecting from suspicious IP addresses.Musk later stated that the cyberattack involved IP addresses originating from Ukraine, but Dark Storm denied any connection to Ukraine. DDoS attacks often utilize botnets and compromised devices from various global locations to generate overwhelming traffic, disrupting targeted websites.Cybercriminals Use Bogus Copyright Claims to Spread Malware on YouTubehttps://securelist.com/silentcryptominer-spreads-through-blackmail-on-youtube/115788/Cybercriminals are exploiting YouTube's copyright claim system to coerce creators into promoting malware and cryptocurrency miners. They are targeting YouTubers who publish tutorials on Windows Packet Divert (WPD) tools, which are popular in Russia for bypassing internet censorship.The attackers pose as copyright holders of these tools, filing false copyright claims and then contacting creators with a "resolution" that involves adding download links to trojanized versions of the software. These malicious versions, hosted on GitHub, contain a cryptominer downloader.Creators, fearing channel bans, often comply. Kaspersky reports that one such video, with over 400,000 views, led to 40,000 malicious downloads before the link was removed. A Telegram channel with 340,000 subscribers also promoted the malware.The malware uses a multi-stage loader, including a Python-based loader and a bloated second-stage executable to evade detection. It disables Microsoft Defender, establishes persistence, and downloads SilentCryptoMiner, a modified XMRig miner. The miner uses process hollowing and pauses activity when monitoring tools are active.While currently targeting Russian users, this tactic could be used to distribute other malware, such as info-stealers or ransomware, on a broader scale. Users are advised to avoid downloading software from links provided in YouTube videos, especially from smaller channels.Former Software Developer Found Guilty of Sabotaging Employer's Systemshttps://www.justice.gov/opa/pr/texas-man-convicted-sabotaging-his-employers-computer-systems-and-deleting-dataA federal jury in Cleveland has convicted a senior software developer, Davis Lu, of sabotaging his former employer, Eaton Corporation's, computer systems. Lu, 55, faces up to ten years in prison.Lu, who worked at Eaton from 2007 to 2019, began deploying malicious code after a demotion in 2019. He created a Java program that crashed production systems by generating infinite resource-consuming threads. He also developed a "kill switch" that locked out thousands of employees worldwide when his employment was terminated. The “kill switch” code was named “IsDLEnabledinAD”, abbreviating “Is Davis Lu enabled in Active Directory”.Investigators found Lu's malware and related code on internal development servers, linking his user account to the sabotage. He attempted to delete data and wipe his company laptop before returning it. Lu confessed to federal investigators in 2019 but pleaded not guilty, leading to the jury trial and his subsequent conviction.Melbourne Man Charged in Mobile Number Porting Scamhttps://www.afp.gov.au/news-centre/media-release/victorian-man-charged-over-alleged-bulk-phone-porting-scamA Melbourne man is facing court after allegedly attempting to steal mobile numbers from identity theft victims. The man, 34, is accused of making 193 unauthorized "port-in" attempts, successfully transferring 44 mobile numbers to his control.The Australian Federal Police (AFP) began investigating in July 2024 after a telecommunications company reported suspicious porting activity. Porting scams allow criminals to bypass multi-factor authentication and access victims' bank accounts.A search warrant executed at the man's residence resulted in the seizure of mobile phones, a computer, SIM cards, and suspected drug items. He has been charged with unauthorized modification of data, which carries a maximum penalty of 10 years imprisonment.The AFP urges individuals to be vigilant for unexpected text messages or service disruptions, as these could indicate an unauthorized porting attempt. Victims are advised to contact their mobile provider and bank immediately, and report the incident to ReportCyber. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com

CIAOPS - Need to Know podcasts
Episode 340 - Exposure Management

CIAOPS - Need to Know podcasts

Play Episode Listen Later Feb 23, 2025 23:41


I take a look at something many overlook when it comes to security in their Microsoft 365 environment - Exposure score. In essence it is like a targeted Secure Score for a particular threat like Business Email Compromise. There is also news and updates from the Microsoft Cloud so listen along and review the show notes for more information. Brought to you by www.ciaopspatron.com Resources @directorcia Join my shared channel CIAOPS merch store Become a CIAOPS Patron CIAOPS Blog CIAOPS Brief CIAOPSLabs Support CIAOPS The way to control EWS usage in Exchange Online is changing New Microsoft-managed policies to raise your identity security posture Storm-2372 conducts device code phishing campaign Block malicious command lines with Microsoft Defender for Endpoint Clipchamp: Elevating work communication with seamless video creation in Copilot  Sharing with Microsoft Whiteboard AI agents at work: The new frontier in business automation Copilot learning hub New Certification for Microsoft information security administrators What is Security Exposure Managenet?

Let's Talk Azure!
S6E5 - Securing Your Data: Exploring Defender for Databases in Microsoft Defender for Cloud

Let's Talk Azure!

Play Episode Listen Later Feb 14, 2025 51:35


In this episode, we dive into the world of database security with Microsoft's Defender for Databases. Join us as we explore how this tool within Microsoft Defender for Cloud can transform your approach to safeguarding your data against cyber threats. Topics Covered: Introduction to Defender for Databases Features and Capabilities Enabling and Configuring Defender for Databases Responding to Alerts What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

The technology blog and podcast
TSB 225: Mastercard and its stupidity

The technology blog and podcast

Play Episode Listen Later Feb 5, 2025 183:40


Welcome to the security box, podcast 225. On this program, we're going to talk about a company that earned our stupid fuck award for January. We'll also cover the news, notes, landscape and more. Newsy items Not that we care, but Microsoft Defender is disabling VPN. Microsoft kills of Defender Privacy protection VPN services for more. Deep Seek is being abused, not much of a surprise here, but worth looking at. Should this not be surprising, DeepSeek now being abused for more. Gemini and other tools are being abused, and some have been abused more than others. Enter the AI aspect of these tools and we've penned an article titled Gemini AI tools are being abused … so are others if you want to read it. Globe Life is yet another breach with yet another update. Globe life confirms breach after investigation, 850k more affected if you wish. Meta is in Chaos mode, it seems should not be surprising to some, maybe surprising to others. You decide. Tata tech hit with ransomware You've got to be kidding me … another two databases open but now closed? if you've not read it already. Who got charged this podcast? A Canadian Man got charged this month with pilfering $65m in Crypto. Our blog post Canadian man charged with stealing $65m using crypto exploits has the entire details. Who got our stupid fuck award in January we're talking about now? We mentioned this as part of podcast 224, but it became our topic. Its the Krebs On Security article MasterCard DNS Error Went Unnoticed for Years which really is stupid. We'll stop to explain some things on the way, and we hope this leads to some great conversations. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
SANS ISC Stormcast Feb 4th 2025: Crypto Scam; Mediatek and D-Link Patches; Microsoft ends VPN Service

SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast

Play Episode Listen Later Feb 4, 2025 6:13


Crypto Wallet Scam YouTube spam messages leak private keys to crypto wallets. However, these keys can not be used to withdraw funds. Victims are scammed into depositing "gas fees" which are then collected by the scammer. https://isc.sans.edu/diary/Crypto%20Wallet%20Scam/31646 Mediatek Patches Mediatek patched numerous vulnerabilities in its WLAN products. Some allow for unauthenticated arbitrary code execution https://corp.mediatek.com/product-security-bulletin/February-2025 D-Link Vulnerability D-Link disclosed a vulnerability in older routers that as of May no longer receive any updates. Your only option is to upgrade hardare. https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10415 Microsoft Discontinues VPN Service Microsoft is shutting down the VPN service that was included as part of Microsoft Defender https://support.microsoft.com/en-au/topic/end-of-support-privacy-protection-vpn-in-microsoft-defender-for-individuals-8b503da5-732a-4472-833a-e2ddca53036a

Hírstart Robot Podcast
A Huawei Google-mentes telefonjai valódi előrelépést jelentenek

Hírstart Robot Podcast

Play Episode Listen Later Feb 4, 2025 4:29


A Huawei Google-mentes telefonjai valódi előrelépést jelentenek ITBusiness     2025-02-04 05:05:25     Mobiltech Kína Telefon Google Android Huawei A HarmonyOS fejlesztése 2019-ben kezdődött, amikor az Egyesült Államok kereskedelmi korlátozásai ellehetetlenítették a Huawei számára a Google-höz hasonló vállalatokkal való együttműködést. A kínai cég évekig az Android nyílt forráskódú infrastruktúrájára támaszkodott, hogy biztosítsa az alkalmazáskompatibilitást, de most önálló útra lépett, és rem NMHH: A vonalas telefon sorsára juthat a vezetékes internet Telex     2025-02-04 10:47:41     Mobiltech Telefon NMHH Mobilinternet Az egyre gyorsabb korlátlan mobilnet-szolgáltatások miatt egyre kevesebben fizetnek elő vezetékes internetre. Pontosabb időjárás-előrejelzést hoz az AI ICT Global     2025-02-04 06:03:54     Infotech Oktatás egyetem Mesterséges intelligencia Washington A technológia fejlődése ellenére jelenleg csak a tíznapos előrejelzések tekinthetők biztosnak. A Washingtoni Egyetem kutatása szerint viszont a mesterséges intelligencia új utat nyit a pontosságban, akár 23 napos helyes előrejelzés is lehet. Mi várható az Sap szerint az Ai-ban 2025-ben? Digital Hungary     2025-02-04 10:06:00     Infotech Mesterséges intelligencia SAP Az SAP a napokban közzétette a mesterséges intelligencia (AI) jövőjére vonatkozó előrejelzéseit, kiemelve öt meghatározó témát, amelyek várhatóan alakítani fogják az üzleti világot az AI területén. Így készül az ENSZ a Föld felé tartó aszteroidára 24.hu     2025-02-04 09:45:12     Tudomány Világűr ENSZ Meteor A katasztrófa esélye alacsony, de a nemzetközi szervezetek a legrosszabbra is felkészülnek. GDPR: Eddig közel hatmilliárd euró bírság szabtak ki Mínuszos     2025-02-04 13:33:56     Infotech Adatvédelem GDPR Tavaly valamivel több, mint egymilliárd euró bírságot róttak ki a GDPR-rendelet megsértéséért. 2024-ben az uniós adatvédelmi hatóságok a GDPR-rendelet megsértéséért összesen 1,2 milliárd euró bírságot szabtak ki, ezzel a büntetések összértéke 5,88 milliárd euróra nőtt a rendelet alkalmazandóvá válása óta – derül ki a DLA Piper legfrissebb, immár he Blokkolni kezdte a Windows 11 követelményeinek megkerülését segítő programot a Microsoft PC Fórum     2025-02-04 07:00:00     Infotech Microsoft Windows A Microsoft a napokban tiltólistára rakta a Windows-okban azt az ingyenes segédprogramot, ami lehetővé teszi a felhasználók számára a Windows 11 feltelepítését a hardverkövetelményeit nem teljesítő gépekre is. A Flyby11-et ugyanis a Microsoft Defender "potenciálisan nemkívánatos alkalmazás"-nak (PUA) minősíti, emiatt pedig nem engedi külön jóváhagy Nem rejtegeti tovább a V50-et a Vivo Mobilarena     2025-02-04 13:55:00     Mobiltech Telefon India Kamera Vivo Az indiai termékoldal már éles, három 50 megapixeles kamerát kap a telefon, kettőt közülük Zeiss jelzéssel. Budapesten tárták fel, hogyan lubickolnak a városi környezetben a poloskák és más inváziós kártevők Qubit     2025-02-04 14:08:14     Tudomány Normafa Míg az őshonos fajok egyedszámát csökkenti az urbanizáció, a behurcolt fajok élvezik a városok zöld foltjait: a Vérmezőn vagy a Róbert Károly körútnál több mint 30-szor annyi ázsiai márványospoloskát és 300-szor annyi lepkekabócát figyeltek meg a juharfákon, mint Csillebércen vagy a Normafán. A Birodalom visszavág: Kína nekimegy a Google-nek HWSW     2025-02-04 09:34:07     Infotech Kína Google Bár a cég szolgáltatásainak jó része 2010 óta elérhetetlen az országban, a pártállam monopólium létrehozásával vádolja az amerikaiakat. Így élnek túl magyarok tömegei a munkahelyeken: ezt verték beléjük, óriási tévúton vannak Pénzcentrum     2025-02-04 05:35:00     Karrier Mesterséges intelligencia "A mesterséges intelligencia nem helyettesíti az emberi tényezőt, de hatékony eszközként segítheti a munkát" - hangsúlyozta Lénárt Viktor, a ZEL Group alapító CEO-ja, a Pénzcentrumnak adott inerjújában. A beszélgetés során továbbá szó esett arról, miért van szükség a szervezetfejlesztésre a mai gyorsan változó üzleti környezetben, hogyan támogathat Felfüggesztették a vámháborút, a Trump-kormányzat ma este bejelentést tehet a kripto eszközökről Kripto Akadémia     2025-02-04 06:02:25     Modern Gazdaság USA Donald Trump Mesterséges intelligencia Kriptovaluta Szenátus A Trump-kormányzat és az amerikai kongresszus képviselői sajtótájékoztatót tartanak ma, azaz február 4-én este, magyar idő szerint 20:30-kor a digitális eszközökről. Az eseményen részt vesz David Sacks, akit Trump elnök a mesterséges intelligencia és a kriptovaluta ügyekért felelős “cárnak” nevezett ki, valamint a Szenátus és a Képviselőház pénzügy Kétezer éves héber szöveget fejtett meg a mesterséges intelligencia hirado.hu     2025-02-04 06:43:13     Kultúra Izrael Mesterséges intelligencia Fotográfus Negyven évvel felfedezése után megfejtettek egy kétezer éves szöveget Izraelben új fényképészeti technológia és a mesterséges intelligencia segítségével. A további adásainkat keresd a podcast.hirstart.hu oldalunkon.

Hírstart Robot Podcast - Tech hírek
A Huawei Google-mentes telefonjai valódi előrelépést jelentenek

Hírstart Robot Podcast - Tech hírek

Play Episode Listen Later Feb 4, 2025 4:29


A Huawei Google-mentes telefonjai valódi előrelépést jelentenek ITBusiness     2025-02-04 05:05:25     Mobiltech Kína Telefon Google Android Huawei A HarmonyOS fejlesztése 2019-ben kezdődött, amikor az Egyesült Államok kereskedelmi korlátozásai ellehetetlenítették a Huawei számára a Google-höz hasonló vállalatokkal való együttműködést. A kínai cég évekig az Android nyílt forráskódú infrastruktúrájára támaszkodott, hogy biztosítsa az alkalmazáskompatibilitást, de most önálló útra lépett, és rem NMHH: A vonalas telefon sorsára juthat a vezetékes internet Telex     2025-02-04 10:47:41     Mobiltech Telefon NMHH Mobilinternet Az egyre gyorsabb korlátlan mobilnet-szolgáltatások miatt egyre kevesebben fizetnek elő vezetékes internetre. Pontosabb időjárás-előrejelzést hoz az AI ICT Global     2025-02-04 06:03:54     Infotech Oktatás egyetem Mesterséges intelligencia Washington A technológia fejlődése ellenére jelenleg csak a tíznapos előrejelzések tekinthetők biztosnak. A Washingtoni Egyetem kutatása szerint viszont a mesterséges intelligencia új utat nyit a pontosságban, akár 23 napos helyes előrejelzés is lehet. Mi várható az Sap szerint az Ai-ban 2025-ben? Digital Hungary     2025-02-04 10:06:00     Infotech Mesterséges intelligencia SAP Az SAP a napokban közzétette a mesterséges intelligencia (AI) jövőjére vonatkozó előrejelzéseit, kiemelve öt meghatározó témát, amelyek várhatóan alakítani fogják az üzleti világot az AI területén. Így készül az ENSZ a Föld felé tartó aszteroidára 24.hu     2025-02-04 09:45:12     Tudomány Világűr ENSZ Meteor A katasztrófa esélye alacsony, de a nemzetközi szervezetek a legrosszabbra is felkészülnek. GDPR: Eddig közel hatmilliárd euró bírság szabtak ki Mínuszos     2025-02-04 13:33:56     Infotech Adatvédelem GDPR Tavaly valamivel több, mint egymilliárd euró bírságot róttak ki a GDPR-rendelet megsértéséért. 2024-ben az uniós adatvédelmi hatóságok a GDPR-rendelet megsértéséért összesen 1,2 milliárd euró bírságot szabtak ki, ezzel a büntetések összértéke 5,88 milliárd euróra nőtt a rendelet alkalmazandóvá válása óta – derül ki a DLA Piper legfrissebb, immár he Blokkolni kezdte a Windows 11 követelményeinek megkerülését segítő programot a Microsoft PC Fórum     2025-02-04 07:00:00     Infotech Microsoft Windows A Microsoft a napokban tiltólistára rakta a Windows-okban azt az ingyenes segédprogramot, ami lehetővé teszi a felhasználók számára a Windows 11 feltelepítését a hardverkövetelményeit nem teljesítő gépekre is. A Flyby11-et ugyanis a Microsoft Defender "potenciálisan nemkívánatos alkalmazás"-nak (PUA) minősíti, emiatt pedig nem engedi külön jóváhagy Nem rejtegeti tovább a V50-et a Vivo Mobilarena     2025-02-04 13:55:00     Mobiltech Telefon India Kamera Vivo Az indiai termékoldal már éles, három 50 megapixeles kamerát kap a telefon, kettőt közülük Zeiss jelzéssel. Budapesten tárták fel, hogyan lubickolnak a városi környezetben a poloskák és más inváziós kártevők Qubit     2025-02-04 14:08:14     Tudomány Normafa Míg az őshonos fajok egyedszámát csökkenti az urbanizáció, a behurcolt fajok élvezik a városok zöld foltjait: a Vérmezőn vagy a Róbert Károly körútnál több mint 30-szor annyi ázsiai márványospoloskát és 300-szor annyi lepkekabócát figyeltek meg a juharfákon, mint Csillebércen vagy a Normafán. A Birodalom visszavág: Kína nekimegy a Google-nek HWSW     2025-02-04 09:34:07     Infotech Kína Google Bár a cég szolgáltatásainak jó része 2010 óta elérhetetlen az országban, a pártállam monopólium létrehozásával vádolja az amerikaiakat. Így élnek túl magyarok tömegei a munkahelyeken: ezt verték beléjük, óriási tévúton vannak Pénzcentrum     2025-02-04 05:35:00     Karrier Mesterséges intelligencia "A mesterséges intelligencia nem helyettesíti az emberi tényezőt, de hatékony eszközként segítheti a munkát" - hangsúlyozta Lénárt Viktor, a ZEL Group alapító CEO-ja, a Pénzcentrumnak adott inerjújában. A beszélgetés során továbbá szó esett arról, miért van szükség a szervezetfejlesztésre a mai gyorsan változó üzleti környezetben, hogyan támogathat Felfüggesztették a vámháborút, a Trump-kormányzat ma este bejelentést tehet a kripto eszközökről Kripto Akadémia     2025-02-04 06:02:25     Modern Gazdaság USA Donald Trump Mesterséges intelligencia Kriptovaluta Szenátus A Trump-kormányzat és az amerikai kongresszus képviselői sajtótájékoztatót tartanak ma, azaz február 4-én este, magyar idő szerint 20:30-kor a digitális eszközökről. Az eseményen részt vesz David Sacks, akit Trump elnök a mesterséges intelligencia és a kriptovaluta ügyekért felelős “cárnak” nevezett ki, valamint a Szenátus és a Képviselőház pénzügy Kétezer éves héber szöveget fejtett meg a mesterséges intelligencia hirado.hu     2025-02-04 06:43:13     Kultúra Izrael Mesterséges intelligencia Fotográfus Negyven évvel felfedezése után megfejtettek egy kétezer éves szöveget Izraelben új fényképészeti technológia és a mesterséges intelligencia segítségével. A további adásainkat keresd a podcast.hirstart.hu oldalunkon.

Let's Talk Azure!
S6E3 - How can CSPM help fortify your defences

Let's Talk Azure!

Play Episode Listen Later Jan 31, 2025 49:24 Transcription Available


Alan and Sam discuss why it is important to have Cloud Security Posture Management (CSPM) solutions in place. Alan goes through the general benefits of CSPM, enhancements since its release and dives into Microsoft Defender for Cloud. Topics that are covered are: What is Cloud Security Posture Management and why it is important What is Microsoft Defender for Cloud's approach to CSPM What is Microsoft Cloud Security Benchmark what are the pricing tiers for CSPM What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

Let's Talk Azure!
S6E2 - Securing the API Gateway: A Deep Dive into Microsoft Defender for APIs

Let's Talk Azure!

Play Episode Listen Later Jan 24, 2025 65:22 Transcription Available


In this episode, we explore the critical world of API security through the lens of Microsoft Defender for APIs. Join us as we discuss how this tool can safeguard your APIs in increasingly cloud-centric environments. Topics Covered: Introduction to Defender for APIs What it is and why it matters in today's cloud landscape. Who should care about API security? Key Features of Defender for APIs Inventory management and visibility. Security findings and vulnerability assessment. Real-time threat detection based on OWASP API Top 10. Integration with other Azure and security tools. Benefits for Businesses Enhanced API security posture. Compliance with regulatory standards. Mitigating risks in API lifecycle management. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

The Azure Security Podcast
Episode 108: Securing GenAI Applications with Entra

The Azure Security Podcast

Play Episode Listen Later Jan 20, 2025 22:27


In this episode Michael, Gladys, Mark and Sarah talk to guest Diana Vicezar from the Microsoft Entra team about security Generative AI applications. Note, this is a short, simple intro episode to introduce three follow-on episodes. We also cover security news about TLS 1.3 and Azure Event Grid, big updates to Microsoft Defender for Cloud, Azure Database for MySQL, SQL Managed Instance and Confidential Ledger.

Autonomous IT
Patch [FIXED] Tuesday: The Vulnerabilities That Defined 2024

Autonomous IT

Play Episode Listen Later Dec 31, 2024 73:19


Join us for a special bonus episode of Patch [FIX] Tuesday, an hour-long compilation of the vulnerabilities that help shaped the cybersecurity landscape in 2024. This episode recaps some the most critical and interesting exploits, from supply chain compromises to elevation of privilege threats targeting widely used platforms. Whether you're an IT administrator, security professional, or tech enthusiast, this episode provides valuable insights to stay ahead of evolving threats.Here's a list of vulnerabilities discussed in this episode, and be sure to tune into the Patch [FIX] Tuesday podcast on the second Tuesday of every month. Operation Triangulation (00:13)CVE-2024-21401: Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability (5:00)CVE-2024-21400: Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability (11:00)CVE-2024-3094: XZ/Liblzma Supply Chain Backdoor (17:08)CVE-2024-4671: Google Chrome Use-After-Free Vulnerability (30:00)CVE-2024-30078: Windows WiFi Driver Remote Code Execution Vulnerability(35:03)CVE-2024-38053: Windows Layer Two Bridge Network RCE (47:14)CVE-2024-38180: SmartScreen Prompt Remote Code Execution Vulnerability (53:12)CVE-2024-43491: Microsoft Windows Update Remote Code Execution Vulnerability (1:00:00)CVE-2024-43533: Remote Desktop Client Remote Code Execution Vulnerability (1:04:24)CVE-2024-5535: Microsoft Defender for Endpoint Remote Code Execution Vulnerability (1:07:35)CVE-2024-49093: Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability (1:09:36)

Microsoft Threat Intelligence Podcast
A Couple of Rats Pick Up New Tricks, Un Proposes Cybercrime Treaty

Microsoft Threat Intelligence Podcast

Play Episode Listen Later Dec 4, 2024 42:26


In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Microsoft's Dinesh Natarajan, Senior Threat Hunter, and Thomas Ball, Senior Security Researcher. They unpack recent findings around AsyncRAT, a remote access Trojan (RAT) used for keylogging, data exfiltration, and deploying further malware.     Dinesh explains how attackers are now using screen-sharing tools, like Screen Connect, as part of a new infection chain that makes the malware delivery process more deceptive. Thomas then shares insights on SectopRAT, another threat targeting browser data and crypto wallets. Uniquely, this RAT creates a second desktop, allowing attackers to operate undetected.     Next, Sherrod talks with Microsoft's Senior Director of Diplomacy, Kaja Ciglic, about the UN's proposed cybercrime treaty. Originally spearheaded by Russia, the treaty aims to create a global framework for prosecuting cybercrime, but critics worry about its potential impact on freedom of expression and human rights.    In this episode you'll learn:       How tech support scam emails lead to AsyncRAT installations on different devices  The importance of leveraging tools like Microsoft Defender's SmartScreen for protection  The treaty encourages cooperation but may let governments exploit unclear cybercrime definitions    Some questions we ask:     How does social engineering through email play a role in these attacks?  What capabilities does AsyncRat have, and why is it so concerning?  How do we ensure the treaty doesn't impact freedom of expression or human rights?    Resources:   View Dinesh Natarajan on LinkedIn  View Thomas Ball on LinkedIn  View Kaja Ciglic on LinkedIn   View Sherrod DeGrippo on LinkedIn     Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider      The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

Autonomous IT
Patch [Fix] Tuesday – November 2024 [Cybersecurity Experts Discuss NTLM Spoofs, RCE Attacks, and Privilege Escalations], E13

Autonomous IT

Play Episode Listen Later Nov 12, 2024 8:15


Automox cybersecurity experts discuss the latest security updates from November's Patch Tuesday, focusing on several critical vulnerabilities, including NTLM Hash Disclosure, Microsoft Defender's RCE vulnerability, and the Windows Task Scheduler Elevation of Privilege Vulnerability. They emphasize the importance of patching and user awareness in combating phishing attacks and other security threats. The conversation highlights the complexities of vulnerabilities in Windows 10 and 11, and the need for proactive measures to protect systems.

CIAOPS - Need to Know podcasts
Episode 331 - Team chat gets a make over

CIAOPS - Need to Know podcasts

Play Episode Listen Later Nov 10, 2024 18:25


Microsoft Ignite is just around the corner but still plenty of updates coming from Microsoft prior to their big tech event. Listen and stay up to date with everything that is happening in the Microsoft Cloud. Resources @directorcia Join my shared channel CIAOPS merch store Become a CIAOPS Patron CIAOPS Blog CIAOPS Brief CIAOPSLabs Support CIAOPS Streamline collaboration with the new chat and channels experience in Microsoft Teams  How to manage false positives – Microsoft Defender for Office 365 Get started with false negative investigations in Microsoft Defender for Office 365 How to investigate email messages in Microsoft Defender for Office 365 How to use the Alert page – Microsoft Defender XDR Defender XDR Monthly news – November 2024 How Microsoft Defender for Office 365 innovated to address QR code phishing attacks Skill up to strengthen your organizations cybersecurity posture Manage Microsoft Entra ID role assignments with Microsoft Entra ID Governance Announcing General Availability of Inbound SMTP DANE with DNSSEC for Exchange Online Coming in December: SC-5004: Defend against cyberthreats with Microsoft Defender XDR What's new in Copilot Studio: November  New Copilot agents: Supercharge Microsoft 365 Copilot A strategic approach to assessing your AI readiness Supercharge productivity with Microsoft 365 Copilot AI safety first: Protecting your business and empowering your people Microsoft 365 Copilot — Small Business Guide to Set Up Copilot Quick actions with Copilot now at your fingertips in OneNote  Stay focused in an action-packed meeting with Microsoft 365 Copilot in Teams How to prepare for Windows 10 end of support by moving to Windows 11 today Github Copilot updates A year of innovation- and feedback-driven features in Microsoft Word Updated management features roll out for Microsoft Intune Suite Afterhours Apple intelligence - catch up

Choses à Savoir TECH
1 Million de dollars pour utiliser Microsoft Bing et Edge ?

Choses à Savoir TECH

Play Episode Listen Later Nov 5, 2024 2:03


Microsoft n'en démord pas : pour concurrencer Google, l'entreprise mise sur toutes les stratégies pour positionner Bing comme moteur de recherche incontournable. Sa dernière initiative ? Un jeu-concours lancé via Microsoft Rewards pour inciter les internautes à adopter Bing et à remplacer Google Chrome par Edge.Concrètement, le jeu propose un système de tirage au sort où les utilisateurs peuvent accumuler jusqu'à 200 entrées. Pour multiplier leurs chances, Microsoft détaille quelques actions : installer l'extension Rewards rapporte 10 entrées, définir Bing comme moteur de recherche par défaut en donne aussi 10, installer Bing ou Edge sur son smartphone rapporte 5 entrées chacun, et ajouter Microsoft Defender donne également 5 entrées supplémentaires. Pour couronner le tout, un partage de lien permet de débloquer jusqu'à 50 entrées supplémentaires.Microsoft espère ainsi booster l'utilisation de son écosystème et attirer les utilisateurs de Google. Mais séduire les fidèles de Google reste un défi. En dépit de ses innovations, comme le partenariat avec OpenAI et l'intégration de Copilot dans Bing, le moteur de recherche de Microsoft peine toujours à s'imposer : Bing ne détient actuellement que 4,15 % de part de marché mondial, bien loin derrière Google, qui règne avec 89,13 %. En France, la situation est similaire, Bing ne parvenant qu'à capter 6,52 % des utilisateurs. L'attrait d'un gain financier suffira-t-il à détourner les internautes de Google ? Peu probable. Microsoft, en exigeant des participants qu'ils fournissent noms, prénoms, adresse et téléphone, joue une carte risquée dans un monde où la protection des données est de plus en plus scrutée. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Blue Security
Detecting AD Compromise, Safe MDE Deployment, macOS SSO

Blue Security

Play Episode Listen Later Oct 29, 2024 30:50


Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss critical cybersecurity insights, focusing on Active Directory security techniques, the implications of recent incidents involving Microsoft Defender for Endpoint, and the introduction of passwordless solutions for Apple devices. They emphasize the importance of foundational knowledge in cybersecurity, the need for robust security practices, and the evolution of identity management solutions in enterprise environments. ---------------------------------------------------- YouTube Video Link:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠https://youtu.be/ySylj7V0AY8 ---------------------------------------------------- Documentation: https://www.cyber.gov.au/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-hardening/detecting-and-mitigating-active-directory-compromises https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-s-safe-deployment-practices/ba-p/4220342 https://learn.microsoft.com/en-us/entra/identity-platform/apple-sso-plugin ---------------------------------------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/bluesecuritypod LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod YouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajawzero LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠ ---------------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

Microsoft Mechanics Podcast
AI apps - Control Safety, Privacy & Security - with Mark Russinovich

Microsoft Mechanics Podcast

Play Episode Listen Later Oct 24, 2024 15:47


What are prompt injection attacks and how do you stop them? How do you avoid deceptive responses? Can AI traffic be end-to-end encrypted? We'll answer these questions and more with technical demonstrations to make it real. Mark Russinovich will show you how to develop and deploy AI applications that prioritize safety, privacy, and integrity. Leverage real-time safety guardrails to filter harmful content and proactively prevent misuse, ensuring AI outputs are trustworthy. The integration of confidential inferencing enables users to maintain data privacy by encrypting information during processing, safeguarding sensitive data from exposure. Enhance AI solutions with advanced features like Groundedness detection, which provides real-time corrections to inaccurate outputs, and the Confidential Computing initiative that extends verifiable privacy across all services. Mark Russinovich, Azure CTO, joins Jeremy Chapman to share how to build secure AI applications, monitor and manage potential risks, and ensure compliance with privacy regulations.   ► QUICK LINKS: 00:00 - Keep data safe and private 01:19 - Azure AI Content Safety capability set 02:17 - Direct jailbreak attack 03:47 - Put controls in place 04:54 - Indirect prompt injection attack 05:57 - Options to monitor attacks over time 06:22 - Groundedness detection 07:45 - Privacy—Confidential Computing 09:40 - Confidential inferencing Model-as-a-service 11:31 - Ensure services and APIs are trustworthy 11:50 - Security 12:51 - Web Query Transparency 13:51 - Microsoft Defender for Cloud Apps 15:16 - Wrap up   ► Link References Check out https://aka.ms/MicrosoftTrustworthyAI  For verifiable privacy, go to our blog at https://aka.ms/ConfidentialInferencing    ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Microsoft Mechanics Podcast
Token theft protection with Microsoft Entra, Intune, Defender XDR & Windows

Microsoft Mechanics Podcast

Play Episode Listen Later Oct 8, 2024 8:35


Prevent attackers from stealing your identity and data by protecting your tokens. In single sign-on systems like SAML and OAUTH, tokens are how services know who you are and what you can do. When you sign in to your machine with your Microsoft Entra ID account, you are getting a session token you can use to access things like your email, teams and other apps. Check out new capabilities like Credential Guard in Windows enforced by device policies in Intune, Token Protection enforcement in Microsoft Entra, and Token theft detections in Microsoft Sentinel and Defender XDR. Alex Weinert, from the Microsoft Entra team, explains what tokens are, how token theft works, and how to defend yourself from these attacks.   ► QUICK LINKS: 00:00 - Token theft attacks 01:39 - Token basics 02:59 - Token theft demo 03:41 - How to use token protection 05:22 - Additional Token theft defenses 06:25 - How to detect and shut down attacks 08:01 - Wrap up   ► Link References Get started at https://aka.ms/TokenTheftDefense   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

The Daily Decrypt - Cyber News and Discussions
Crooked Cops, Insider Trading, and Phishing as a Service for all – Cybersecurity News

The Daily Decrypt - Cyber News and Discussions

Play Episode Listen Later Oct 2, 2024


Video Episode: https://youtu.be/665pQQC8k-4 In today’s episode, we delve into the shocking case of Adam Iza, a California man allegedly linked to extortion and bribery involving local police officers, and his ties to the notorious hacking group UGNazi. We also discuss developments in cybersecurity, including the SEC’s charges against Robert B. Westbrook for insider trading through computer hacks, the alarming rise of the Sniper Dz phishing-as-a-service platform, the unveiling of vulnerabilities in court systems nationwide, and Microsoft Defender’s new features to detect unsecured Wi-Fi networks. Join us as we unpack these significant stories impacting the cybercrime landscape. Links to articles: 1. https://krebsonsecurity.com/2024/09/crooked-cops-stolen-laptops-the-ghost-of-ugnazi/ 2. https://www.bleepingcomputer.com/news/security/hacker-charged-for-breaching-5-companies-for-insider-trading/ 3. https://thehackernews.com/2024/10/free-sniper-dz-phishing-tools-fuel.html 4. https://www.bleepingcomputer.com/news/security/microsoft-defender-now-automatically-detects-unsecure-wi-fi-networks/ 5. https://arstechnica.com/security/2024/09/systems-used-by-courts-and-govs-across-the-us-riddled-with-vulnerabilities/ Timestamps 00:00 – Introduction 01:07 – Crooked Cops 02:50 – Insider Trading 04:06 – PHaaS SniperDZ 06:00 – Defender VPN on Insecure Wifi 1. What are today’s top cybersecurity news stories? 2. How are law enforcement officers involved in cybercrime? 3. What charges were filed against hacker Robert B. Westbrook? 4. What is phishing-as-a-service and how does it work? 5. How does Microsoft Defender protect against unsafe Wi-Fi networks? 6. What vulnerabilities were found in U.S. court and government systems? 7. What is the connection between Adam Iza and the UGNazi hacker group? 8. What techniques do cybercriminals use for insider trading? 9. How can you identify and prevent phishing attacks? 10. What role does encryption play in protecting public Wi-Fi connections? corruption, cybercrime, Adam Iza, violence-as-a-service, Westbrook, insider trading, cybercrime, SEC, Sniper Dz, phishing, credential theft, Telegram, Microsoft Defender, Wi-Fi networks, cyber-attacks, VPN, Parker, vulnerabilities, voter registrations, security,

Microsoft Cloud IT Pro Podcast
Episode 384 – Securing Azure: Microsoft Defender for Cloud

Microsoft Cloud IT Pro Podcast

Play Episode Listen Later Sep 12, 2024 34:57 Transcription Available


Welcome to Episode 384 of the Microsoft Cloud IT Pro Podcast. In this episode, we tackle a wide range of essential topics to help you monitor, secure, and streamline operations across your Azure estate. From access control strategies to virtual machine agents and everything in between, this episode gives you a high-level overview of Microsoft Defender for Cloud and the suite of Azure services it protects. Like what you hear and want to support the show? Check out our membership options. Show Notes Episode 382 – Securing the Modern Workplace: Exploring Microsoft Entra ID Security Defaults, Conditional Access Policies, and Microsoft Secure Score Episode 383 – Securing Azure: Monitoring and observing your Azure estate What is Microsoft Defender for Cloud? Common questions about Defender for Cloud? Common questions about data collection, agents, and workspaces About Azure Update Manager Align responsibilities across teams About the sponsors Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!

The SysAdmin DOJO Podcast
The Complexity and Confusion of the Defender Ecosystem

The SysAdmin DOJO Podcast

Play Episode Listen Later Sep 12, 2024 40:34


In this episode of the Security Swarm Podcast, host Andy Syrewicze and our regular guest, Paul Schnackenburg, provide a comprehensive overview of the Microsoft Defender ecosystem. They cover the various Defender products, including:  Defender for Endpoint - Microsoft's enterprise endpoint security solution with different licensing tiers  Defender for Identity - Cloud-based threat detection for on-premises Active Directory  Defender Vulnerability Management - Inventory and risk assessment of software on endpoints  Defender for IoT - Security for Internet of Things and operational technology environments  Defender for Cloud - Cloud security for Azure, AWS, and GCP resources  And Others!  They also discuss the "Defender adjacent" services like Microsoft Entra (identity), Microsoft Purview (data security/governance), and Microsoft Defender for Cloud Apps (CASB).  A key focus of the discussion is the complexity and management challenges that come with this expansive Defender suite. The host and the guest note the large number of different management portals, the difficulty of adequately configuring and leveraging all the features, and the need for dedicated security teams to utilize these enterprise-grade tools fully.   Further down the line, Andy and Paul explore the significant value that third-party security solutions can provide in augmenting or simplifying the M365 security experience. They highlight how third-party tools can offer easier deployment, management, and specialized capabilities that may be outside the core focus of the broader Defender ecosystem, thereby enhancing the overall security posture of an organization.   Overall, this episode takes a deep dive into the Microsoft Defender landscape, exploring the pros and cons of the comprehensive suite and offering insights on how organizations can optimize their security with a mix of Microsoft and third-party solutions.  CTA: Overwhelmed by the complexity of the Microsoft Defender ecosystem? Simplify your Microsoft 365 security, risk management, governance, compliance, and backup with 365 Total Protection by Hornetsecurity.  Key Takeaways:  The Microsoft Defender ecosystem has grown significantly beyond the basic antivirus/anti-malware solution, now encompassing a wide range of security products and services across endpoints, cloud, identity, and more.  Navigating the Defender suite can be challenging due to the sheer number of products, overlapping features, and disparate management portals, especially for smaller organizations without dedicated security teams.  Licensing for Defender products can be complex, with different SKUs (P1, P2, Business Premium, E3, E5) offering varying levels of functionality and requiring careful evaluation to ensure the right fit.  Third-party security solutions can provide value by offering simplified management, enhanced detection capabilities, and avoiding over-dependence on a single vendor (Microsoft) for an organization's security needs.  Proper configuration and ongoing optimization of Defender tools is difficult and time consuming, leaving the full potential of the suite to enterprises with dedicated security teams.  Microsoft Defender XDR (Extended Detection and Response) aims to integrate Defender products into a more cohesive security platform. Still, it requires significant resources and expertise to implement effectively.  Timestamps:  (02:00) Overview of the Microsoft Defender ecosystem  (07:00) Differences between Microsoft Defender for Endpoint P1, P2, and Business Premium  (13:00) Explanation of Microsoft Defender for Identity and its on-premises vs cloud components  (19:00) Discussion of Microsoft Defender Vulnerability Management and its challenges for small/medium businesses  (32:00) Value that third-party security solutions can provide compared to the Microsoft Defender suite  Episode Resources:  Security Swarm Episode on M365 Security Licensing

CIAOPS - Need to Know podcasts
Episode 326 - MFA for all

CIAOPS - Need to Know podcasts

Play Episode Listen Later Aug 18, 2024 14:32


You are going to need to update any global administrator account that doesn't have MFA enabled soon. Failing to do so will cause you some pain when you visit the Azure, EntraID or Intune portal. See the included article for more details. This and lots of Microsoft cloud news in this episode including some great improvements to Microsoft Teams. Resources @directorcia Join my shared channel CIAOPS merch store Become a CIAOPS Patron CIAOPS Blog CIAOPS Brief CIAOPSLabs Support CIAOPS Announcing mandatory multi-factor authentication for Azure sign-in Moving to OneNote on Windows Microsoft Defender for Endpoint's Safe Deployment Practices Updates to Microsoft Copilot to bring enterprise data protection to more organizations Reimagining content management at Microsoft with SharePoint Premium Give a custom name to the General channel in Microsoft Teams Enhanced presenter and attendee experience with the expanded gallery view in Teams  Face Check is now generally available Show or hide the Discover feed in Microsoft Teams Exploring the latest AI features in Clipchamp Professional project management with Microsoft Planner How Microsoft and NIST are collaborating to advance the Zero Trust Implementation Detect compromised RDP sessions with Microsoft Defender for Endpoint  Enhancements to the Outbound Messages in Transit Security Report

The Azure Podcast
Episode 502 - Azure Open AI and Security

The Azure Podcast

Play Episode Listen Later Aug 15, 2024


Azure Open AI is widely used in industry but there are number of security aspects that must be taken into account when using the technology. Luckily for us, Audrey Long, a Software Engineer at Microsoft, security expert and renowned conference speaker, gives us insights into securing LLMs and provides various tips, tricks and tools to help developers use these models safely in their applications.   Media file: https://azpodcast.blob.core.windows.net/episodes/Episode502.mp3 YouTube: https://youtu.be/64Achcz97PI Resources: AI Tooling: Azure AI Tooling Announcing new tools in Azure AI to help you build more secure and trustworthy generative AI applications | Microsoft Azure Blog Prompt Shields to detect and block prompt injection attacks, including a new model for identifying indirect prompt attacks before they impact your model, coming soon and now available in preview in Azure AI Content Safety.  Groundedness detection to detect “hallucinations” in model outputs, coming soon.  Safety system messagesto steer your model’s behavior toward safe, responsible outputs, coming soon. Safety evaluations to assess an application’s vulnerability to jailbreak attacks and to generating content risks, now available in preview.   Risk and safety monitoring to understand what model inputs, outputs, and end users are triggering content filters to inform mitigations, coming soon, and now available in preview in Azure OpenAI Service. AI Defender for Cloud AI Security Posture Management AI security posture management (Preview) - Microsoft Defender for Cloud | Microsoft Learn AI Workloads Enable threat protection for AI workloads (preview) - Microsoft Defender for Cloud | Microsoft Learn        AI Red Teaming Tool Announcing Microsoft’s open automation framework to red team generative AI Systems | Microsoft Security Blog AI Development Considerations:   AI Assessment from Microsoft Conduct an AI assessment using Microsoft’s Responsible AI Impact Assessment Template Responsible AI Impact Assessment Guide for detailed instructions Microsoft Responsible AI Processes Follow Microsoft’s Responsible AI principles: fairness, reliability, safety, privacy, security, inclusiveness, transparency, and accountability Utilize tools like the Responsible AI Dashboard for continuous monitoring and improvement Define Use Case and Model Architecture Determine the specific use case for your LLM Design the model architecture, focusing on the Transformer architecture   Content Filtering System How to use content filters (preview) with Azure OpenAI Service - Azure OpenAI | Microsoft Learn Azure OpenAI Service includes a content filtering system that works alongside core models, including DALL-E image generation models. This system uses an ensemble of classification models to detect and prevent harmful content in both input prompts and output completions The filtering system covers four main categories: hate, sexual, violence, and self-harm Each category is assessed at four severity levels: safe, low, medium, and high Additional classifiers are available for detecting jailbreak risks and known content for text and code. JailBreaking Content Filters Red Teaming the LLM Plan and conduct red teaming exercises to identify potential vulnerabilities Use diverse red teamers to simulate adversarial attacks and test the model’s robustness Microsoft AI Red Team building future of safer AI | Microsoft Security Blog Create a Threat Model with OWASP Top 10 owasp.org/www-project-top-10-for-large-language-model-applications/assets/PDF/OWASP-Top-10-for-LLMs-2023-slides-v1_1.pdf Develop a threat model and implement mitigations based on identified risks   Other updates: Los Angeles Azure Extended Zones Carbon Optimization App Config Ref GA OS SKU In-Place Migration for AKS Operator CRD Support with Azure Monitor Managed Service Azure API Center Visual Studio Code Extension Pre-release Azure API Management WordPress Plugin Announcing a New OpenAI Feature for Developers on Azure

Business of Tech
Google AI Cutbacks, MIT AI Risk Tool, CISA Ruling Impact, FCC Cybersecurity for Schools

Business of Tech

Play Episode Listen Later Aug 14, 2024 12:26


Google's AI overviews in search results have significantly decreased due to user complaints about incorrect answers, prompting the company to refine its implementation. MIT launched the AI Risk Repository, a database cataloging over 700 unique risks associated with AI systems to assist organizations in assessing and mitigating AI risks. Additionally, Dashlane's Passkey report showcased the rapid adoption of Passkeys as a password replacement, driven by consumer demand in various sectors.The episode also covered significant developments in cybersecurity and government initiatives. CISA is analyzing the impact of a recent Supreme Court ruling on its new cyber incident reporting rule, while the White House is collaborating with the Department of Treasury and CISA to develop a cyber insurance policy proposal for catastrophic incidents. The FCC unveiled a $200 million cybersecurity program for schools and libraries to enhance their cybersecurity measures against increasing cyberattacks, separate from the existing E-Rate program.In response to scraping allegations, SOCRadar confirmed that their internal systems were not breached, and they are enhancing security measures to prevent future incidents. A security researcher revealed two zero-day vulnerabilities in Windows that allow downgrade attacks, compromising critical OS components. The episode also highlighted various cybersecurity developments from DEF CON and Black Hat, including the hacking of EvoVac robots and the development of a laser microphone for keystroke surveillance.Lastly, Syncro launched an AI-powered smart ticket management solution for managed services providers and IT operations to enhance efficiency and ticket resolution. SAS Alerts integrated Microsoft Defender for Endpoint into its security platform for MSPs, offering centralized monitoring of Microsoft 365 applications and Endpoint security. These developments reflect a trend towards leveraging AI in ticket resolution and enhancing cybersecurity measures in the tech industry. Four things to know today00:00 Google Scales Back AI Overviews Amid User Complaints as MIT Releases Comprehensive AI Risk Tool04:10 CISA Analyzes Supreme Court Ruling Impact as FCC Unveils $200M Cybersecurity Program for Schools06:50 SOCRadar Responds to Scraping Allegations, Confirms No Breach of Internal Systems08:53 Syncro Launches AI-Driven Smart Ticket Management to Streamline MSP Operations  Supported by:  https://getthread.com/https://www.coreview.com/msp/   All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social

The Cyber Threat Perspective
Episode 103: Email Spoofing

The Cyber Threat Perspective

Play Episode Listen Later Aug 7, 2024 27:10


Text us feedback!In this episode, Spencer and Brad dive into the complex maze of 3rd party email providers, filtering and spoofing. Email spoofing is a technique used by cybercriminals to disguise the sender's address in an email message, making it appear as though the email originated from a different source. This can be used for a variety of malicious purposes, such as phishing attacks, fraudulent activities, or spreading malware.DMARC Rundown - Offensive Security Blog - SecurIT360“EchoSpoofing” — A Massive Phishing Campaign Exploiting...Spoof intelligence insight - Microsoft Defender for Office 365How attackers bypass third-party mail filtering to Office 365Spoofing Microsoft 365 Like It's 1995 - Black Hills Information SecurityBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

Irish Tech News Audio Articles
Ergo achieves the Microsoft Modernise Endpoints Specialisation

Irish Tech News Audio Articles

Play Episode Listen Later Aug 2, 2024 2:54


Ergo, one of Ireland's leading IT services providers, has achieved the Microsoft Modernise Endpoints specialisation, a recognition given to Microsoft partners globally who demonstrate deep knowledge, extensive experience, and proven success in delivering holistic solutions designed for the hybrid workplace. As the world of work changes and businesses continue to operate hybrid models of working, organisations need to manage and enable secure access to corporate resources across mobile, desktop, and virtual endpoints to better enable their workforce and set them up for success. This includes devices users need, operating systems that are secure by design, endpoint management solutions, and collaborative applications that are accessible from anywhere. Microsoft Capabilities The Ergo team works to embed a culture of collaboration and secure hybrid working inside global multi-site organisations, using Microsoft solutions such as Microsoft Intune, Microsoft 365, Windows Autopilot, Microsoft Defender for Endpoint, Microsoft Entra and Microsoft Azure Virtual Desktop Infrastructure to bring disparate workforces together for a seamless experience. Speaking on the recognition, Gerry Hampson, Client Management Practice Lead at Ergo, and Microsoft MVP, said: "In a world where workplaces are increasingly disparate, it is essential that organisations are set up for success when managing teams across multiple locations and geographies." "This achievement is testament to the hard work and dedication of the team here in Ergo, who are steadfast in their commitment to ensuring that our customers are set up for success through preparing them for today, while planning for tomorrow." Paul Chawke, Partner Development Manager at Microsoft said: "Ergo has a longstanding, 30-year long history with Microsoft achieving technological advancements and innovation in Ireland. This achievement recognises the work that Ergo are carrying out when it comes to equipping organisations for success through Modernize Endpoint solutions." Ergo has extensive knowledge and capabilities in the area of modern work, with one of the largest Microsoft practices in Ireland and five Microsoft MVPs (Most Valuable Professionals, the highest accolade a Microsoft engineer can be awarded), three of whom contribute to modern work areas such as Microsoft 365 Development and Enterprise Mobility. Ergo is also a Microsoft Solution Partner for Modern Work with specialisations in adoption and change management, meetings and meeting rooms for Microsoft Teams, and Modernise Endpoints. This expertise was recognised as Ergo took home the Microsoft Partner of the Year Award 2024. This is the sixth time Ergo has won the Country of the Year Award making it the most recognised Microsoft Partner in Ireland. See more stories here.

Cyber Security Headlines
Microsoft Defender exploited, assassin's encryption frustration, NK elite hackers

Cyber Security Headlines

Play Episode Listen Later Jul 26, 2024 7:56


Hackers exploiting Microsoft Defender SmartScreen bug IT leaders note increase in severity of cyber-attacks, ransomware and BEC stand out, Trump shooting investigation revives the end-to-end encryption issue Huge thanks to our sponsor, Vanta Whether you're starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines.  For the stories behind the headlines, head to CISOseries.com

Ctrl+Alt+Azure
248 - Azure Updates

Ctrl+Alt+Azure

Play Episode Listen Later Jul 24, 2024 26:20


In this week's episode, we look at recent Azure updates. What's new? What's interesting? What's retiring? We found updates for Azure Functions, Defender for Cloud, Windows VM and MFA, and many others. Also, Jussi asks Tobi an unexpected question.(00:00) - Intro and catching up.(03:54) - Show content starts.Show links- Public Preview: Continuous Performance Diagnostics for Windows VMs to enhance VM Troubleshooting- Windows Server 2025 Preview on Azure- MFA requirements update- Public preview for the Microsoft Entra Powershell module- Generally Available: Run Azure Load Testing on Azure Functions (microsoft.com)- Service Retirement (Preview) - Microsoft Azure- What's new in Microsoft Defender for Cloud features- Give us feedback!

Azure DevOps Podcast
Craig Loewen: Windows Subsystem for Linux - Episode 307

Azure DevOps Podcast

Play Episode Listen Later Jul 22, 2024 35:35


Craig Loewen has had a love for technology ever since he was a child and has grown passionate about building things that empower people. From constructing his own quadcopter for photography to delivering developer tools that aid developers in driving technological innovation, he has done it all.   As a product manager at Microsoft, he is responsible for the Windows Subsystem for Linux (WSL), a developer tool used by over 3 million developers and IT professionals. He defines the product vision and prioritizes the feature roadmap based on customer data, technical feedback, and market studies. On the personal side, he volunteers as a mentor at First Robotics, teaching high school students how to build robots and fostering a passion for STEM.   Topics of Discussion: [3:52] Craig's career journey, starting as an intern working on Windows console and WSL features. [5:18] Common use cases for WSL — allowing developers to use Linux tools while staying on Windows. [7:43] How to get started with WSL. [8:59] Does Craig have any favorite Linux programs? [10:05] New Dev Home feature for managing WSL distros with a graphical interface. [11:36] How WSL works using virtualization technology. [13:35] Memory management in WSL — typical usage and automatic optimization. [15:22 WSL is designed primarily for development scenarios, not production environments. [20:33] Integration of local AI and small language models with WSL using VS Code AI Toolkit. [23:37] Using small language models for various tasks, including issue labeling and search functionality. [27:35] Intro to Sudo for Windows, bringing Linux-like elevated permissions to Windows commands. [28:39] What exactly is Sudo? [32:39] New enterprise features for WSL, including security controls and integration with Microsoft Defender.   Mentioned in this Episode: Clear Measure Way Architect Forum Software Engineer Forum Programming with Palermo — New Video Podcast! Email us at programming@palermo.net. Clear Measure, Inc. (Sponsor) .NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon! Jeffrey Palermo's Twitter — Follow to stay informed about future events! Craig Loewen What is the Windows Subsystem for Linux Windows Subsystem for Linux, Your Enterprise Ready Multitool Zero to Hero — Develop your first app with Local LLMs on Windows   Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.

Blue Security
Recommended EOP and MDO settings

Blue Security

Play Episode Listen Later Jul 2, 2024 39:18


In this episode of the Blue Security Podcast, Andy and Adam discuss recommended settings for Exchange Online Protection (EOP) and Microsoft Defender for Office (MDO). They explain that EOP is the core security for M365 subscriptions, providing anti-malware, anti-spam, and anti-phishing protection. They also highlight the importance of the secure by default feature in EOP and the use of admin submissions to report false positives and false negatives. They caution against using methods like Outlook safe senders, IP allow listing, and allowed senders list within anti-spam policies, as these can bypass important security measures. They emphasize the need for organizations to regularly review and clean up their EOP policies to ensure effective email security. Takeaways -Exchange Online Protection (EOP) is the core security for M365 subscriptions, providing anti-malware, anti-spam, and anti-phishing protection. -The secure by default feature in EOP ensures that high-confidence phishing and malware emails are blocked, regardless of any overrides or exceptions. -Admin submissions should be used to report false positives and false negatives, allowing Microsoft to review and improve filtering rules. -Methods like Outlook safe senders, IP allow listing, and allowed senders list within anti-spam policies can bypass important security measures and should be avoided. -Regularly reviewing and cleaning up EOP policies is essential to maintain effective email security. ---------------------------------------------------- YouTube Video Link:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠https://youtu.be/guRhC1yVJYI⁠⁠⁠⁠⁠⁠⁠⁠ ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide https://learn.microsoft.com/en-us/defender-office-365/secure-by-default https://learn.microsoft.com/en-us/defender-office-365/advanced-delivery-policy-configure#use-the-microsoft-defender-portal-to-configure-third-party-phishing-simulations-in-the-advanced-delivery-policy ---------------------------------------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Linkedin: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Youtube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ----------------------------------------------------------- Andy Jaw Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ---------------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/blue-security-podcast/message

RunAs Radio
Microsoft Defender for Cloud with Yuri Diogenes

RunAs Radio

Play Episode Listen Later Jun 19, 2024 36:52


Have you rolled out Microsoft Defender for Cloud? Richard chats with Yuri Diogenes about the bundle of tools under the Defender for Cloud moniker. Yuri describes Defender for Cloud as a Cloud-Native Application Protection Platform (CNAPP). This Gartner term covers the various elements that go into a cloud-native application, including APIs, servers, containers, storage, resource manager, and more! Defender for Cloud integrates with Microsoft Purview to understand data sensitivity, and Microsoft Sentinel helps detect breaches or data misuse. It also offers attack path analysis and remediation so you can get ahead of the attackers to close off potential breach risks before they happen! Check the links in the show notes for great resources, including an ebook on CNAPP strategy!LinksDefender for CloudOWASP Top 10 API Security RisksDefender for APIsMicrosoft SentinelData Security DashboardAttack PathsMicrosoft PurviewCloud Security Posture ManagementMicrosoft Copilot for SecuritySecurity Remediation with GovernanceDefender for Cloud ServiceNow IntegrationCNAPP Strategy EbookRecorded May 13, 2024

Microsoft Mechanics Podcast
Prioritize Security Incidents Based on Data Importance | Microsoft Defender with Microsoft Purview

Microsoft Mechanics Podcast

Play Episode Listen Later May 11, 2024 7:02


Prioritize incidents based on data significance, detect insider risks, and adapt protections in real-time with Microsoft Defender XDR and Microsoft Purview. Customize thresholds and risk indicators to detect anomalous behavior and prevent potential breaches with Adaptive Protection. Receive real-time DLP alerts triggered by policy matches, ensuring immediate action to safeguard sensitive data. Gain comprehensive visibility into threats and enforce policies across all devices and applications. Sravan Kumar Mera, Principal Product Manager for Microsoft Purview shares how to stay ahead of evolving threats and maintain data integrity.   ► QUICK LINKS: 00:00 - Prioritize security incidents based on data importance 00:42 - High severity multistage incident 01:29 - DLP alerts 02:24 - Insider risk activity summary 03:30 - Set up data security foundation 04:47 - Adaptive Protection 05:50 - DLP policy & Conditional Access 06:33 - Wrap up   ► Link References Get started at https://purview.microsoft.com Watch our data security playlist at https://aka.ms/datasecuritymechanics   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics    

Uncovering Hidden Risks
Understanding Cloud Native Applications Protection Platform (CNAPP)

Uncovering Hidden Risks

Play Episode Listen Later Apr 24, 2024 42:29


Giulio Astori, Principal PM at Microsoft, joins Erica Toelle and guest host Yuri Diogenes on this week's episode of Uncovering Hidden Risks. Giulio Astori works as a Principal Program Manager for Microsoft Defender for Cloud and Yuri has been at Microsoft for the past 18 years and manages a Product Management team for the Defender for Cloud Product. In this discussion, Giulio delves into the world of Cloud Native Application Protection Platforms (CNAPPs), explaining their significance and utility in enhancing cloud security and protecting workloads. He explores the distinction between CNAPPs and Cloud Security Posture Management, shedding light on their roles in bolstering organizational security.    In This Episode You Will Learn:       What a Cloud Native Application Protection Platform is and why it's useful  The difference between CNAPP and Cloud Security Posture Management  How organizations can start to plan for CNAPP adoption  Some Questions We Ask:       Why is a CNAPP crucial for improving Cloud security and workload protection?  Do you have any tips for how organizations can increase their maturity level?   What distinguishes CNAPP from Cloud Security Posture Management in bolstering security?    Resources:     View Giulio Astori on LinkedIn   View Yuri Diogenes on LinkedIn  View Erica Toelle on LinkedIn         From planning to deploying to operationalizing, the complete guide to implementing a CNAPP strategy is here - aka.ms/mscnapp          Related Microsoft Podcasts:                 Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast    Microsoft Threat Intelligence Podcast  Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Uncovering Hidden Risks is produced by Microsoft and distributed as part of N2K media network.   

RunAs Radio
Microsoft Copilot for Security with George Coldham

RunAs Radio

Play Episode Listen Later Apr 3, 2024 35:21


How can Microsoft Copilot for Security help you? While at NDC in Sydney, Richard chatted with George Coldham about Microsoft Copilot for Security - combining GPT-4 with information about Microsoft security products and your organization's resources in Azure to provide guidance and insight into making your company more secure. George talks about how it's early days for this copilot - and it's only in preview so far. Bringing together the vast array of security products that Microsoft makes, Microsoft Copilot for Security brings the ability of Large Language Models to summarize data to help you understand where the organization's security vulnerabilities exist and how to address them. You want to get in on this preview!LinksMicrosoft Copilot for SecurityUnified Security Operations PlatformMicrosoft SentinelMicrosoft Security Portals and Admin CentersMicrosoft Defender for EndpointMicrosoft Defender for CloudMicrosoft EntraMicrosoft PurviewMicrosoft PrivaKusto Query LanguageMicrosoft Defender Threat IntelligenceRecorded February 13, 2024

Dev Interrupted
How Microsoft Integrates AI into Security | Binil Pillai

Dev Interrupted

Play Episode Listen Later Apr 2, 2024 29:13 Transcription Available


In the past year, ransomware attacks have been up almost 300%, with over 50% targeting small businesses. To help mitigate this increase, Microsoft is launching their new Security Copilot, and we sat down with their SMB Security Strategy Head, Binil Pillai, to learn more.We dive into the importance of SMBs assessing their security posture, how to leverage AI for efficient threat detection and response, and the role of Microsoft's partner ecosystem in providing comprehensive security solutions. The episode concludes with advice for SMB leaders on starting their security assessments and the benefits of integrating AI into their cybersecurity strategies.Episode Highlights:01:39 Why is SMB security a priority for Microsoft?07:34 Key security challenges for SMBs 09:26 How can SMBs leverage AI within security?16:28 How VPs of Engineering can use new tech to deal with threats20:25 Microsoft Security Copilot 24:30 Where is the best place to learn about Microsoft's security strategy?Show Notes:Microsoft Copilot for Security is generally available on April 1, 2024 | Microsoft Security BlogMicrosoft Copilot for Security: General Availability details - Microsoft Community HubMicrosoft 365 Business Premium | Microsoft 365Microsoft Defender for Business | Microsoft SecurityAutomatic attack disruption in Microsoft 365 Defender | Microsoft LearnMicrosoft Defender for Cloud | Microsoft SecurityWhat is Microsoft Defender for Cloud? - Microsoft Defender for Cloud | Microsoft LearnSolution Assessment Program (microsoft.com)Support the show: Subscribe to our Substack Leave us a review Subscribe on YouTube Follow us on Twitter or LinkedIn Offers: Learn about Continuous Merge with gitStream Get your DORA Metrics free forever

Microsoft Cloud IT Pro Podcast
Episode 373 – Microsoft Intune (Part Trois)

Microsoft Cloud IT Pro Podcast

Play Episode Listen Later Mar 28, 2024 36:24 Transcription Available


Welcome to Episode 373 of the Microsoft Cloud IT Pro Podcast where Ben and Scott close out their review of Microsoft Intune and its third pillar - Endpoint security. They discuss the core components of Endpoint security, including antivirus, disk encryption, and firewall configuration. Ben also takes Scott on a tour of some more hidden gems in Endpoint security, including managed installers along with endpoint detection and response policies. Like what you hear and want to support the show? Check out our membership options. Show Notes Microsoft Intune troubleshooting Manage endpoint security in Microsoft Intune Manage BitLocker policy for Windows devices with Intune Use FileVault disk encryption for macOS with Intune Monitor device encryption with Intune Endpoint security firewall rule migration tool overview Enforce compliance for Microsoft Defender for Endpoint with Conditional Access in Intune Endpoint detection and response policy for endpoint security in Intune Manage approved apps for Windows devices with App Control for Business policy and Managed Installers for Microsoft Intune About the sponsors Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!

Defense in Depth
Improving the Responsiveness of Your SOC

Defense in Depth

Play Episode Listen Later Mar 21, 2024 27:46


All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining me is our sponsored guest, Spencer Thompson, CEO, Prelude. In this episode: Why does it take so long to integrate new tools and get them up to speed? Are we always in a state where we are always lacking readiness? What should we be measuring? Do we focus too much on singular events? Thanks to our podcast sponsor, Prelude Prelude Detect is the world's only production-scale detection and response testing platform. Automatically transform your threat intelligence into validated detections and preventions in less than five minutes. Integrate with CrowdStrike, Microsoft Defender, SentinelOne, and more to enable machine speed detection and response engineering

Microsoft Cloud IT Pro Podcast
Episode 371 – Microsoft Intune (Part Une)

Microsoft Cloud IT Pro Podcast

Play Episode Listen Later Feb 29, 2024 45:59 Transcription Available


Welcome to Episode 371 of the Microsoft Cloud IT Pro Podcast, where we'll be discussing Microsoft Intune, one of the most powerful tools for managing your organization's devices, apps, and endpoint security. In this episode, we'll start exploring the three pillars of Intune: Devices, Apps, and Endpoint Security. We'll cover what devices you can enroll, how to onboard them, and what configurations are available. Like what you hear and want to support the show? Check out our membership options. Show Notes Washington's Dream - SNL - YouTube Microsoft Intune plans and pricing Microsoft Intune licensing Device-only licenses Microsoft Intune planning guide Get started with your Microsoft Intune deployment Supported operating systems and browsers in Intune Manage endpoint security policies on devices onboarded to Microsoft Defender for Endpoint Import custom ADMX and ADML administrative templates into Microsoft Intune (public preview) Create a Settings Catalog policy using your imported GPOs in Microsoft Intune (public preview) Password and account lockout policies on Microsoft Entra Domain Services managed domains About the sponsors Intelligink utilizes their skill and passion for the Microsoft cloud to empower their customers with the freedom to focus on their core business. They partner with them to implement and administer their cloud technology deployments and solutions. Visit Intelligink.com for more info.

Microsoft Cloud IT Pro Podcast
Episode 367 – Azure Files vs a Server with an SMB Share

Microsoft Cloud IT Pro Podcast

Play Episode Listen Later Jan 4, 2024 46:34 Transcription Available


In Episode 367, Ben and Scott kick off 2024 with a discussion of Azure Files. They start out reviewing a customer scenario Ben encountered and how they would approach it, breaking down the options available with Azure Files, hosting traditional SMB shares in Azure, and how a hybrid deployment can be the best of both worlds. Like what you hear and want to support the show? Check out our membership options. Show Notes Planning for an Azure Files deployment Replace or extend Windows file servers with Azure Files and Azure File Sync Authentication & Identity Overview of Azure Files identity-based authentication options for SMB access Data protection What are the benefits of Microsoft Defender for Storage? Prevent accidental deletion of Azure file shares Accidental delete protection for Azure file shares using Azure Backup Azure Files data redundancy Costing Optimize costs for Azure Files with Reservations Understand Azure Files billing Performance and scale Azure Files scalability and performance targets Azure Files networking considerations NFS file shares in Azure Files Robocopy sees Cloud Tiered files in Azure File Sync as "modified" even though they are not, how to fix? About the sponsors Intelligink utilizes their skill and passion for the Microsoft cloud to empower their customers with the freedom to focus on their core business. They partner with them to implement and administer their cloud technology deployments and solutions. Visit Intelligink.com for more info.

Hacking Humans
Exercise caution: online shopping edition.

Hacking Humans

Play Episode Listen Later Aug 31, 2023 55:25


Oren Koren, CPO and Co-Founder of Veriti, is discussing the need for vigilance and caution when navigating the online shopping landscape. Dave and Joe share quite a bit of listener follow up, one listener writes in for some clarification on the "AI versus AI" episode regarding Google giving their source code so they can do business in China, when in fact it was 2 other companies. Listener Miguel brings our next bit of follow up, he writes in to discuss financial crimes and shares a story based on a story shared on the show. Our last piece of follow up is from listener Will, who shares a way to expand your website links the best way that works for him. Dave's got the story on an Amazon ad in Google search that looks so real, it's been scamming people redirecting visitors to a Microsoft Defender tech support scam that locks up their browser, the one that Dave had to help his father with a couple weeks back. Joe's story follows a Cambridge shed builder who thought he was getting an award, when in fact all he got was a scam. Our catch of the day comes from the European union agency for cybersecurity that received a suspicious looking email from Ebay. Links to stories: Sneaky Amazon Google ad leads to Microsoft support scam Cambridge shed builder thought he was getting an award, but it was a vanity scam Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.