Podcasts about Microsoft Defender

Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest George Finney, CISO, The University of Texas System – check out George's new book plus all his other achievements at his website, WellAwareSecurity. Thanks to our show sponsor, Conveyor Still spending hours maintaining a massive spreadsheet of Q&A pairs or using RFP tools to answer security questionnaires? Conveyor's AI doesn't need hand-holding and gets you accurate answers every time with limited knowledge base maintenance. It reads directly from your connected sources—documents, wikis, websites, Confluence, Google drive, and even your Conveyor trust center. You don't maintain a knowledge base. You connect to one. And our AI does the rest for you. See what real auto-fill magic looks like at www.conveyor.com All links and the video of this episode can be found on CISO Series.com      

In episode 242 of our SAP on Azure video podcast we talk about the integration of SAP LeanIX and Microsoft Defender for Cloud Apps. I have to admit that I have not yet worked with SAP LeanIX. LeanIX is an Enterprise Architecture Tools that brings visibility in your landscape. In most companies, this tool is used by Enterprise Architects. What happens now, if you combine LeanIX with Microsoft Defender for Cloud Apps, which helps you to secure and govern SaaS solution? That's exactly what Martin Pankraz and Michelle Niedernhuber from SAP thought about and brought these two products together. So in todays episode -- to quote from their blog post -- we will look at the magic that happens when you combine them. Find more information at:* SAP LeanIX integrating Microsoft Defender for Cloud Apps: https://community.sap.com/t5/technology-blog-posts-by-members/sap-leanix-integrating-microsoft-defender-for-cloud-apps/ba-p/14089439* LeanIX - SaaS Discovery: https://docs-eam.leanix.net/docs/saas-discovery-1* Microsoft Defender for Cloud Apps (MDCA) Integration for SaaS Discovery: https://docs-eam.leanix.net/docs/microsoft-defender-for-cloud-apps* Microsoft Entra ID Integration for SaaS Discovery: https://docs-eam.leanix.net/docs/microsoft-entra-idFind all the links mentioned here: https://www.saponazurepodcast.de/episode242Reach out to us for any feedback / questions:* Robert Boban: https://www.linkedin.com/in/rboban/* Goran Condric: https://www.linkedin.com/in/gorancondric/* Holger Bruchelt: https://www.linkedin.com/in/holger-bruchelt/ #Microsoft #SAP #Azure #SAPonAzure #SAPLeanIX #MDCA #Defender #Security

Scattered Spider facilitates UK retail hacks and is moving to the U.S. Defendnot tool can disable Microsoft Defender FBI warns government officials about new waves of deepfakes Huge thanks to our sponsor, Conveyor Are you dealing with security questionnaire chaos this week? If so, get Conveyor's AI to knock them out for you. Connect Conveyor to any source, easily upload any format of questionnaire or use the browser extension for portals and their AI handles the rest—from parsing the questions to generating answers and auto-tagging collaborators. Let Conveyor do the work for you. Learn more at www.conveyor.com. Find the stories behind the headlines at CISOseries.com.

A major student engagement platform falls victim to the ClickFix social engineering attack. Google settles privacy allegations with Texas for over one point three billion dollars. Stores across the UK face empty shelves due to an ongoing cyberattack. Ascension Health reports that over 437,000 patients were affected by a third-party data breach. A critical zero-day vulnerability in SAP NetWeaver is being actively exploited. Researchers uncover two major cybersecurity threats targeting IT admins and cloud systems. U.S. prosecutors charge three Russians and one Kazakhstani in connection with the takedown of two major botnets. A new tool disables Microsoft Defender by tricking Windows into thinking a legitimate antivirus is installed. Tim Starks, Senior Reporter from CyberScoop, discusses congressional reactions to White House budget cut proposals for CISA. Fair use faces limits in generative AI. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest We welcome back Tim Starks, Senior Reporter from CyberScoop, discussing congressional reactions to White House budget cut proposals for CISA. You can find background information in these articles:  House appropriators have reservations — or worse — about proposed CISA cuts⁠ ⁠Sen. Murphy: Trump administration has ‘illegally gutted funding for cybersecurity⁠' Selected Reading iClicker website compromised with fake ClickFix CAPTCHA installing malware (BeyondMachines.net) Google Agrees to $1.3 Billion Settlement in Texas Privacy Lawsuits (SecurityWeek) Fears 'hackers still in the system' leave Co-op shelves running empty across UK (The Record) 437,000 Impacted by Ascension Health Data Breach (SecurityWeek) SAP NetWeaver Vulnerability Exploited in Wild by Chinese Hackers (Cyber Security News) New SEO Poisoning Campaign Targeting IT Admins With Malware (Hackread) Three Russians, one Kazakhstani charged in takedown of Anyproxy and 5socks botnets (The Record) Defendnot — A New Tool That Disables Windows Defender by Posing as an Antivirus Solution (Cyber Security News) Five Takeaways from the Copyright Office's Controversial New AI Report (Copyright Lately)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

* Banks at Risk: Nearly 100 Staff Logins Stolen by Cybercriminals* 'AirBorne' Vulnerabilities Expose Apple Devices to Remote Code Execution Attacks* WhatsApp Introduces 'Private Processing' for Secure Cloud-Based AI Features* Microsoft Warns Default Kubernetes Helm Charts Create Security Vulnerabilities* Security Concerns Grow Over Electric Vehicles as Potential Surveillance PlatformsBanks at Risk: Nearly 100 Staff Logins Stolen by Cybercriminalshttps://www.abc.net.au/news/2025-05-01/bank-employee-data-stolen-with-malware-and-sold-online/105232872Cyber criminals have stolen almost 100 staff logins from Australia's "Big Four" banks, potentially exposing these financial institutions to serious cyber threats including data theft and ransomware attacks, according to recent findings from cyber intelligence firm Hudson Rock.The compromised credentials belong to current and former employees and contractors at ANZ, Commonwealth Bank, NAB, and Westpac, with ANZ and Commonwealth Bank experiencing the highest number of breaches. All stolen credentials included corporate email addresses with access to official bank domains."There are around 100 compromised employees that are related to those four banks," said Hudson Rock analyst Leonid Rozenberg. While this number is significantly smaller than the 31,000 customer banking passwords recently reported stolen, the security implications could be more severe."Technically, [attackers] need only one [login] to do a lot of damage," Rozenberg warned.The credentials were stolen between 2021 and April 2025 using specialized "infostealer" malware designed to harvest sensitive data from infected devices. These stolen credentials have subsequently appeared on Telegram and dark web marketplaces.Security experts explain that these breaches could potentially give hackers "initial access" to the banks' corporate networks. While banks employ additional security measures such as Multi-Factor Authentication (MFA), specialized cybercriminals known as "initial access brokers" focus on finding ways around these protections, often targeting employees working from home.The investigation also uncovered a concerning number of compromised third-party service credentials connected to these banks, with ANZ having more than 100 such breaches and NAB more than 70. These compromised services could include critical communication and project management tools like Slack, JIRA, and Salesforce.All four banks have responded by stating they have multiple safeguards in place to prevent unauthorized access. NAB reports actively scanning cybercrime forums to monitor threats, while CommBank noted investing over $800 million in cybersecurity and financial crime prevention last financial year.The Australian Signals Directorate has already warned that infostealer infections have led to successful attacks on Australian businesses, highlighting that this threat extends beyond the banking sector to organizations across all industries.'AirBorne' Vulnerabilities Expose Apple Devices to Remote Code Execution Attackshttps://www.oligo.security/blog/airborneSecurity researchers at Oligo Security have uncovered a serious set of vulnerabilities in Apple's AirPlay protocol and software development kit (SDK) that could allow attackers to remotely execute code on affected devices without user interaction. These flaws, collectively dubbed "AirBorne," affect millions of Apple and third-party devices worldwide.The security team discovered 23 distinct vulnerabilities that enable various attack vectors, including zero-click and one-click remote code execution, man-in-the-middle attacks, denial of service attacks, and unauthorized access to sensitive information. Perhaps most concerning are two specific flaws (CVE-2025-24252 and CVE-2025-24132) that researchers demonstrated could create "wormable" zero-click attacks, potentially spreading from device to device across networks.Another critical vulnerability (CVE-2025-24206) enables attackers to bypass the "Accept" prompt normally required for AirPlay connections, creating a pathway for truly zero-interaction compromises when combined with other flaws."This means that an attacker can take over certain AirPlay-enabled devices and do things like deploy malware that spreads to devices on any local network the infected device connects to," warned Oligo. "This could lead to the delivery of other sophisticated attacks related to espionage, ransomware, supply-chain attacks, and more."While exploitation is limited to attackers on the same network as vulnerable devices, the potential impact is extensive. Apple reports over 2.35 billion active devices worldwide, and Oligo estimates tens of millions of additional third-party AirPlay-compatible products like speakers, TVs, and car infotainment systems could be affected.Apple released security updates on March 31 to address these vulnerabilities across their product line, including patches for iOS 18.4, iPadOS 18.4, macOS versions (Ventura 13.7.5, Sonoma 14.7.5, and Sequoia 15.4), and visionOS 2.4 for Apple Vision Pro. The company also updated the AirPlay audio and video SDKs and the CarPlay Communication Plug-in.Security experts strongly advise all users to immediately update their Apple devices and any third-party AirPlay-enabled products. Additional protective measures include disabling AirPlay receivers when not in use, restricting AirPlay access to trusted devices via firewall rules, and limiting AirPlay permissions to the current user only.WhatsApp Introduces 'Private Processing' for Secure Cloud-Based AI Featureshttps://engineering.fb.com/2025/04/29/security/whatsapp-private-processing-ai-tools/Meta's WhatsApp has announced a new privacy-focused technology called 'Private Processing' that will allow users to access advanced artificial intelligence features while maintaining data security. The system is designed to enable AI functionalities like message summarization and writing suggestions that are too computationally intensive to run directly on users' devices.The new feature, which will be rolled out gradually over the coming weeks, will be entirely opt-in and disabled by default, giving users complete control over when their data leaves their device for AI processing.Private Processing employs several layers of security to protect user privacy. When activated, the system first performs anonymous authentication through the user's WhatsApp client. It then retrieves public encryption keys from a third-party content delivery network (CDN), ensuring Meta cannot trace requests back to specific individuals.To further enhance privacy, users' devices connect to Meta's gateway through a third-party relay that masks their real IP addresses. The connection establishes a secure session between the user's device and Meta's Trusted Execution Environment (TEE), using remote attestation and TLS protocols.All requests for AI processing use end-to-end encryption with ephemeral keys, and the processing occurs inside a Confidential Virtual Machine (CVM) that remains isolated from Meta's main systems. According to Meta, the processing environment is stateless, with all messages deleted after processing, retaining only "non-sensitive" logs."The AI-generated response is encrypted with a unique key only known to the device and processing CVM and is sent back over the secure session for decryption on the user's device," the company explained.To build trust in the system, WhatsApp has promised to share the CVM binary and portions of the source code for external validation. The company also plans to publish a detailed white paper explaining the secure design principles behind Private Processing.Despite these security measures, privacy experts note that sending sensitive data to cloud servers always carries some inherent risk, even with robust encryption in place. Users concerned about data privacy can either keep the feature disabled or utilize WhatsApp's recently launched 'Advanced Chat Privacy' feature, which provides more granular control over when data can leave the device.Microsoft Warns Default Kubernetes Helm Charts Create Security Vulnerabilitieshttps://techcommunity.microsoft.com/blog/microsoftdefendercloudblog/the-risk-of-default-configuration-how-out-of-the-box-helm-charts-can-breach-your/4409560Microsoft security researchers have issued an urgent warning about significant security risks posed by default configurations in Kubernetes deployments, particularly when using out-of-the-box Helm charts. These configurations can inadvertently expose sensitive data to the public internet without proper authentication protections.According to a new report from Michael Katchinskiy and Yossi Weizman of Microsoft Defender for Cloud Research, many popular Helm charts lack basic security measures, often leaving exploitable ports open and implementing weak or hardcoded passwords that are easy to compromise."Default configurations that lack proper security controls create a severe security threat," the Microsoft researchers warn. "Without carefully reviewing the YAML manifests and Helm charts, organizations may unknowingly deploy services lacking any form of protection, leaving them fully exposed to attackers."Kubernetes has become a widely adopted open-source platform for automating containerized application deployment and management, with Helm serving as its package manager. Helm charts function as templates or blueprints that define resources needed to run applications through YAML files. While these charts offer convenience by simplifying complex deployments, their default settings often prioritize ease of use over security.The report highlights three specific examples demonstrating this widespread issue. Apache Pinot's Helm chart exposes core services through Kubernetes LoadBalancer services with no authentication requirements. Meshery allows public sign-up from exposed IP addresses, potentially giving anyone registration access to cluster operations. Meanwhile, Selenium Grid exposes services across all nodes in a cluster through NodePort, relying solely on external firewall rules for protection.The Selenium Grid vulnerability is particularly concerning as cybersecurity firms including Wiz have already observed attacks targeting misconfigured instances to deploy XMRig miners for cryptocurrency mining.Organizations using Kubernetes are advised to implement several key mitigation strategies. Microsoft recommends thoroughly reviewing default configurations of Helm charts before deployment, ensuring they include proper authentication mechanisms and network isolation. Regular scans for misconfigurations that might publicly expose workload interfaces are crucial, as is continuous monitoring of containers for suspicious activity.The findings underscore a critical tension in cloud deployment between convenience and security, with many users — particularly those inexperienced with cloud security — inadvertently creating vulnerabilities by deploying charts without customizing their security settings.Security Concerns Grow Over Electric Vehicles as Potential Surveillance Platformshttps://www.theguardian.com/environment/2025/apr/29/source-of-data-are-electric-cars-vulnerable-to-cyber-spies-and-hackersCybersecurity experts are raising alarms about the potential for electric vehicles to be exploited as surveillance tools, particularly those manufactured in China, according to recent reports from the UK.British defense firms working with the UK government have reportedly warned staff against connecting their phones to Chinese-made electric cars due to concerns that Beijing could extract sensitive information from their devices. The warning highlights growing security considerations around the increasingly sophisticated technology embedded in modern electric vehicles.Security specialists interviewed by The Guardian note that electric vehicles are equipped with multiple data collection points, including microphones, cameras, and wireless connectivity features that could potentially be leveraged by malicious actors or hostile states."There are lots of opportunities to collect data and therefore lots of opportunities to compromise a vehicle like that," explains Rafe Pilling, director of threat intelligence at cybersecurity firm Secureworks. He points out that over-the-air update capabilities, which allow manufacturers to remotely update a car's operating software, could potentially be used to exfiltrate data.The concerns are particularly focused on individuals in sensitive positions. "If you are an engineer who is working on a sixth-generation fighter jet and you have a work phone that you are connecting to your personal vehicle, you need to be aware that by connecting these devices you could be allowing access to data on your mobile," warns Joseph Jarnecki, a research fellow at the Royal United Services Institute.Chinese electric vehicle manufacturers such as BYD and XPeng have drawn particular scrutiny due to China's National Intelligence Law of 2017, which requires organizations and citizens to cooperate with national intelligence efforts. However, experts also note there is currently no public evidence of Chinese vehicles being used for espionage.Cybersecurity professionals suggest that concerned drivers can click "don't trust" when connecting devices to their vehicles, but this sacrifices many convenient features. They also caution against syncing personal devices with rental cars, as this can leave sensitive data in the vehicle's systems.The UK government has acknowledged the issue, with Defence Minister Lord Coaker stating they are "working with other government departments to understand and mitigate any potential threats to national security from vehicles." He emphasized that their work applies to all types of vehicles, not just those manufactured in China.While the Society of Motor Manufacturers and Traders (SMMT) maintains that all manufacturers selling cars in the UK must adhere to data privacy regulations, the growing integration of connected technologies in electric vehicles continues to raise new security considerations for both government officials and everyday consumers alike. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com

In this episode, we reconnect with Nick O'Donovan, who provides an overview of Huntress' operations, particularly their growth and expansion into Europe, with a focus on enhancing relationships with MSPs. He highlights Huntress' efforts in recruiting and maintaining a strong team, despite industry challenges, and the success of their recent roadshow series. Nick also discusses the company's product offerings, including EDR, Microsoft 365 identity protection, security awareness, phishing solutions, and a SIEM offering. Key topics covered include the importance of affordable security solutions for small to medium businesses, the integration with Microsoft Defender, and Huntress' innovative Neighbourhood Watch program. The episode concludes with valuable advice for MSPs on improving their closure rates for upselling security products to clients.    00:00 Introduction and Reconnection  00:26 Overview of Huntress  01:02 Huntress' European Expansion  01:43 Roadshow Success and Community Engagement  03:14 Recruitment Challenges and Strategies  04:25 Neighbourhood Watch Program  08:15 Approaching Cybersecurity as an MSP  16:50 Security Awareness Training  20:37 Final Thoughts and Tips for MSPs    Connect with Nick O'Donovan on LinkedIn by clicking here –https://www.linkedin.com/in/nicholasodonovan    Connect with Daniel Welling on LinkedIn by clicking here – https://www.linkedin.com/in/daniel-welling-54659715/     Connect with Adam Morris on LinkedIn by clicking here – https://www.linkedin.com/in/adamcmorris/   Visit The MSP Finance Team website, simply click here – https://www.mspfinanceteam.com/    We look forward to catching up with you on the next one. Stay tuned! 

Sponsor by ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠SEC Playground⁠⁠

Stay in control with Microsoft Defender. You can identify which AI apps and cloud services are in use across your environment, evaluate their risk levels, and allow or block them as needed—all from one place. Whether it's a sanctioned tool or a shadow AI app, you're equipped to set the right policies and respond fast to emerging threats. Defender XDR gives you the visibility to track complex attack paths—linking signals across endpoints, identities, and cloud apps. Investigate real-time alerts, protect sensitive data from misuse in AI tools like Copilot, and enforce controls even for in-house developed apps using system prompts and Azure AI Foundry. Rob Lefferts, Microsoft Security CVP, joins Jeremy Chapman to share how you can safeguard your AI-powered environment with a unified security approach. ► QUICK LINKS: 00:00 - Stay in control with Microsoft Defender 00:39 - Identify and protect AI apps 02:04 - View cloud apps and website in use 04:14 - Allow or block cloud apps 07:14 - Address security risks of internally developed apps 08:44 - Example in-house developed app 09:40 - System prompt 10:39 - Controls in Azure AI Foundry 12:28 - Defender XDR 14:19 - Wrap up ► Link References Get started at https://aka.ms/ProtectAIapps ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics   

In this week's episode, we look at recent Microsoft Tech updates. By popular request, we're expanding the scope beyond just Azure to include Microsoft 365, Power Platform, and similar Microsoft platforms and capabilities. What's new? What's interesting? What's retiring?(00:00) - Intro and catching up.(03:45) - Show content starts.Show links- What's new in Microsoft Sentinel- What's new in Microsoft Defender for Cloud features- CDN Domain URL change for Agents in Pipelines - Azure DevOps Blog- ActiveX disabled now in Microsoft 365- I/O performance analysis in SQL Server on Azure VMs- AI agents for beginners- Azure Networking capabilities for Copilot in Azure Feedback - Give us feedback!

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss the integration of Microsoft Security Solutions with third-party security tools. They explore how organizations can leverage Microsoft Defender for Endpoint, Defender for Office, Entra, Intune, and Cloud Access Security Broker solutions to enhance their security posture. The conversation emphasizes the importance of utilizing existing tools to gain additional insights and telemetry, ensuring a more robust security framework without conflicts or performance degradation.----------------------------------------------------YouTube Video Link: https://youtu.be/kE2cVwjPzYs----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/defender-endpoint/microsoft-defender-antivirus-compatibilityhttps://learn.microsoft.com/en-us/intune/intune-service/protect/device-compliance-partners#supported-device-compliance-partnershttps://learn.microsoft.com/en-us/defender-cloud-apps/zscaler-integrationhttps://learn.microsoft.com/en-us/defender-cloud-apps/additional-integrations----------------------------------------------------Contact Us:Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpodYouTube:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠----------------------------------------------------Adam BrewerTwitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewerLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

(Disclaimer: erstellt mit Chat GPT)Hallo liebe Community! Michael und Thorsten melden sich live vom Microsoft MVP Summit in Redmond! Trotz Dauerregen gibt es viele spannende News rund um Copilot-Agents, Microsoft Viva und neue Sicherheitsfunktionen für Microsoft Teams. Außerdem diskutieren sie, warum manchmal auch kleine Verbesserungen einen großen Unterschied machen.

Investigate data security, risk and leak cases faster by leveraging AI-driven insights with Microsoft Purview Data Security Investigations. This goes beyond the superficial metadata and activity-only signals found in incident management and SIEM tools, by analyzing the content itself within compromised files, emails, messages, and Microsoft Copilot interactions. Data Security Investigations allows you to pinpoint sensitive data and assess risks at a deeper level—quickly understanding the value of what's been exposed. Then by mapping connections between compromised data and activities, you can easily find the source of the security risk or exposure. And using real-time risk insights, you can also apply the right protections to minimize future vulnerabilities. Data Security Investigations is also integrated with Microsoft Defender incident management as part your broader SOC toolset. Nick Robinson, Microsoft Purview Principal Product Manager, joins Jeremy Chapman to share how to enhance your ability to safeguard critical information.  ► QUICK LINKS: 00:00 - Microsoft Purview Data Security Investigations 01:00 - Risks of data theft & data leaks 03:20 - Start an investigation 04:45 - Results of an investigation 06:15 - Vector-based search & semantic indexing 08:00 - Use AI for the investigation 09:21 - Map activities 10:44 - Connect SOC & Data Security teams 11:21 - Known leaked information 12:26 - Steps to get DSI up and running 13:15 - Wrap up  ► Link References Get started at https://aka.ms/DataSecurityInvestigations Stay up-to-date with our blog at https://aka.ms/DSIBlog ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

In this episode, we dive into two great features of Microsoft Defender for Cloud: Security Explorer and Attack Paths. Join us as we unpack how these tools leverage the Cloud Security Graph to help you hunt down risks, map potential attack routes, and prioritize your cloud security efforts like never before. Whether you're managing Azure, AWS, or a hybrid setup, this episode is packed with insights to level up your defense strategy. What You'll Learn: How the Cloud Security Graph provides a unified view of your multicloud environment. Using Security Explorer to proactively identify vulnerabilities and misconfigurations with custom queries. Visualizing Attack Paths to see how attackers could move from an entry point to your critical assets. Practical tips for prioritizing fixes and boosting your Secure Score. Real-world examples of these tools in action and how to get started today. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

In this week's episode, we look at recent Microsoft Tech updates. By popular request, we're expanding the scope beyond just Azure to include Microsoft 365, Power Platform, and similar Microsoft platforms and capabilities. What's new? What's interesting? What's retiring?(00:00) - Intro and catching up.(04:15) - Show content starts.Show links- What's new in Microsoft Defender for Cloud features- Azure updates | Microsoft Azure- Vaulted Backup Support for Azure Files- Log Analytics Simple Mode- Azure AI Foundry new models- Secure and govern AI AppsFeedback - Give us feedback!

* Critical PHP Vulnerability Under Mass Exploitation Worldwide* Hacktivist Group Claims Responsibility for X Outages, Musk Blames "Massive Cyberattack"* Cybercriminals Use Bogus Copyright Claims to Spread Malware on YouTube* Former Software Developer Found Guilty of Sabotaging Employer's Systems* Melbourne Man Charged in Mobile Number Porting ScamCritical PHP Vulnerability Under Mass Exploitation Worldwidehttps://www.bleepingcomputer.com/news/security/critical-php-rce-vulnerability-mass-exploited-in-new-attacks/A critical PHP remote code execution vulnerability, CVE-2024-4577, is being actively exploited in widespread attacks targeting Windows systems globally.The vulnerability, patched in June 2024, allows unauthenticated attackers to execute arbitrary code, leading to complete system compromise.While initial reports indicated targeted attacks against Japanese organizations, new data reveals a significant increase in exploitation attempts worldwide, including the United States, Singapore, Germany, and China.Threat intelligence firm GreyNoise reports observing a surge in exploitation attempts since January 2025, with numerous exploit codes available online.The attacks involve attempts to steal credentials, establish persistence, elevate privileges, and deploy adversarial tools. This vulnerability has also been previously exploited by ransomware groups and to deploy new malware.Hacktivist Group Claims Responsibility for X Outages, Musk Blames "Massive Cyberattack"https://www.bleepingcomputer.com/news/security/x-hit-by-massive-cyberattack-amid-dark-storms-ddos-claims/https://www.abc.net.au/news/2025-03-11/elon-musk-says-x-outages-result-of-cyber-attack/105035078The hacktivist group Dark Storm has claimed responsibility for distributed denial-of-service (DDoS) attacks that caused multiple worldwide outages on the X platform. X owner Elon Musk confirmed a "massive cyberattack" against the platform, stating it was conducted with significant resources and potentially involved a large, coordinated group or a nation-state.Dark Storm, a pro-Palestinian group active since 2023, posted evidence of their attacks on Telegram, including screenshots and links to website availability monitoring tools. X has since implemented DDoS protection from Cloudflare, displaying captchas to users connecting from suspicious IP addresses.Musk later stated that the cyberattack involved IP addresses originating from Ukraine, but Dark Storm denied any connection to Ukraine. DDoS attacks often utilize botnets and compromised devices from various global locations to generate overwhelming traffic, disrupting targeted websites.Cybercriminals Use Bogus Copyright Claims to Spread Malware on YouTubehttps://securelist.com/silentcryptominer-spreads-through-blackmail-on-youtube/115788/Cybercriminals are exploiting YouTube's copyright claim system to coerce creators into promoting malware and cryptocurrency miners. They are targeting YouTubers who publish tutorials on Windows Packet Divert (WPD) tools, which are popular in Russia for bypassing internet censorship.The attackers pose as copyright holders of these tools, filing false copyright claims and then contacting creators with a "resolution" that involves adding download links to trojanized versions of the software. These malicious versions, hosted on GitHub, contain a cryptominer downloader.Creators, fearing channel bans, often comply. Kaspersky reports that one such video, with over 400,000 views, led to 40,000 malicious downloads before the link was removed. A Telegram channel with 340,000 subscribers also promoted the malware.The malware uses a multi-stage loader, including a Python-based loader and a bloated second-stage executable to evade detection. It disables Microsoft Defender, establishes persistence, and downloads SilentCryptoMiner, a modified XMRig miner. The miner uses process hollowing and pauses activity when monitoring tools are active.While currently targeting Russian users, this tactic could be used to distribute other malware, such as info-stealers or ransomware, on a broader scale. Users are advised to avoid downloading software from links provided in YouTube videos, especially from smaller channels.Former Software Developer Found Guilty of Sabotaging Employer's Systemshttps://www.justice.gov/opa/pr/texas-man-convicted-sabotaging-his-employers-computer-systems-and-deleting-dataA federal jury in Cleveland has convicted a senior software developer, Davis Lu, of sabotaging his former employer, Eaton Corporation's, computer systems. Lu, 55, faces up to ten years in prison.Lu, who worked at Eaton from 2007 to 2019, began deploying malicious code after a demotion in 2019. He created a Java program that crashed production systems by generating infinite resource-consuming threads. He also developed a "kill switch" that locked out thousands of employees worldwide when his employment was terminated. The “kill switch” code was named “IsDLEnabledinAD”, abbreviating “Is Davis Lu enabled in Active Directory”.Investigators found Lu's malware and related code on internal development servers, linking his user account to the sabotage. He attempted to delete data and wipe his company laptop before returning it. Lu confessed to federal investigators in 2019 but pleaded not guilty, leading to the jury trial and his subsequent conviction.Melbourne Man Charged in Mobile Number Porting Scamhttps://www.afp.gov.au/news-centre/media-release/victorian-man-charged-over-alleged-bulk-phone-porting-scamA Melbourne man is facing court after allegedly attempting to steal mobile numbers from identity theft victims. The man, 34, is accused of making 193 unauthorized "port-in" attempts, successfully transferring 44 mobile numbers to his control.The Australian Federal Police (AFP) began investigating in July 2024 after a telecommunications company reported suspicious porting activity. Porting scams allow criminals to bypass multi-factor authentication and access victims' bank accounts.A search warrant executed at the man's residence resulted in the seizure of mobile phones, a computer, SIM cards, and suspected drug items. He has been charged with unauthorized modification of data, which carries a maximum penalty of 10 years imprisonment.The AFP urges individuals to be vigilant for unexpected text messages or service disruptions, as these could indicate an unauthorized porting attempt. Victims are advised to contact their mobile provider and bank immediately, and report the incident to ReportCyber. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit edwinkwan.substack.com

I take a look at something many overlook when it comes to security in their Microsoft 365 environment - Exposure score. In essence it is like a targeted Secure Score for a particular threat like Business Email Compromise. There is also news and updates from the Microsoft Cloud so listen along and review the show notes for more information. Brought to you by www.ciaopspatron.com Resources @directorcia Join my shared channel CIAOPS merch store Become a CIAOPS Patron CIAOPS Blog CIAOPS Brief CIAOPSLabs Support CIAOPS The way to control EWS usage in Exchange Online is changing New Microsoft-managed policies to raise your identity security posture Storm-2372 conducts device code phishing campaign Block malicious command lines with Microsoft Defender for Endpoint Clipchamp: Elevating work communication with seamless video creation in Copilot  Sharing with Microsoft Whiteboard AI agents at work: The new frontier in business automation Copilot learning hub New Certification for Microsoft information security administrators What is Security Exposure Managenet?

In this episode, we dive into the world of database security with Microsoft's Defender for Databases. Join us as we explore how this tool within Microsoft Defender for Cloud can transform your approach to safeguarding your data against cyber threats. Topics Covered: Introduction to Defender for Databases Features and Capabilities Enabling and Configuring Defender for Databases Responding to Alerts What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.

Welcome to the security box, podcast 225. On this program, we're going to talk about a company that earned our stupid fuck award for January. We'll also cover the news, notes, landscape and more. Newsy items Not that we care, but Microsoft Defender is disabling VPN. Microsoft kills of Defender Privacy protection VPN services for more. Deep Seek is being abused, not much of a surprise here, but worth looking at. Should this not be surprising, DeepSeek now being abused for more. Gemini and other tools are being abused, and some have been abused more than others. Enter the AI aspect of these tools and we've penned an article titled Gemini AI tools are being abused … so are others if you want to read it. Globe Life is yet another breach with yet another update. Globe life confirms breach after investigation, 850k more affected if you wish. Meta is in Chaos mode, it seems should not be surprising to some, maybe surprising to others. You decide. Tata tech hit with ransomware You've got to be kidding me … another two databases open but now closed? if you've not read it already. Who got charged this podcast? A Canadian Man got charged this month with pilfering $65m in Crypto. Our blog post Canadian man charged with stealing $65m using crypto exploits has the entire details. Who got our stupid fuck award in January we're talking about now? We mentioned this as part of podcast 224, but it became our topic. Its the Krebs On Security article MasterCard DNS Error Went Unnoticed for Years which really is stupid. We'll stop to explain some things on the way, and we hope this leads to some great conversations. Supporting the podcast If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

Crypto Wallet Scam YouTube spam messages leak private keys to crypto wallets. However, these keys can not be used to withdraw funds. Victims are scammed into depositing "gas fees" which are then collected by the scammer. https://isc.sans.edu/diary/Crypto%20Wallet%20Scam/31646 Mediatek Patches Mediatek patched numerous vulnerabilities in its WLAN products. Some allow for unauthenticated arbitrary code execution https://corp.mediatek.com/product-security-bulletin/February-2025 D-Link Vulnerability D-Link disclosed a vulnerability in older routers that as of May no longer receive any updates. Your only option is to upgrade hardare. https://supportannouncement.us.dlink.com/security/publication.aspx?name=SAP10415 Microsoft Discontinues VPN Service Microsoft is shutting down the VPN service that was included as part of Microsoft Defender https://support.microsoft.com/en-au/topic/end-of-support-privacy-protection-vpn-in-microsoft-defender-for-individuals-8b503da5-732a-4472-833a-e2ddca53036a

A Huawei Google-mentes telefonjai valódi előrelépést jelentenek ITBusiness     2025-02-04 05:05:25     Mobiltech Kína Telefon Google Android Huawei A HarmonyOS fejlesztése 2019-ben kezdődött, amikor az Egyesült Államok kereskedelmi korlátozásai ellehetetlenítették a Huawei számára a Google-höz hasonló vállalatokkal való együttműködést. A kínai cég évekig az Android nyílt forráskódú infrastruktúrájára támaszkodott, hogy biztosítsa az alkalmazáskompatibilitást, de most önálló útra lépett, és rem NMHH: A vonalas telefon sorsára juthat a vezetékes internet Telex     2025-02-04 10:47:41     Mobiltech Telefon NMHH Mobilinternet Az egyre gyorsabb korlátlan mobilnet-szolgáltatások miatt egyre kevesebben fizetnek elő vezetékes internetre. Pontosabb időjárás-előrejelzést hoz az AI ICT Global     2025-02-04 06:03:54     Infotech Oktatás egyetem Mesterséges intelligencia Washington A technológia fejlődése ellenére jelenleg csak a tíznapos előrejelzések tekinthetők biztosnak. A Washingtoni Egyetem kutatása szerint viszont a mesterséges intelligencia új utat nyit a pontosságban, akár 23 napos helyes előrejelzés is lehet. Mi várható az Sap szerint az Ai-ban 2025-ben? Digital Hungary     2025-02-04 10:06:00     Infotech Mesterséges intelligencia SAP Az SAP a napokban közzétette a mesterséges intelligencia (AI) jövőjére vonatkozó előrejelzéseit, kiemelve öt meghatározó témát, amelyek várhatóan alakítani fogják az üzleti világot az AI területén. Így készül az ENSZ a Föld felé tartó aszteroidára 24.hu     2025-02-04 09:45:12     Tudomány Világűr ENSZ Meteor A katasztrófa esélye alacsony, de a nemzetközi szervezetek a legrosszabbra is felkészülnek. GDPR: Eddig közel hatmilliárd euró bírság szabtak ki Mínuszos     2025-02-04 13:33:56     Infotech Adatvédelem GDPR Tavaly valamivel több, mint egymilliárd euró bírságot róttak ki a GDPR-rendelet megsértéséért. 2024-ben az uniós adatvédelmi hatóságok a GDPR-rendelet megsértéséért összesen 1,2 milliárd euró bírságot szabtak ki, ezzel a büntetések összértéke 5,88 milliárd euróra nőtt a rendelet alkalmazandóvá válása óta – derül ki a DLA Piper legfrissebb, immár he Blokkolni kezdte a Windows 11 követelményeinek megkerülését segítő programot a Microsoft PC Fórum     2025-02-04 07:00:00     Infotech Microsoft Windows A Microsoft a napokban tiltólistára rakta a Windows-okban azt az ingyenes segédprogramot, ami lehetővé teszi a felhasználók számára a Windows 11 feltelepítését a hardverkövetelményeit nem teljesítő gépekre is. A Flyby11-et ugyanis a Microsoft Defender "potenciálisan nemkívánatos alkalmazás"-nak (PUA) minősíti, emiatt pedig nem engedi külön jóváhagy Nem rejtegeti tovább a V50-et a Vivo Mobilarena     2025-02-04 13:55:00     Mobiltech Telefon India Kamera Vivo Az indiai termékoldal már éles, három 50 megapixeles kamerát kap a telefon, kettőt közülük Zeiss jelzéssel. Budapesten tárták fel, hogyan lubickolnak a városi környezetben a poloskák és más inváziós kártevők Qubit     2025-02-04 14:08:14     Tudomány Normafa Míg az őshonos fajok egyedszámát csökkenti az urbanizáció, a behurcolt fajok élvezik a városok zöld foltjait: a Vérmezőn vagy a Róbert Károly körútnál több mint 30-szor annyi ázsiai márványospoloskát és 300-szor annyi lepkekabócát figyeltek meg a juharfákon, mint Csillebércen vagy a Normafán. A Birodalom visszavág: Kína nekimegy a Google-nek HWSW     2025-02-04 09:34:07     Infotech Kína Google Bár a cég szolgáltatásainak jó része 2010 óta elérhetetlen az országban, a pártállam monopólium létrehozásával vádolja az amerikaiakat. Így élnek túl magyarok tömegei a munkahelyeken: ezt verték beléjük, óriási tévúton vannak Pénzcentrum     2025-02-04 05:35:00     Karrier Mesterséges intelligencia "A mesterséges intelligencia nem helyettesíti az emberi tényezőt, de hatékony eszközként segítheti a munkát" - hangsúlyozta Lénárt Viktor, a ZEL Group alapító CEO-ja, a Pénzcentrumnak adott inerjújában. A beszélgetés során továbbá szó esett arról, miért van szükség a szervezetfejlesztésre a mai gyorsan változó üzleti környezetben, hogyan támogathat Felfüggesztették a vámháborút, a Trump-kormányzat ma este bejelentést tehet a kripto eszközökről Kripto Akadémia     2025-02-04 06:02:25     Modern Gazdaság USA Donald Trump Mesterséges intelligencia Kriptovaluta Szenátus A Trump-kormányzat és az amerikai kongresszus képviselői sajtótájékoztatót tartanak ma, azaz február 4-én este, magyar idő szerint 20:30-kor a digitális eszközökről. Az eseményen részt vesz David Sacks, akit Trump elnök a mesterséges intelligencia és a kriptovaluta ügyekért felelős “cárnak” nevezett ki, valamint a Szenátus és a Képviselőház pénzügy Kétezer éves héber szöveget fejtett meg a mesterséges intelligencia hirado.hu     2025-02-04 06:43:13     Kultúra Izrael Mesterséges intelligencia Fotográfus Negyven évvel felfedezése után megfejtettek egy kétezer éves szöveget Izraelben új fényképészeti technológia és a mesterséges intelligencia segítségével. A további adásainkat keresd a podcast.hirstart.hu oldalunkon.

A Huawei Google-mentes telefonjai valódi előrelépést jelentenek ITBusiness     2025-02-04 05:05:25     Mobiltech Kína Telefon Google Android Huawei A HarmonyOS fejlesztése 2019-ben kezdődött, amikor az Egyesült Államok kereskedelmi korlátozásai ellehetetlenítették a Huawei számára a Google-höz hasonló vállalatokkal való együttműködést. A kínai cég évekig az Android nyílt forráskódú infrastruktúrájára támaszkodott, hogy biztosítsa az alkalmazáskompatibilitást, de most önálló útra lépett, és rem NMHH: A vonalas telefon sorsára juthat a vezetékes internet Telex     2025-02-04 10:47:41     Mobiltech Telefon NMHH Mobilinternet Az egyre gyorsabb korlátlan mobilnet-szolgáltatások miatt egyre kevesebben fizetnek elő vezetékes internetre. Pontosabb időjárás-előrejelzést hoz az AI ICT Global     2025-02-04 06:03:54     Infotech Oktatás egyetem Mesterséges intelligencia Washington A technológia fejlődése ellenére jelenleg csak a tíznapos előrejelzések tekinthetők biztosnak. A Washingtoni Egyetem kutatása szerint viszont a mesterséges intelligencia új utat nyit a pontosságban, akár 23 napos helyes előrejelzés is lehet. Mi várható az Sap szerint az Ai-ban 2025-ben? Digital Hungary     2025-02-04 10:06:00     Infotech Mesterséges intelligencia SAP Az SAP a napokban közzétette a mesterséges intelligencia (AI) jövőjére vonatkozó előrejelzéseit, kiemelve öt meghatározó témát, amelyek várhatóan alakítani fogják az üzleti világot az AI területén. Így készül az ENSZ a Föld felé tartó aszteroidára 24.hu     2025-02-04 09:45:12     Tudomány Világűr ENSZ Meteor A katasztrófa esélye alacsony, de a nemzetközi szervezetek a legrosszabbra is felkészülnek. GDPR: Eddig közel hatmilliárd euró bírság szabtak ki Mínuszos     2025-02-04 13:33:56     Infotech Adatvédelem GDPR Tavaly valamivel több, mint egymilliárd euró bírságot róttak ki a GDPR-rendelet megsértéséért. 2024-ben az uniós adatvédelmi hatóságok a GDPR-rendelet megsértéséért összesen 1,2 milliárd euró bírságot szabtak ki, ezzel a büntetések összértéke 5,88 milliárd euróra nőtt a rendelet alkalmazandóvá válása óta – derül ki a DLA Piper legfrissebb, immár he Blokkolni kezdte a Windows 11 követelményeinek megkerülését segítő programot a Microsoft PC Fórum     2025-02-04 07:00:00     Infotech Microsoft Windows A Microsoft a napokban tiltólistára rakta a Windows-okban azt az ingyenes segédprogramot, ami lehetővé teszi a felhasználók számára a Windows 11 feltelepítését a hardverkövetelményeit nem teljesítő gépekre is. A Flyby11-et ugyanis a Microsoft Defender "potenciálisan nemkívánatos alkalmazás"-nak (PUA) minősíti, emiatt pedig nem engedi külön jóváhagy Nem rejtegeti tovább a V50-et a Vivo Mobilarena     2025-02-04 13:55:00     Mobiltech Telefon India Kamera Vivo Az indiai termékoldal már éles, három 50 megapixeles kamerát kap a telefon, kettőt közülük Zeiss jelzéssel. Budapesten tárták fel, hogyan lubickolnak a városi környezetben a poloskák és más inváziós kártevők Qubit     2025-02-04 14:08:14     Tudomány Normafa Míg az őshonos fajok egyedszámát csökkenti az urbanizáció, a behurcolt fajok élvezik a városok zöld foltjait: a Vérmezőn vagy a Róbert Károly körútnál több mint 30-szor annyi ázsiai márványospoloskát és 300-szor annyi lepkekabócát figyeltek meg a juharfákon, mint Csillebércen vagy a Normafán. A Birodalom visszavág: Kína nekimegy a Google-nek HWSW     2025-02-04 09:34:07     Infotech Kína Google Bár a cég szolgáltatásainak jó része 2010 óta elérhetetlen az országban, a pártállam monopólium létrehozásával vádolja az amerikaiakat. Így élnek túl magyarok tömegei a munkahelyeken: ezt verték beléjük, óriási tévúton vannak Pénzcentrum     2025-02-04 05:35:00     Karrier Mesterséges intelligencia "A mesterséges intelligencia nem helyettesíti az emberi tényezőt, de hatékony eszközként segítheti a munkát" - hangsúlyozta Lénárt Viktor, a ZEL Group alapító CEO-ja, a Pénzcentrumnak adott inerjújában. A beszélgetés során továbbá szó esett arról, miért van szükség a szervezetfejlesztésre a mai gyorsan változó üzleti környezetben, hogyan támogathat Felfüggesztették a vámháborút, a Trump-kormányzat ma este bejelentést tehet a kripto eszközökről Kripto Akadémia     2025-02-04 06:02:25     Modern Gazdaság USA Donald Trump Mesterséges intelligencia Kriptovaluta Szenátus A Trump-kormányzat és az amerikai kongresszus képviselői sajtótájékoztatót tartanak ma, azaz február 4-én este, magyar idő szerint 20:30-kor a digitális eszközökről. Az eseményen részt vesz David Sacks, akit Trump elnök a mesterséges intelligencia és a kriptovaluta ügyekért felelős “cárnak” nevezett ki, valamint a Szenátus és a Képviselőház pénzügy Kétezer éves héber szöveget fejtett meg a mesterséges intelligencia hirado.hu     2025-02-04 06:43:13     Kultúra Izrael Mesterséges intelligencia Fotográfus Negyven évvel felfedezése után megfejtettek egy kétezer éves szöveget Izraelben új fényképészeti technológia és a mesterséges intelligencia segítségével. A további adásainkat keresd a podcast.hirstart.hu oldalunkon.

Alan and Sam discuss why it is important to have Cloud Security Posture Management (CSPM) solutions in place. Alan goes through the general benefits of CSPM, enhancements since its release and dives into Microsoft Defender for Cloud. Topics that are covered are: What is Cloud Security Posture Management and why it is important What is Microsoft Defender for Cloud's approach to CSPM What is Microsoft Cloud Security Benchmark what are the pricing tiers for CSPM What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

In this episode, we explore the critical world of API security through the lens of Microsoft Defender for APIs. Join us as we discuss how this tool can safeguard your APIs in increasingly cloud-centric environments. Topics Covered: Introduction to Defender for APIs What it is and why it matters in today's cloud landscape. Who should care about API security? Key Features of Defender for APIs Inventory management and visibility. Security findings and vulnerability assessment. Real-time threat detection based on OWASP API Top 10. Integration with other Azure and security tools. Benefits for Businesses Enhanced API security posture. Compliance with regulatory standards. Mitigating risks in API lifecycle management. What did you think of this episode? Give us some feedback via our contact form, Or leave us a voice message in the bottom right corner of our site.Read transcript

In this episode Michael, Gladys, Mark and Sarah talk to guest Diana Vicezar from the Microsoft Entra team about security Generative AI applications. Note, this is a short, simple intro episode to introduce three follow-on episodes. We also cover security news about TLS 1.3 and Azure Event Grid, big updates to Microsoft Defender for Cloud, Azure Database for MySQL, SQL Managed Instance and Confidential Ledger.

Join us for a special bonus episode of Patch [FIX] Tuesday, an hour-long compilation of the vulnerabilities that help shaped the cybersecurity landscape in 2024. This episode recaps some the most critical and interesting exploits, from supply chain compromises to elevation of privilege threats targeting widely used platforms. Whether you're an IT administrator, security professional, or tech enthusiast, this episode provides valuable insights to stay ahead of evolving threats.Here's a list of vulnerabilities discussed in this episode, and be sure to tune into the Patch [FIX] Tuesday podcast on the second Tuesday of every month. Operation Triangulation (00:13)CVE-2024-21401: Microsoft Entra Jira Single-Sign-On Plugin Elevation of Privilege Vulnerability (5:00)CVE-2024-21400: Microsoft Azure Kubernetes Service Confidential Container Elevation of Privilege Vulnerability (11:00)CVE-2024-3094: XZ/Liblzma Supply Chain Backdoor (17:08)CVE-2024-4671: Google Chrome Use-After-Free Vulnerability (30:00)CVE-2024-30078: Windows WiFi Driver Remote Code Execution Vulnerability(35:03)CVE-2024-38053: Windows Layer Two Bridge Network RCE (47:14)CVE-2024-38180: SmartScreen Prompt Remote Code Execution Vulnerability (53:12)CVE-2024-43491: Microsoft Windows Update Remote Code Execution Vulnerability (1:00:00)CVE-2024-43533: Remote Desktop Client Remote Code Execution Vulnerability (1:04:24)CVE-2024-5535: Microsoft Defender for Endpoint Remote Code Execution Vulnerability (1:07:35)CVE-2024-49093: Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability (1:09:36)

In this episode of the Microsoft Threat Intelligence Podcast host Sherrod DeGrippo is joined by Microsoft's Dinesh Natarajan, Senior Threat Hunter, and Thomas Ball, Senior Security Researcher. They unpack recent findings around AsyncRAT, a remote access Trojan (RAT) used for keylogging, data exfiltration, and deploying further malware.     Dinesh explains how attackers are now using screen-sharing tools, like Screen Connect, as part of a new infection chain that makes the malware delivery process more deceptive. Thomas then shares insights on SectopRAT, another threat targeting browser data and crypto wallets. Uniquely, this RAT creates a second desktop, allowing attackers to operate undetected.     Next, Sherrod talks with Microsoft's Senior Director of Diplomacy, Kaja Ciglic, about the UN's proposed cybercrime treaty. Originally spearheaded by Russia, the treaty aims to create a global framework for prosecuting cybercrime, but critics worry about its potential impact on freedom of expression and human rights.    In this episode you'll learn:       How tech support scam emails lead to AsyncRAT installations on different devices  The importance of leveraging tools like Microsoft Defender's SmartScreen for protection  The treaty encourages cooperation but may let governments exploit unclear cybercrime definitions    Some questions we ask:     How does social engineering through email play a role in these attacks?  What capabilities does AsyncRat have, and why is it so concerning?  How do we ensure the treaty doesn't impact freedom of expression or human rights?    Resources:   View Dinesh Natarajan on LinkedIn  View Thomas Ball on LinkedIn  View Kaja Ciglic on LinkedIn   View Sherrod DeGrippo on LinkedIn     Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Get the latest threat intelligence insights and guidance at Microsoft Security Insider      The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.  

Automox cybersecurity experts discuss the latest security updates from November's Patch Tuesday, focusing on several critical vulnerabilities, including NTLM Hash Disclosure, Microsoft Defender's RCE vulnerability, and the Windows Task Scheduler Elevation of Privilege Vulnerability. They emphasize the importance of patching and user awareness in combating phishing attacks and other security threats. The conversation highlights the complexities of vulnerabilities in Windows 10 and 11, and the need for proactive measures to protect systems.

Microsoft Ignite is just around the corner but still plenty of updates coming from Microsoft prior to their big tech event. Listen and stay up to date with everything that is happening in the Microsoft Cloud. Resources @directorcia Join my shared channel CIAOPS merch store Become a CIAOPS Patron CIAOPS Blog CIAOPS Brief CIAOPSLabs Support CIAOPS Streamline collaboration with the new chat and channels experience in Microsoft Teams  How to manage false positives – Microsoft Defender for Office 365 Get started with false negative investigations in Microsoft Defender for Office 365 How to investigate email messages in Microsoft Defender for Office 365 How to use the Alert page – Microsoft Defender XDR Defender XDR Monthly news – November 2024 How Microsoft Defender for Office 365 innovated to address QR code phishing attacks Skill up to strengthen your organizations cybersecurity posture Manage Microsoft Entra ID role assignments with Microsoft Entra ID Governance Announcing General Availability of Inbound SMTP DANE with DNSSEC for Exchange Online Coming in December: SC-5004: Defend against cyberthreats with Microsoft Defender XDR What's new in Copilot Studio: November  New Copilot agents: Supercharge Microsoft 365 Copilot A strategic approach to assessing your AI readiness Supercharge productivity with Microsoft 365 Copilot AI safety first: Protecting your business and empowering your people Microsoft 365 Copilot — Small Business Guide to Set Up Copilot Quick actions with Copilot now at your fingertips in OneNote  Stay focused in an action-packed meeting with Microsoft 365 Copilot in Teams How to prepare for Windows 10 end of support by moving to Windows 11 today Github Copilot updates A year of innovation- and feedback-driven features in Microsoft Word Updated management features roll out for Microsoft Intune Suite Afterhours Apple intelligence - catch up

Microsoft n'en démord pas : pour concurrencer Google, l'entreprise mise sur toutes les stratégies pour positionner Bing comme moteur de recherche incontournable. Sa dernière initiative ? Un jeu-concours lancé via Microsoft Rewards pour inciter les internautes à adopter Bing et à remplacer Google Chrome par Edge.Concrètement, le jeu propose un système de tirage au sort où les utilisateurs peuvent accumuler jusqu'à 200 entrées. Pour multiplier leurs chances, Microsoft détaille quelques actions : installer l'extension Rewards rapporte 10 entrées, définir Bing comme moteur de recherche par défaut en donne aussi 10, installer Bing ou Edge sur son smartphone rapporte 5 entrées chacun, et ajouter Microsoft Defender donne également 5 entrées supplémentaires. Pour couronner le tout, un partage de lien permet de débloquer jusqu'à 50 entrées supplémentaires.Microsoft espère ainsi booster l'utilisation de son écosystème et attirer les utilisateurs de Google. Mais séduire les fidèles de Google reste un défi. En dépit de ses innovations, comme le partenariat avec OpenAI et l'intégration de Copilot dans Bing, le moteur de recherche de Microsoft peine toujours à s'imposer : Bing ne détient actuellement que 4,15 % de part de marché mondial, bien loin derrière Google, qui règne avec 89,13 %. En France, la situation est similaire, Bing ne parvenant qu'à capter 6,52 % des utilisateurs. L'attrait d'un gain financier suffira-t-il à détourner les internautes de Google ? Peu probable. Microsoft, en exigeant des participants qu'ils fournissent noms, prénoms, adresse et téléphone, joue une carte risquée dans un monde où la protection des données est de plus en plus scrutée. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

Summary In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss critical cybersecurity insights, focusing on Active Directory security techniques, the implications of recent incidents involving Microsoft Defender for Endpoint, and the introduction of passwordless solutions for Apple devices. They emphasize the importance of foundational knowledge in cybersecurity, the need for robust security practices, and the evolution of identity management solutions in enterprise environments. ---------------------------------------------------- YouTube Video Link:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠https://youtu.be/ySylj7V0AY8 ---------------------------------------------------- Documentation: https://www.cyber.gov.au/resources-business-and-government/maintaining-devices-and-systems/system-hardening-and-administration/system-hardening/detecting-and-mitigating-active-directory-compromises https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-s-safe-deployment-practices/ba-p/4220342 https://learn.microsoft.com/en-us/entra/identity-platform/apple-sso-plugin ---------------------------------------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/bluesecuritypod LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod YouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast ----------------------------------------------------------- Andy Jaw Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajawzero LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠ ---------------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

What are prompt injection attacks and how do you stop them? How do you avoid deceptive responses? Can AI traffic be end-to-end encrypted? We'll answer these questions and more with technical demonstrations to make it real. Mark Russinovich will show you how to develop and deploy AI applications that prioritize safety, privacy, and integrity. Leverage real-time safety guardrails to filter harmful content and proactively prevent misuse, ensuring AI outputs are trustworthy. The integration of confidential inferencing enables users to maintain data privacy by encrypting information during processing, safeguarding sensitive data from exposure. Enhance AI solutions with advanced features like Groundedness detection, which provides real-time corrections to inaccurate outputs, and the Confidential Computing initiative that extends verifiable privacy across all services. Mark Russinovich, Azure CTO, joins Jeremy Chapman to share how to build secure AI applications, monitor and manage potential risks, and ensure compliance with privacy regulations.   ► QUICK LINKS: 00:00 - Keep data safe and private 01:19 - Azure AI Content Safety capability set 02:17 - Direct jailbreak attack 03:47 - Put controls in place 04:54 - Indirect prompt injection attack 05:57 - Options to monitor attacks over time 06:22 - Groundedness detection 07:45 - Privacy—Confidential Computing 09:40 - Confidential inferencing Model-as-a-service 11:31 - Ensure services and APIs are trustworthy 11:50 - Security 12:51 - Web Query Transparency 13:51 - Microsoft Defender for Cloud Apps 15:16 - Wrap up   ► Link References Check out https://aka.ms/MicrosoftTrustworthyAI  For verifiable privacy, go to our blog at https://aka.ms/ConfidentialInferencing    ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Prevent attackers from stealing your identity and data by protecting your tokens. In single sign-on systems like SAML and OAUTH, tokens are how services know who you are and what you can do. When you sign in to your machine with your Microsoft Entra ID account, you are getting a session token you can use to access things like your email, teams and other apps. Check out new capabilities like Credential Guard in Windows enforced by device policies in Intune, Token Protection enforcement in Microsoft Entra, and Token theft detections in Microsoft Sentinel and Defender XDR. Alex Weinert, from the Microsoft Entra team, explains what tokens are, how token theft works, and how to defend yourself from these attacks.   ► QUICK LINKS: 00:00 - Token theft attacks 01:39 - Token basics 02:59 - Token theft demo 03:41 - How to use token protection 05:22 - Additional Token theft defenses 06:25 - How to detect and shut down attacks 08:01 - Wrap up   ► Link References Get started at https://aka.ms/TokenTheftDefense   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Video Episode: https://youtu.be/665pQQC8k-4 In today’s episode, we delve into the shocking case of Adam Iza, a California man allegedly linked to extortion and bribery involving local police officers, and his ties to the notorious hacking group UGNazi. We also discuss developments in cybersecurity, including the SEC’s charges against Robert B. Westbrook for insider trading through computer hacks, the alarming rise of the Sniper Dz phishing-as-a-service platform, the unveiling of vulnerabilities in court systems nationwide, and Microsoft Defender’s new features to detect unsecured Wi-Fi networks. Join us as we unpack these significant stories impacting the cybercrime landscape. Links to articles: 1. https://krebsonsecurity.com/2024/09/crooked-cops-stolen-laptops-the-ghost-of-ugnazi/ 2. https://www.bleepingcomputer.com/news/security/hacker-charged-for-breaching-5-companies-for-insider-trading/ 3. https://thehackernews.com/2024/10/free-sniper-dz-phishing-tools-fuel.html 4. https://www.bleepingcomputer.com/news/security/microsoft-defender-now-automatically-detects-unsecure-wi-fi-networks/ 5. https://arstechnica.com/security/2024/09/systems-used-by-courts-and-govs-across-the-us-riddled-with-vulnerabilities/ Timestamps 00:00 – Introduction 01:07 – Crooked Cops 02:50 – Insider Trading 04:06 – PHaaS SniperDZ 06:00 – Defender VPN on Insecure Wifi 1. What are today’s top cybersecurity news stories? 2. How are law enforcement officers involved in cybercrime? 3. What charges were filed against hacker Robert B. Westbrook? 4. What is phishing-as-a-service and how does it work? 5. How does Microsoft Defender protect against unsafe Wi-Fi networks? 6. What vulnerabilities were found in U.S. court and government systems? 7. What is the connection between Adam Iza and the UGNazi hacker group? 8. What techniques do cybercriminals use for insider trading? 9. How can you identify and prevent phishing attacks? 10. What role does encryption play in protecting public Wi-Fi connections? corruption, cybercrime, Adam Iza, violence-as-a-service, Westbrook, insider trading, cybercrime, SEC, Sniper Dz, phishing, credential theft, Telegram, Microsoft Defender, Wi-Fi networks, cyber-attacks, VPN, Parker, vulnerabilities, voter registrations, security,

Welcome to Episode 384 of the Microsoft Cloud IT Pro Podcast. In this episode, we tackle a wide range of essential topics to help you monitor, secure, and streamline operations across your Azure estate. From access control strategies to virtual machine agents and everything in between, this episode gives you a high-level overview of Microsoft Defender for Cloud and the suite of Azure services it protects. Like what you hear and want to support the show? Check out our membership options. Show Notes Episode 382 – Securing the Modern Workplace: Exploring Microsoft Entra ID Security Defaults, Conditional Access Policies, and Microsoft Secure Score Episode 383 – Securing Azure: Monitoring and observing your Azure estate What is Microsoft Defender for Cloud? Common questions about Defender for Cloud? Common questions about data collection, agents, and workspaces About Azure Update Manager Align responsibilities across teams About the sponsors Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!

In this episode of the Security Swarm Podcast, host Andy Syrewicze and our regular guest, Paul Schnackenburg, provide a comprehensive overview of the Microsoft Defender ecosystem. They cover the various Defender products, including:  Defender for Endpoint - Microsoft's enterprise endpoint security solution with different licensing tiers  Defender for Identity - Cloud-based threat detection for on-premises Active Directory  Defender Vulnerability Management - Inventory and risk assessment of software on endpoints  Defender for IoT - Security for Internet of Things and operational technology environments  Defender for Cloud - Cloud security for Azure, AWS, and GCP resources  And Others!  They also discuss the "Defender adjacent" services like Microsoft Entra (identity), Microsoft Purview (data security/governance), and Microsoft Defender for Cloud Apps (CASB).  A key focus of the discussion is the complexity and management challenges that come with this expansive Defender suite. The host and the guest note the large number of different management portals, the difficulty of adequately configuring and leveraging all the features, and the need for dedicated security teams to utilize these enterprise-grade tools fully.   Further down the line, Andy and Paul explore the significant value that third-party security solutions can provide in augmenting or simplifying the M365 security experience. They highlight how third-party tools can offer easier deployment, management, and specialized capabilities that may be outside the core focus of the broader Defender ecosystem, thereby enhancing the overall security posture of an organization.   Overall, this episode takes a deep dive into the Microsoft Defender landscape, exploring the pros and cons of the comprehensive suite and offering insights on how organizations can optimize their security with a mix of Microsoft and third-party solutions.  CTA: Overwhelmed by the complexity of the Microsoft Defender ecosystem? Simplify your Microsoft 365 security, risk management, governance, compliance, and backup with 365 Total Protection by Hornetsecurity.  Key Takeaways:  The Microsoft Defender ecosystem has grown significantly beyond the basic antivirus/anti-malware solution, now encompassing a wide range of security products and services across endpoints, cloud, identity, and more.  Navigating the Defender suite can be challenging due to the sheer number of products, overlapping features, and disparate management portals, especially for smaller organizations without dedicated security teams.  Licensing for Defender products can be complex, with different SKUs (P1, P2, Business Premium, E3, E5) offering varying levels of functionality and requiring careful evaluation to ensure the right fit.  Third-party security solutions can provide value by offering simplified management, enhanced detection capabilities, and avoiding over-dependence on a single vendor (Microsoft) for an organization's security needs.  Proper configuration and ongoing optimization of Defender tools is difficult and time consuming, leaving the full potential of the suite to enterprises with dedicated security teams.  Microsoft Defender XDR (Extended Detection and Response) aims to integrate Defender products into a more cohesive security platform. Still, it requires significant resources and expertise to implement effectively.  Timestamps:  (02:00) Overview of the Microsoft Defender ecosystem  (07:00) Differences between Microsoft Defender for Endpoint P1, P2, and Business Premium  (13:00) Explanation of Microsoft Defender for Identity and its on-premises vs cloud components  (19:00) Discussion of Microsoft Defender Vulnerability Management and its challenges for small/medium businesses  (32:00) Value that third-party security solutions can provide compared to the Microsoft Defender suite  Episode Resources:  Security Swarm Episode on M365 Security Licensing

You are going to need to update any global administrator account that doesn't have MFA enabled soon. Failing to do so will cause you some pain when you visit the Azure, EntraID or Intune portal. See the included article for more details. This and lots of Microsoft cloud news in this episode including some great improvements to Microsoft Teams. Resources @directorcia Join my shared channel CIAOPS merch store Become a CIAOPS Patron CIAOPS Blog CIAOPS Brief CIAOPSLabs Support CIAOPS Announcing mandatory multi-factor authentication for Azure sign-in Moving to OneNote on Windows Microsoft Defender for Endpoint's Safe Deployment Practices Updates to Microsoft Copilot to bring enterprise data protection to more organizations Reimagining content management at Microsoft with SharePoint Premium Give a custom name to the General channel in Microsoft Teams Enhanced presenter and attendee experience with the expanded gallery view in Teams  Face Check is now generally available Show or hide the Discover feed in Microsoft Teams Exploring the latest AI features in Clipchamp Professional project management with Microsoft Planner How Microsoft and NIST are collaborating to advance the Zero Trust Implementation Detect compromised RDP sessions with Microsoft Defender for Endpoint  Enhancements to the Outbound Messages in Transit Security Report

Azure Open AI is widely used in industry but there are number of security aspects that must be taken into account when using the technology. Luckily for us, Audrey Long, a Software Engineer at Microsoft, security expert and renowned conference speaker, gives us insights into securing LLMs and provides various tips, tricks and tools to help developers use these models safely in their applications.   Media file: https://azpodcast.blob.core.windows.net/episodes/Episode502.mp3 YouTube: https://youtu.be/64Achcz97PI Resources: AI Tooling: Azure AI Tooling Announcing new tools in Azure AI to help you build more secure and trustworthy generative AI applications | Microsoft Azure Blog Prompt Shields to detect and block prompt injection attacks, including a new model for identifying indirect prompt attacks before they impact your model, coming soon and now available in preview in Azure AI Content Safety.  Groundedness detection to detect “hallucinations” in model outputs, coming soon.  Safety system messagesto steer your model’s behavior toward safe, responsible outputs, coming soon. Safety evaluations to assess an application’s vulnerability to jailbreak attacks and to generating content risks, now available in preview.   Risk and safety monitoring to understand what model inputs, outputs, and end users are triggering content filters to inform mitigations, coming soon, and now available in preview in Azure OpenAI Service. AI Defender for Cloud AI Security Posture Management AI security posture management (Preview) - Microsoft Defender for Cloud | Microsoft Learn AI Workloads Enable threat protection for AI workloads (preview) - Microsoft Defender for Cloud | Microsoft Learn        AI Red Teaming Tool Announcing Microsoft’s open automation framework to red team generative AI Systems | Microsoft Security Blog AI Development Considerations:   AI Assessment from Microsoft Conduct an AI assessment using Microsoft’s Responsible AI Impact Assessment Template Responsible AI Impact Assessment Guide for detailed instructions Microsoft Responsible AI Processes Follow Microsoft’s Responsible AI principles: fairness, reliability, safety, privacy, security, inclusiveness, transparency, and accountability Utilize tools like the Responsible AI Dashboard for continuous monitoring and improvement Define Use Case and Model Architecture Determine the specific use case for your LLM Design the model architecture, focusing on the Transformer architecture   Content Filtering System How to use content filters (preview) with Azure OpenAI Service - Azure OpenAI | Microsoft Learn Azure OpenAI Service includes a content filtering system that works alongside core models, including DALL-E image generation models. This system uses an ensemble of classification models to detect and prevent harmful content in both input prompts and output completions The filtering system covers four main categories: hate, sexual, violence, and self-harm Each category is assessed at four severity levels: safe, low, medium, and high Additional classifiers are available for detecting jailbreak risks and known content for text and code. JailBreaking Content Filters Red Teaming the LLM Plan and conduct red teaming exercises to identify potential vulnerabilities Use diverse red teamers to simulate adversarial attacks and test the model’s robustness Microsoft AI Red Team building future of safer AI | Microsoft Security Blog Create a Threat Model with OWASP Top 10 owasp.org/www-project-top-10-for-large-language-model-applications/assets/PDF/OWASP-Top-10-for-LLMs-2023-slides-v1_1.pdf Develop a threat model and implement mitigations based on identified risks   Other updates: Los Angeles Azure Extended Zones Carbon Optimization App Config Ref GA OS SKU In-Place Migration for AKS Operator CRD Support with Azure Monitor Managed Service Azure API Center Visual Studio Code Extension Pre-release Azure API Management WordPress Plugin Announcing a New OpenAI Feature for Developers on Azure

Google's AI overviews in search results have significantly decreased due to user complaints about incorrect answers, prompting the company to refine its implementation. MIT launched the AI Risk Repository, a database cataloging over 700 unique risks associated with AI systems to assist organizations in assessing and mitigating AI risks. Additionally, Dashlane's Passkey report showcased the rapid adoption of Passkeys as a password replacement, driven by consumer demand in various sectors.The episode also covered significant developments in cybersecurity and government initiatives. CISA is analyzing the impact of a recent Supreme Court ruling on its new cyber incident reporting rule, while the White House is collaborating with the Department of Treasury and CISA to develop a cyber insurance policy proposal for catastrophic incidents. The FCC unveiled a $200 million cybersecurity program for schools and libraries to enhance their cybersecurity measures against increasing cyberattacks, separate from the existing E-Rate program.In response to scraping allegations, SOCRadar confirmed that their internal systems were not breached, and they are enhancing security measures to prevent future incidents. A security researcher revealed two zero-day vulnerabilities in Windows that allow downgrade attacks, compromising critical OS components. The episode also highlighted various cybersecurity developments from DEF CON and Black Hat, including the hacking of EvoVac robots and the development of a laser microphone for keystroke surveillance.Lastly, Syncro launched an AI-powered smart ticket management solution for managed services providers and IT operations to enhance efficiency and ticket resolution. SAS Alerts integrated Microsoft Defender for Endpoint into its security platform for MSPs, offering centralized monitoring of Microsoft 365 applications and Endpoint security. These developments reflect a trend towards leveraging AI in ticket resolution and enhancing cybersecurity measures in the tech industry. Four things to know today00:00 Google Scales Back AI Overviews Amid User Complaints as MIT Releases Comprehensive AI Risk Tool04:10 CISA Analyzes Supreme Court Ruling Impact as FCC Unveils $200M Cybersecurity Program for Schools06:50 SOCRadar Responds to Scraping Allegations, Confirms No Breach of Internal Systems08:53 Syncro Launches AI-Driven Smart Ticket Management to Streamline MSP Operations  Supported by:  https://getthread.com/https://www.coreview.com/msp/   All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social

Text us feedback!In this episode, Spencer and Brad dive into the complex maze of 3rd party email providers, filtering and spoofing. Email spoofing is a technique used by cybercriminals to disguise the sender's address in an email message, making it appear as though the email originated from a different source. This can be used for a variety of malicious purposes, such as phishing attacks, fraudulent activities, or spreading malware.DMARC Rundown - Offensive Security Blog - SecurIT360“EchoSpoofing” — A Massive Phishing Campaign Exploiting...Spoof intelligence insight - Microsoft Defender for Office 365How attackers bypass third-party mail filtering to Office 365Spoofing Microsoft 365 Like It's 1995 - Black Hills Information SecurityBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

Ergo, one of Ireland's leading IT services providers, has achieved the Microsoft Modernise Endpoints specialisation, a recognition given to Microsoft partners globally who demonstrate deep knowledge, extensive experience, and proven success in delivering holistic solutions designed for the hybrid workplace. As the world of work changes and businesses continue to operate hybrid models of working, organisations need to manage and enable secure access to corporate resources across mobile, desktop, and virtual endpoints to better enable their workforce and set them up for success. This includes devices users need, operating systems that are secure by design, endpoint management solutions, and collaborative applications that are accessible from anywhere. Microsoft Capabilities The Ergo team works to embed a culture of collaboration and secure hybrid working inside global multi-site organisations, using Microsoft solutions such as Microsoft Intune, Microsoft 365, Windows Autopilot, Microsoft Defender for Endpoint, Microsoft Entra and Microsoft Azure Virtual Desktop Infrastructure to bring disparate workforces together for a seamless experience. Speaking on the recognition, Gerry Hampson, Client Management Practice Lead at Ergo, and Microsoft MVP, said: "In a world where workplaces are increasingly disparate, it is essential that organisations are set up for success when managing teams across multiple locations and geographies." "This achievement is testament to the hard work and dedication of the team here in Ergo, who are steadfast in their commitment to ensuring that our customers are set up for success through preparing them for today, while planning for tomorrow." Paul Chawke, Partner Development Manager at Microsoft said: "Ergo has a longstanding, 30-year long history with Microsoft achieving technological advancements and innovation in Ireland. This achievement recognises the work that Ergo are carrying out when it comes to equipping organisations for success through Modernize Endpoint solutions." Ergo has extensive knowledge and capabilities in the area of modern work, with one of the largest Microsoft practices in Ireland and five Microsoft MVPs (Most Valuable Professionals, the highest accolade a Microsoft engineer can be awarded), three of whom contribute to modern work areas such as Microsoft 365 Development and Enterprise Mobility. Ergo is also a Microsoft Solution Partner for Modern Work with specialisations in adoption and change management, meetings and meeting rooms for Microsoft Teams, and Modernise Endpoints. This expertise was recognised as Ergo took home the Microsoft Partner of the Year Award 2024. This is the sixth time Ergo has won the Country of the Year Award making it the most recognised Microsoft Partner in Ireland. See more stories here.

Hackers exploiting Microsoft Defender SmartScreen bug IT leaders note increase in severity of cyber-attacks, ransomware and BEC stand out, Trump shooting investigation revives the end-to-end encryption issue Huge thanks to our sponsor, Vanta Whether you're starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines.  For the stories behind the headlines, head to CISOseries.com

In this week's episode, we look at recent Azure updates. What's new? What's interesting? What's retiring? We found updates for Azure Functions, Defender for Cloud, Windows VM and MFA, and many others. Also, Jussi asks Tobi an unexpected question.(00:00) - Intro and catching up.(03:54) - Show content starts.Show links- Public Preview: Continuous Performance Diagnostics for Windows VMs to enhance VM Troubleshooting- Windows Server 2025 Preview on Azure- MFA requirements update- Public preview for the Microsoft Entra Powershell module- Generally Available: Run Azure Load Testing on Azure Functions (microsoft.com)- Service Retirement (Preview) - Microsoft Azure- What's new in Microsoft Defender for Cloud features- Give us feedback!

Craig Loewen has had a love for technology ever since he was a child and has grown passionate about building things that empower people. From constructing his own quadcopter for photography to delivering developer tools that aid developers in driving technological innovation, he has done it all.   As a product manager at Microsoft, he is responsible for the Windows Subsystem for Linux (WSL), a developer tool used by over 3 million developers and IT professionals. He defines the product vision and prioritizes the feature roadmap based on customer data, technical feedback, and market studies. On the personal side, he volunteers as a mentor at First Robotics, teaching high school students how to build robots and fostering a passion for STEM.   Topics of Discussion: [3:52] Craig's career journey, starting as an intern working on Windows console and WSL features. [5:18] Common use cases for WSL — allowing developers to use Linux tools while staying on Windows. [7:43] How to get started with WSL. [8:59] Does Craig have any favorite Linux programs? [10:05] New Dev Home feature for managing WSL distros with a graphical interface. [11:36] How WSL works using virtualization technology. [13:35] Memory management in WSL — typical usage and automatic optimization. [15:22 WSL is designed primarily for development scenarios, not production environments. [20:33] Integration of local AI and small language models with WSL using VS Code AI Toolkit. [23:37] Using small language models for various tasks, including issue labeling and search functionality. [27:35] Intro to Sudo for Windows, bringing Linux-like elevated permissions to Windows commands. [28:39] What exactly is Sudo? [32:39] New enterprise features for WSL, including security controls and integration with Microsoft Defender.   Mentioned in this Episode: Clear Measure Way Architect Forum Software Engineer Forum Programming with Palermo — New Video Podcast! Email us at programming@palermo.net. Clear Measure, Inc. (Sponsor) .NET DevOps for Azure: A Developer's Guide to DevOps Architecture the Right Way, by Jeffrey Palermo — Available on Amazon! Jeffrey Palermo's Twitter — Follow to stay informed about future events! Craig Loewen What is the Windows Subsystem for Linux Windows Subsystem for Linux, Your Enterprise Ready Multitool Zero to Hero — Develop your first app with Local LLMs on Windows   Want to Learn More? Visit AzureDevOps.Show for show notes and additional episodes.

In this episode of the Blue Security Podcast, Andy and Adam discuss recommended settings for Exchange Online Protection (EOP) and Microsoft Defender for Office (MDO). They explain that EOP is the core security for M365 subscriptions, providing anti-malware, anti-spam, and anti-phishing protection. They also highlight the importance of the secure by default feature in EOP and the use of admin submissions to report false positives and false negatives. They caution against using methods like Outlook safe senders, IP allow listing, and allowed senders list within anti-spam policies, as these can bypass important security measures. They emphasize the need for organizations to regularly review and clean up their EOP policies to ensure effective email security. Takeaways -Exchange Online Protection (EOP) is the core security for M365 subscriptions, providing anti-malware, anti-spam, and anti-phishing protection. -The secure by default feature in EOP ensures that high-confidence phishing and malware emails are blocked, regardless of any overrides or exceptions. -Admin submissions should be used to report false positives and false negatives, allowing Microsoft to review and improve filtering rules. -Methods like Outlook safe senders, IP allow listing, and allowed senders list within anti-spam policies can bypass important security measures and should be avoided. -Regularly reviewing and cleaning up EOP policies is essential to maintain effective email security. ---------------------------------------------------- YouTube Video Link:⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠https://youtu.be/guRhC1yVJYI⁠⁠⁠⁠⁠⁠⁠⁠ ---------------------------------------------------- Documentation: https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-worldwide https://learn.microsoft.com/en-us/defender-office-365/secure-by-default https://learn.microsoft.com/en-us/defender-office-365/advanced-delivery-policy-configure#use-the-microsoft-defender-portal-to-configure-third-party-phishing-simulations-in-the-advanced-delivery-policy ---------------------------------------------------- Contact Us: Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/bluesecuritypod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Linkedin: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Youtube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ----------------------------------------------------------- Andy Jaw Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajawzero⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ---------------------------------------------------- Adam Brewer Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com --- Send in a voice message: https://podcasters.spotify.com/pod/show/blue-security-podcast/message

Have you rolled out Microsoft Defender for Cloud? Richard chats with Yuri Diogenes about the bundle of tools under the Defender for Cloud moniker. Yuri describes Defender for Cloud as a Cloud-Native Application Protection Platform (CNAPP). This Gartner term covers the various elements that go into a cloud-native application, including APIs, servers, containers, storage, resource manager, and more! Defender for Cloud integrates with Microsoft Purview to understand data sensitivity, and Microsoft Sentinel helps detect breaches or data misuse. It also offers attack path analysis and remediation so you can get ahead of the attackers to close off potential breach risks before they happen! Check the links in the show notes for great resources, including an ebook on CNAPP strategy!LinksDefender for CloudOWASP Top 10 API Security RisksDefender for APIsMicrosoft SentinelData Security DashboardAttack PathsMicrosoft PurviewCloud Security Posture ManagementMicrosoft Copilot for SecuritySecurity Remediation with GovernanceDefender for Cloud ServiceNow IntegrationCNAPP Strategy EbookRecorded May 13, 2024

How can Microsoft Copilot for Security help you? While at NDC in Sydney, Richard chatted with George Coldham about Microsoft Copilot for Security - combining GPT-4 with information about Microsoft security products and your organization's resources in Azure to provide guidance and insight into making your company more secure. George talks about how it's early days for this copilot - and it's only in preview so far. Bringing together the vast array of security products that Microsoft makes, Microsoft Copilot for Security brings the ability of Large Language Models to summarize data to help you understand where the organization's security vulnerabilities exist and how to address them. You want to get in on this preview!LinksMicrosoft Copilot for SecurityUnified Security Operations PlatformMicrosoft SentinelMicrosoft Security Portals and Admin CentersMicrosoft Defender for EndpointMicrosoft Defender for CloudMicrosoft EntraMicrosoft PurviewMicrosoft PrivaKusto Query LanguageMicrosoft Defender Threat IntelligenceRecorded February 13, 2024

In the past year, ransomware attacks have been up almost 300%, with over 50% targeting small businesses. To help mitigate this increase, Microsoft is launching their new Security Copilot, and we sat down with their SMB Security Strategy Head, Binil Pillai, to learn more.We dive into the importance of SMBs assessing their security posture, how to leverage AI for efficient threat detection and response, and the role of Microsoft's partner ecosystem in providing comprehensive security solutions. The episode concludes with advice for SMB leaders on starting their security assessments and the benefits of integrating AI into their cybersecurity strategies.Episode Highlights:01:39 Why is SMB security a priority for Microsoft?07:34 Key security challenges for SMBs 09:26 How can SMBs leverage AI within security?16:28 How VPs of Engineering can use new tech to deal with threats20:25 Microsoft Security Copilot 24:30 Where is the best place to learn about Microsoft's security strategy?Show Notes:Microsoft Copilot for Security is generally available on April 1, 2024 | Microsoft Security BlogMicrosoft Copilot for Security: General Availability details - Microsoft Community HubMicrosoft 365 Business Premium | Microsoft 365Microsoft Defender for Business | Microsoft SecurityAutomatic attack disruption in Microsoft 365 Defender | Microsoft LearnMicrosoft Defender for Cloud | Microsoft SecurityWhat is Microsoft Defender for Cloud? - Microsoft Defender for Cloud | Microsoft LearnSolution Assessment Program (microsoft.com)Support the show: Subscribe to our Substack Leave us a review Subscribe on YouTube Follow us on Twitter or LinkedIn Offers: Learn about Continuous Merge with gitStream Get your DORA Metrics free forever

Welcome to Episode 373 of the Microsoft Cloud IT Pro Podcast where Ben and Scott close out their review of Microsoft Intune and its third pillar - Endpoint security. They discuss the core components of Endpoint security, including antivirus, disk encryption, and firewall configuration. Ben also takes Scott on a tour of some more hidden gems in Endpoint security, including managed installers along with endpoint detection and response policies. Like what you hear and want to support the show? Check out our membership options. Show Notes Microsoft Intune troubleshooting Manage endpoint security in Microsoft Intune Manage BitLocker policy for Windows devices with Intune Use FileVault disk encryption for macOS with Intune Monitor device encryption with Intune Endpoint security firewall rule migration tool overview Enforce compliance for Microsoft Defender for Endpoint with Conditional Access in Intune Endpoint detection and response policy for endpoint security in Intune Manage approved apps for Windows devices with App Control for Business policy and Managed Installers for Microsoft Intune About the sponsors Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining me is our sponsored guest, Spencer Thompson, CEO, Prelude. In this episode: Why does it take so long to integrate new tools and get them up to speed? Are we always in a state where we are always lacking readiness? What should we be measuring? Do we focus too much on singular events? Thanks to our podcast sponsor, Prelude Prelude Detect is the world's only production-scale detection and response testing platform. Automatically transform your threat intelligence into validated detections and preventions in less than five minutes. Integrate with CrowdStrike, Microsoft Defender, SentinelOne, and more to enable machine speed detection and response engineering

Welcome to Episode 371 of the Microsoft Cloud IT Pro Podcast, where we'll be discussing Microsoft Intune, one of the most powerful tools for managing your organization's devices, apps, and endpoint security. In this episode, we'll start exploring the three pillars of Intune: Devices, Apps, and Endpoint Security. We'll cover what devices you can enroll, how to onboard them, and what configurations are available. Like what you hear and want to support the show? Check out our membership options. Show Notes Washington's Dream - SNL - YouTube Microsoft Intune plans and pricing Microsoft Intune licensing Device-only licenses Microsoft Intune planning guide Get started with your Microsoft Intune deployment Supported operating systems and browsers in Intune Manage endpoint security policies on devices onboarded to Microsoft Defender for Endpoint Import custom ADMX and ADML administrative templates into Microsoft Intune (public preview) Create a Settings Catalog policy using your imported GPOs in Microsoft Intune (public preview) Password and account lockout policies on Microsoft Entra Domain Services managed domains About the sponsors Intelligink utilizes their skill and passion for the Microsoft cloud to empower their customers with the freedom to focus on their core business. They partner with them to implement and administer their cloud technology deployments and solutions. Visit Intelligink.com for more info.