Monthly news – November 2024 by info.odysseyx@gmail.com November 4, 2024 written by info.odysseyx@gmail.com November 4, 2024 0 comment 1 views 1 Microsoft Defender Vulnerability Management Guidance for using Microsoft security features to address CUPS remote code execution vulnerabilities. In this blog post We’ll show you how you can easily discover if your organization is vulnerable to a serious unauthenticated RCE flaw in your CUPS printing system and view remediation guidance. Microsoft Security Exposure Management ninja show: In this two-episode look at Microsoft Security Exposure Management, you’ll learn how to quantify risk, generate reports for key stakeholders, integrate your security stack, and optimize attack surface management. Watch the recording. Part 1 and Part 2. Microsoft Security Expert Phishing, Clicking, Breaching: Hunting Sophisticated Cyber Attacks. From April 2024, we will see a significant increase in Teams phishing attacks, particularly Quick Assist (see: Threat actors misusing Quick Assist in social engineering attacks leading to ransomware | Microsoft…) and other tools such as Any Desk and Team Viewer. In this blogWe will look at one of the observed scenarios and discuss hunting approaches to detect such attacks. microsoft New permission levels have been added to unified RBAC roles. The Ask Defender expert feature is available to Microsoft Threat Experts customers. Find out more in our article. Microsoft Defender for Cloud Apps A variety of new data has been released In advanced hunting Via the CloudAppEvents table – abnormal data – Conditional Access App Control/Inline Data – OAuthAppId we published New short training video (6 minutes) App governance. Threat actors are using app IDs rather than people as an attack vector, which is unfortunately not well understood. Customers who own Defender for Cloud Apps can enable app governance and turn on powerful features with just a few simple clicks.. Microsoft Defender for Office 365 Explore email and collaboration threats more effectively using community queries. One of the most valuable and insightful resources in advanced hunting is Community query function. This collaborative repository can enhance threat hunting capabilities, streamline investigation processes, and empower security operations center (SOC) team members with easily accessible shared knowledge. Check out this blog Learn about the benefits of using community queries. Tenant allow/block list Now in Microsoft 365 Supports IPv6 addresses. Learn more our document. Watch this short 4-minute training video for ““How to investigate email messages in Microsoft Defender for Office 365”. Ninja Show Episodes: Defense in Depth with Dual-Use Scenarios: We explore the protection mechanisms built into Defender for Office 365 with Manfred Fischer, Senior Product Manager, and Dominik Hoefling, Cloud Solutions Architect. First-party email filtering services can still benefit from the powerful features and controls of Defender for Office 365. Bulk sender information in Microsoft Defender for Office 365: In this episode, Senior Product Manager Puneeth Kuthati explains the importance of high-volume sender insights within Defender for Office 365. Learn how these insights can help you distinguish trusted bulk senders from potential threats, troubleshoot fine-tuning bulk email filters, and take the right action. Maintain a balance so that important emails reach your inbox without stress. By analyzing sender behavior and trends, organizations can strengthen email security, reduce bulk unsolicited traffic, and minimize false positives. Microsoft Defender for Endpoints Microsoft Defender for Identity (Preview) Defender for Identity Expands coverage with 10 new identity status recommendations. read Details about our article Find out how these new recommendations can help you improve your posture. Co-Pilot Identity Summary Released as public preview. Read this blog Find out what Copilot for Security can do for you. Simplify your SOC team’s investigation with Defender XDR’s new ID summary feature. Copilot for secure identity summarization (preview) Sensor management (add, remove, list…) via new public API check it out our documents Learn more about this API. Source link Share 0 FacebookTwitterPinterestEmail info.odysseyx@gmail.com previous post The AI-powered future of work: How Zensai and Microsoft lead the way next post Configuring total retention period for log analytics workspace tables at scale You may also like A New Dawn of Software Defined Networking (SDN) in Windows Server 2025 November 5, 2024 Get AI ready: Empowering developers in the era of AI November 5, 2024 Announcing the General Availability of Windows Server IoT 2025! November 5, 2024 America’s Partner Blog | Partners Make More Possible: Education November 4, 2024 Turn Microsoft Copilot into a personal assistant with Scheduled Prompts November 4, 2024 Sync identities from Rippling to Microsoft Entra ID November 4, 2024 Leave a Comment Cancel Reply Save my name, email, and website in this browser for the next time I comment.