Hi All,
With the August 2022 Updates for ExchangeServer 2013/2016/2019 there is a new Feature called Windows Server Extended Protection. This will help against authentication relay or “man in the middle” (MitM) attacks.
Exchange Server Support for Windows Extended Protection Restrictions
does not work with hybrid servers using Modern Hybrid configuration SSL Offloading scenarios are not supported Automated Archiving with Archive Policy is not suported TLS configuration must be consistent across all Exchange servers Access to Public Folders on Exchange 2013 not supported The newest version of HealthChecker.
Hi All, The M365 Defender for Office Safe Links Block list have been moved to Tenant Allow Block List (TABL) If you click on "Global Settings"
https://security.microsoft.com/safelinksv2
you can see that the Block List have been Migrated
Let's check the Tenant Allow/Block List https://security.microsoft.com/tenantAllowBlockList
You can view the TenantAllowBlockList Items with the following Exchange command
Get-TenantAllowBlockListItems
https://docs.microsoft.com/en-us/powershell/module/exchange/get-tenantallowblocklistitems?view=exchange-ps
Get-TenantAllowBlockListItems -ListType URL Get-TenantAllowBlockListItems -ListType URL | where {$_.Notes -match "Migrated"}
I came across the "
Hi All, There has been a change in the Defender for Office 365 Anti-Malware Policy notifications. Summary: internal and external Notifications are gone and Action is changed only to "Quarantine" or "Reject" (with NDR).
Not much to see on the M365 Roadmap But there are more Details in the M365 Admin Portal in Message Center
In the M365 Defender Portal you can review the Settings
https://security.microsoft.com/antimalwarev2 Internal- and ExternalSendernotifcations are gone.
Hi All, Azure Active Directory Sign-in Logs is really helpful, when analyzing Sign-in Problems. But it also can be very helpful, when analyzing the overall Sign-ins or looking out for strange behavior. One of the Tips would be th Filter for Location and use the CountryCode and Status of Sucess
I have set up Azure Active Directory Diagnostics to save the Sign-In Logs to a LogAnalytics Workspace. Here you can Query the Logs with KQL.
Hi All, I've been using Windows Hello for Busindess with Face recocnition since a long time on my Surface Laptop 3. This week it stopped working suddently with the Message "Couldn't turn on the Camera". Even the Driver and Firmware Update did not help. The Camera App is working just fine. Also in Teams the Camera works fine.
In the End i remved the two Cameras in the Device Manager (devmgmt.
Hi All, In this Blog Article, i want to talk about how to protect your Azure SQL Databases with Firewall Rules at Server or Database level. Azure SQL Database and Azure Synapse IP firewall rules
https://docs.microsoft.com/en-us/azure/azure-sql/database/firewall-configure
The Server Level you can find on your Server Object
You can also find this when query the master Database --Database: master
SELECT * FROM sys.firewall_rules
At the Database level use this sp_set_firewall_rule (Azure SQL Database)
Hi All, In mid January Microsoft Announced, that the Microsoft Defender for Endpoint Plan 1 will be now Included in M365 E3/A3 Licenses.
Microsoft Defender for Endpoint Plan 1 Now Included in M365 E3/A3 Licenses
https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-plan-1-now-included-in-m365-e3/ba-p/3060639
My Account has a M365 E3 License and i can see "Microsoft Defender for Endpoint Plan 1" has been assigned.
Overview of Microsoft Defender for Endpoint Plan 1
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/defender-endpoint-plan-1?view=o365-worldwide
I went for the Documentation and Set it up in Micrsosoft Endpoint Manager.
Hi All, A customer recently could not remember the Password of the PFX File. I was curious and searched for a PFX Password Recovery Tool. I created a PFX with a Password 9 chars uppercase chars lowercase cars numbersspecial caracter Certificate Password Recovery Tool https://7thzero.com/blog/certificate-password-recovery-tool
I startet the Tool on Friday 14 January 23:41:41
After about 9 Days there where tested 569'890'000 diffrent combinations. And we're still at 5 Characters.
Hi All, I am pretty sure, i did not read anything about this refresh of Explorer in Microsoft 365 Defender (Security Admin Center) ttps://security.microsoft.com/threatexplorer
It has also been renamed from "Threat Explorer" just to "Explorer". What i absolutely love about this, is that the default now points to "All email" instead of "Malware" like before.
You sill have a lot of Filtering possibilities
And also the Chart view has diffrent Filtering options
Hallo zusammen, Im folgenden Artikel vom Azure Active Directory Identity Blog wird nochmals darauf hingewiesen, dass ab 31. Januar keine TLS 1.0 und TLS 1.1 Verbindungen mehr möglich sein werden
Act fast to secure your infrastructure by moving to TLS 1.2!
https://techcommunity.microsoft.com/t5/azure-active-directory-identity/act-fast-to-secure-your-infrastructure-by-moving-to-tls-1-2/ba-p/2967457
Am besten kann man das über ein KQL Query in einem Azure Log Analytics Workspace machen. Wie man so einen einrichtet habe ich bereits hier gebloggt https://blog.icewolf.ch/archive/2020/03/17/integrate-azure-ad-signins-into-azure-log-analytics-workspace.aspx Ihr braucht folgendes KQL Query: SigninLogs | where TimeGenerated > ago(30d)
