Microsoft Security Saturday – 05/02/2020

Ransomware groups continue to target healthcare, critical services; here’s how to reduce riskMultiple ransomware groups that have been accumulating access and maintaining persistence on target networks for several months activated dozens of ransomware deployments in the first two weeks of April 2020. So far the attacks have affected aid organizations, medical billing companies, manufacturing, transport, government institutions, and educational software providers, showing that these ransomware groups give little regard to the critical services they impact, global crisis notwithstanding.

Harden endpoint security for COVID-19 and working from home with Threat & Vulnerability ManagementTo help you effectively identify, assess, and remediate these endpoint misconfigurations, the Microsoft Defender Advanced Threat Protection (ATP) research team has added new assessments to our already rich set of existing secure configuration assessments in Threat & Vulnerability Management (TVM), which are geared towards hardening against threats related to the current outbreak.

Zero Trust Deployment Guide for Microsoft Azure Active DirectoryMicrosoft is providing a series of deployment guides for customers who have engaged in a Zero Trust security strategy. In this guide, we cover how to deploy and configure Azure Active Directory (Azure AD) capabilities to support your Zero Trust security strategy.

Managing and Securing Devices Utilizing Conditional Access Policies at MicrosoftAs most of the world is working from home due to the current COVID-19 pandemic, ITPros are busy helping users securely access corporate resources. We have put together this blog to share how we can protect and secure an organization’s resources and data while providing a better user experience and increase the productivity using Microsoft Intune (Microsoft Endpoint Manager -Intune).

Microsoft 365 Records Management now available, helping protect and govern critical dataKnowing, protecting, and governing your organizational data is critical to adhere to regulations and meet security and privacy needs. Arguably, that’s never been truer than it is today as we face these unprecedented health and economic circumstances. To help organizations to navigate privacy during this challenging time, Microsoft Chief Privacy Officer Julie Brill shared seven privacy principles to consider as we all collectively move forward in addressing the pandemic.

New tools to help IT empower employees securely in a remote work worldEnabling your users to work from anywhere, regardless of the industry you’re in, requires a level of confidence and control over how users access information across different device endpoints and networks. To make this easier for you, today I’m happy to announce several improvements to our products.

Atos adopts Microsoft 365 to enable secure remote work for all employeesAdopting Microsoft 365, Atos gave employees the flexibility of working from anywhere on the devices of their choice, simultaneously increasing security with Microsoft Endpoint Manager. The transition has resulted in millions of dollars in savings, 50 percent fewer IT help requests, and greater freedom for employees. 

Implementing Microsoft Exact Data Match (EDM) Part 1Microsoft launched the Exact Data Match (EDM) in August of 2019. This new capability enhances an organization’s ability to identify and accurately target specific data.

Implementing Microsoft Exact Data Match (EDM) Part 2The next step in our EDM setup is to create a Rule Package XML. This is probably the most crucial step in setting up EDM.  The Rule Pack controls or sets the criteria for how a match is made. I am going to walk you through the setup of the rule pack and explain the criteria and its use. 

Announcing OAuth 2.0 support for IMAP and SMTP AUTH protocols in Exchange OnlineEver since we announced our intention to disable Basic Authentication in Exchange Online we said we that we would add Modern Auth (OAuth 2.0) support for the IMAP, POP and SMTP AUTH protocols. Today, we’re excited to announce the availability of OAuth 2.0 authentication for IMAP and SMTP AUTH protocols to Exchange Online mailboxes.

Accelerating Cybersecurity Maturity Model Certification (CMMC) compliance on AzureAs we deliver on our ongoing commitment to serving as the most secure and compliant cloud, we’re constantly adapting to the evolving landscape of cybersecurity to help our customers achieve compliance more rapidly.

Monitoring Zoom with Azure SentinelOne of the great features of Azure Sentinel is its ability to ingest and analyze data from any source not just from Microsoft products. In this blog I will show you how you can collect logs from Zoom, ingest them into Azure Sentinel, and how a SOC team can start to hunt in the logs to find potentially malicious activity.

Hunting Threats on Linux with Azure SentinelAll sorts of activity and security data can be collected by Azure Sentinel for storage and mining.  The Syslog data collector is good for collecting data from Linux platforms but needs a helping hand to access information produced by the Linux kernel’s audit subsystem, kaudit, and the optional user-space  daemon, auditd. 

A Journey to Holistic Cloud Protection with the Microsoft 365 Security Stack Part 5 – DataFor our fourth stop in the journey to holistic cloud protection with the Microsoft 365 security stack we will be discussing Data security.  For anyone new joining us on this journey please ensure you check out Part I: Overview,  Part II: Identity SecurityPart III: Device SecurityPart IV: App Security to get caught up prior to reading Part V: Data Security which will be discussed during this article.