After a long hiatus from publishing Microsoft Security Saturday Newsletters, I am back with a monthly version that is call Microsoft Security Matters. I will be posting this newsletter at the end of each month for your consumption. Happy reading.

General News

• How security professionals can stay ahead of ransomware – Microsoft Security Blog
• MORSE security team takes proactive approach to finding bugs | Innovation Stories (microsoft.com)
• Microsoft Defender Experts for Hunting proactively hunts threats – Microsoft Security Blog
• How IT and security teams can work together to improve endpoint security – Microsoft Security Blog
• Security for next generation telecommunication networks | Azure Blog and Updates | Microsoft Azure
• Hunting for Low and Slow Password Sprays Using Machine Learning (ML Deep Dive) (microsoft.com)
• Protecting Public Data and Trust with Azure Security and Microsoft Entra – A State DOJ Case – Microsoft Tech Community
• How Microsoft Helps Prevent Cybersecurity Attacks in Schools | Microsoft EDU
• Disrupting SEABORGIUM’s ongoing phishing operations – Microsoft Security Blog
• Hardware-based threat defense against increasingly complex cryptojackers – Microsoft Security Blog
• Uncovering a ChromeOS remote memory corruption vulnerability – Microsoft Security Blog
• Cyber Signals: Defend against the new ransomware landscape – Microsoft Security Blog
• Cyber Signals: Defend against the new ransomware landscape – Microsoft Security Blog
• Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks – Microsoft Security Blog
• MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone – Microsoft Security Blog
• Microsoft Security highlights from Black Hat USA 2022 – Microsoft Security BlogMERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations – Microsoft Security Blog

Azure Security & Defender for Cloud News

• Container Security (microsoft.com)
• Containers Security Mapping Dashboard – Microsoft Tech Community
• Defender for Cloud Onboarding workbook – Microsoft Tech Community
• SQL Insider Series: Protect your sensitive data using Azure SQL DB | Data Exposed – Microsoft Tech Community
• How to deploy Attack Surface Reduction rules to Azure VMs using Azure Guest Configurations – Microsoft Tech Community
• Getting secrets from Key Vault in YAML pipeline – Microsoft Tech Community
• Enhance Azure Firewall policy management with Tufin SecureTrack integration | Azure Blog and Updates | Microsoft AzureRelease notes for Microsoft Defender for Cloud | Microsoft Docs

Sentinel News

• Detect Masqueraded Process Name Anomalies using an ML notebook – Microsoft Tech Community
• Hunting for Teams Phishing with Microsoft Sentinel, Defender, Microsoft Graph and MSTICPy – Microsoft Tech Community
• What’s New: SOC Process Framework is Now Live in Content Hub! – Microsoft Tech Community
• What’s new in Microsoft Sentinel | Microsoft Docs

Defender for IoT

• What’s new in Microsoft Defender for IoT – Microsoft Defender for IoT | Microsoft Docs

Microsoft 365 Security (All Up News)

• Sysmon v14.0, AccessEnum v1.34, and Coreinfo v3.53 – Microsoft Tech CommunityUsing Microsoft Security APIs for Incident Response – Part 1 – Microsoft Tech Community

M365 Identity & Device Protection (Azure AD, Intune)

• Dynamic automated access with Azure AD entitlement management – Microsoft Tech Community
• Public Preview: Leverage Azure Active Directory Kerberos with Azure Files for hybrid identities – Microsoft Tech Community
• Modernizing Endpoint Management – Encryption – Part1 – Microsoft Tech Community
• Modernizing Endpoint Management – Encryption – Part 2 – Microsoft Tech Community
• Microsoft Entra Verified ID now generally available – Microsoft Tech Community
• Passwordless is here and at scale – Microsoft Tech Community
• TOTP based MFA for Azure AD is now Generally Available! – Microsoft Tech Community
• Authenticating to an Azure CycleCloud Slurm cluster with Azure Active Directory – Microsoft Tech Community
• What’s new? Release notes – Azure Active Directory – Microsoft Entra | Microsoft DocsWhat’s new in Microsoft Intune | Microsoft Docs

M365 Defender (Defender for Office, Defender for Endpoint, Defender for Identity, Defender for Cloud Apps)

• Microsoft Defender for Endpoint Mobile Threat Defense: Privacy Controls, Optional Permissions, and Disable Web Protection
• Track adversaries and improve posture with Microsoft threat intelligence solutions | Azure Blog and Updates | Microsoft Azure
• Exciting Feature Updates to Attack Simulation Training – Microsoft Tech Community
• Protect sensitive SharePoint sites with Defender for Cloud Apps – Microsoft Tech Community
• New Device Health Reporting for Microsoft Defender for Endpoint is now in Public Preview – Microsoft Tech Community
• Microsoft Defender for Endpoint: Tamper protection on macOS
• Microsoft Defender for Endpoint Network Protection and Web Protection for MacOS and Linux
• The new Microsoft 365 Defender APIs in Microsoft Graph are now available in public preview!
• Hunt for compromised Azure subscriptions using Microsoft Defender for Cloud Apps
• Hunt in Microsoft 365 Defender without KQL! – Microsoft Tech Community
• What’s new in Microsoft Defender for Cloud Apps | Microsoft DocsWhat’s new in Microsoft 365 Defender | Microsoft Docs

Azure/M365 Compliance & Governance

• MS Teams Security & Compliance – Information Barrier (IB) – Microsoft Tech Community
• Microsoft Purview DevOps policies enable at scale access provisioning for IT operations – Microsoft Tech Community
• Microsoft Purview Insider Risk Management | Admin Set-up Tutorial
• Co-authoring for files with sensitivity labels is now generally available on Android and iOS devices – Microsoft Tech Community
• Data governance: 5 tips for holistic data protection – Microsoft Security BlogWhat’s new in Microsoft Purview risk and compliance solutions – Microsoft Purview (compliance) | Microsoft Docs