Thibault CHÂTIRON

Cybersecurity

Microsoft Defender ATP support case submission experience

Microsoft is updating the support case submission experience. Currently, the process to submit a support case related to Microsoft Defender ATP goes through the support portal at https://support.microsoft.com. Microsoft announced that they will be rolling out an upgraded support process offering a more modern and advanced support experience through the Microsoft Defender Security Center. How …

0 29 July 2020
MDE
Read more

MDATP for Mac is moving to use system extensions instead of kernel extensions

In preparation for macOS 11 Big Sur, Microsoft is getting ready to release an update to Microsoft Defender ATP for Mac that will leverage new system extensions instead of kernel extensions. Apple will stop supporting kernel extensions starting macOS 11 Big Sur version. Therefore an update to the Microsoft Defender ATP for Mac agent is …

0 29 July 2020
MDE
Read more

TLS 1.0 and 1.1 retirement date in Office 365 to be October 15, 2020

Microsoft is moving all of their online services to Transport Layer Security (TLS) 1.2+ toprovide best-in-class encryption, and to ensure their service is more secure by default. Key Points: Major: Retirement Timing: October 15, 2020 Action: update or replace client devices as appropriate How this affects your organization: Once this change takes affect, all connections …

0 29 July 2020
Microsoft 365
Read more

Office 2013 Client Connectivity to Office 365 Services

Office 2013 clients’ connections to commercial Office 365 services will not be supported after October 13, 2020. After this date, ongoing investments in the Office 365 cloud services – including Exchange Online, SharePoint Online, and OneDrive for Business – will proceed based on post-Office 2013 requirements. Microsoft recommends that organizations with Office 2013 clients consider …

0 28 July 2020
Microsoft 365
Read more

Customization of quarantine notification

Microsoft is making it possible for you to customize quarantine notifications with your organization logo, custom display name, and a custom disclaimer. When this will happen Microsoft will begin rolling this out at the end of July (previously mid-July) and expect to be complete in September. How this will affect your organization Example of custom …

0 28 July 2020
MDO
Read more

Office 365 ATP Campaign View enhancements

Microsoft is making some enhancements to Office 365 campaign views. How this will affect your organization Once rolled out the following enhancements will be available: Malware attacks are now expressed as campaigns and benefit from the same advanced clustering and visualization that phish campaigns have had Campaign timeline is now interactive, allowing inspection of what …

0 28 July 2020
MDO
Read more

Automatically block guest access to new OneDrive and SharePoint files until scans are complete

You can enable Data Loss Prevention (DLP) to automatically block external access to new files in SharePoint Online and OneDrive for Business until those files have been fully scanned for sensitive information. How this will affect your organization This capability is available for all new files uploaded to both OneDrive and SharePoint. When new files …

0 28 July 2020
DLP
Read more

Upcoming Exchange Device Access and Conditional Access changes with Outlook mobile

Recently, Microsoft discovered that certain Azure Active Directory Conditional Access policies prevented Exchange Online device access rules from being applied to Outlook for iOS and Android. For example, customers with a conditional access policy that required Multi-factor authentication (MFA) resulted in Exchange Online not processing device access rules for Outlook for iOS and Android. Beginning …

0 28 July 2020
Conditional Access
Read more

Enhancements to Threat Explorer and real-time detections

When? The rollout will be complete by mid-August. How this will affect your organization These changes include timezone improvements; making the chart legend value a filter; and updates to in-production information. In addition, there is an updated refresh process. Note that you will need to click on the Refresh button to filter results as part …

0 28 July 2020
MDO
Read more

Microsoft Cloud App Security – Release 179 & 180

New anomaly detection: Suspicious OAuth app file download activitiesMicrosoft has extended their anomaly detections to include suspicious download activities by an OAuth app. The new detection is now available out-of-the-box and automatically enabled to alert you when an OAuth app downloads multiple files from Microsoft SharePoint or Microsoft OneDrive in a manner that is unusual …

0 28 July 2020
MCAS
Read more

Hotfix for latest AIP scanner GA version

Microsoft has identified an issue in latest GA version that impacts AIP Scanner. If you run the scanner in Enforce=On mode and “New label” events are not reported in the central logging when the scanner applies a label on previously not labeled file. The 1ç/07, Microsoft released a hotfix version 2.7.99.0 for this issue on …

0 27 July 2020
AIP
Read more

Office 365 ATP recommended configuration analyzer version 1.9 released

New version 1.9.11 of ORCA (Office 365 Recommended Configuration Analyzer) ready for download: https://powershellgallery.com/packages/ORCA/ Improvements : Check if enhanced filtering is turned on (mportant if you have a solution in-front of EOP/ATP) Check for duplicate anti-malware policiesCheck for duplicate anti-malware policies Check for duplicate anti-spam policies Check for duplicate anti-phishing policies Check Safe Attachments Policy …

0 21 July 2020
MDO
Read more

New Identity security posture assessments in MCAS and Azure ATP

Two new identity security posture assessments now available for Azure ATP customers: Riskiest lateral movement paths: Unsecure account attributes: specific attributes that cause unwanted security risk for your accounts. Lateral movement paths Remediation Remove the entity from the group as specified in the recommendation. Remove the local administrator permissions for the entity from the device …

0 30 June 2020
Azure ATP[…]
Read more

LAPS usage in MCAS and Azure ATP

New capability of Azure ATP integrated with Microsoft Cloud App Security to detect devices not protected by Local Administrator Password Solution (LAPS). LAPS is a great tool against cyber-attacks and helps you change automatically local administrator password on domain joined machines and saves the password to Active Directory computer account. It will generate a report …

0 30 June 2020
Azure ATP[…]
Read more

Microsoft Cloud App Security – Release 178

New security configurations for Google Cloud Platform (gradual rollout)Microsoft has expanded our multi-cloud security configurations to provide security recommendations for Google Cloud Platform, based on the GCP CIS benchmark. With this new capability, Cloud App Security provides organizations with a single view for monitoring the compliance status across all cloud platforms, including Azure subscriptions, AWS …

0 29 June 2020
MCAS
Read more

Microsoft Defender ATP for Linux [General Availability]

Today, Microsoft announced general availability of Microsoft Defender Advanced Threat Protection for Linux! Supported platforms RHEL 7.2+ CentOS Linux 7.2+ Ubuntu 16 LTS, or higher LTS SLES 12+ Debian 9+ Oracle Linux 7.2 Prerequisites Microsoft Defender ATP for Linux requires the Microsoft Defender ATP for Servers license Integration You will need to dowload the package …

0 23 June 2020
MDE
Read more

Microsoft Defender ATP for Android [Public Preview]

Following my previous article : https://thibaultchatiron.fr/2020/05/01/microsoft-defender-atp-capabilities-on-mobile-public-preview/ Today, Microsoft announced the public preview of their mobile threat defense capabilities with Microsoft Defender ATP for Android Key Capabilities Web protection Malware scanning Blocking access to sensitive data Unified SecOps experience Prerequisites Turn on the preview experience setting to be among the first to try upcoming features. In …

0 23 June 2020
MDE
Read more

Safe documents – Office 365 ATP [General Availability]

Safe Documents is a new feature that improves the existing Protected View experience. The feature automatically verifies the document against the latest known risks and threats before allowing users to leave the Protected View container.  Prerequisites Microsoft 365 E5 This feature is off by default and needs to be enabled by a Security Administrator Integration …

0 22 June 2020
MDE[…]
Read more

New alert page in Microsoft Defender ATP [Public Preview]

Introducing the newly redesigned alerts page in the Microsoft Defender Security Center! With the updated UI, you’ll be able to more effectively triage, investigate, and take actions on alerts The new page constructs a detailed alert story which will provide : Improved focus – is now at the forefront so that analysts have less clicks …

0 17 June 2020
MDE
Read more

MTP Advance Hunting Cheat Sheet

The purpose of this cheat sheet is to cover commonly used threat hunting queries that can be used with Microsoft Threat Protection. Microsoft Threat Protection has a threat hunting capability that is called Advance Hunting (AH). AH is based on Azure Kusto Query Language (KQL). The cheat sheet consist of some of the most frequently …

0 17 June 2020
AIP[…]
Read more

Thibault CHÂTIRON

Expert Sécurité

À propos de moi

Follow Blog via Email

Enter your email address to follow this blog and receive notifications of new posts

Categories
AADConnect AIP Application Guard Azure Azure ATP Blockchain Conditional Access Copilot Delve DLP eDiscovery EntraID ethereum Exchange Online Graph API Guest Hello For Business Information barriers Insider Risk Management Intune MCAS MDE MDI MDO MFA Microsoft 365 Microsoft Threat Protection Non classé OneDrive Passwordless Prim'X Purview Sentinel SharePoint Online Solidity SSPR Windows Zed
Recent Posts
November 2024
M T W T F S S
 123
45678910
11121314151617
18192021222324
252627282930  
Categories
Archives

©  2024 Thibault Chatiron