July 30, 2015
Many large organizations are required to do security reviews (what we identity geeks commonly call "attestation campaigns") to prove that only the correct employees have access to specific important resources in order to meet government and industry compliance requirements. We've received a LOT of requests from customers to add support for this kind of campaign for the privileged roles in Azure AD, Intune and Office 365.
July 27, 2015
Last week Great SMB311 Protocol session from Channel 9:
July 22, 2015
Microsoft are nearing the finish line. Microsoft Advanced Threat Analytics will be generally available in August 2015:
A great post from Tim Rains Cyber Trust Blog:
July 21, 2015
This security update resolves a vulnerability in Microsoft Windows.
Vulnerability in Microsoft Font Driver Could Allow Remote Code Execution
The vulnerability could allow remote code execution if a user opens a specially crafted document or visits an untrusted webpage that contains embedded OpenType fonts.
July 20, 2015
Microsoft has acquired yet another Israeli company. The company has reportedly bought Israeli security company, Adallom for $320 million – the largest acquisition made by Microsoft in the country so far.
July 19, 2015
Microsoft announced that this week ESET became part of the Azure Marketplace Security VM Extensions family.
By provisioning ESET File Security as VM extension, users can get the enhanced security and experience of ESET. Their Solution, designed specifically for Windows Server is expanded to an even larger user base – business customers hosting their virtual server infrastructure in Azure. ESET File Security is another example of the possibilities to enrich and expand the Azure VMs features using the VM Extension technology.
By Using that Feature Customers can move their current Licenses and expand their workloads to Microsoft Azure.
July 14, 2015
Microsoft released 4 new security critical bulletins for July 2015:
MS15-065 Security Update for Internet Explorer (3076321)
MS15-066 Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution (3072604)
MS15-067 Vulnerability in RDP Could Allow Remote Code Execution (3073094)
MS15-068 Vulnerabilities in Windows Hyper-V Could Allow Remote Code Execution (3072000)
July 12, 2015
While installing ADFS I facing the "The SPN required for this Federation Service is already set on another Active Directory account. Choose a different Federation Service name and try again."
It is probably because I used the "Create Self-Signed Certificate" feature in IIS Managed to create the SSL certificate required by ADFS.
The issue that creating the SSL certificate this way causes is that the created certificate has a subject that matches exactly My computer name.
The issue solve when, create a self signed certificate using the makecert.exe tool using a wildcard like so:
makecert.exe -n "CN=*.contoso.local" -pe -r -sv ADFS.pvk ADFS.cer
July 8, 2015
Azure Active Directory provides you a compelling set of activity, security and audit reports that you can access through the Reports tab in the Azure Management portal.
in order to pull the data into SIEM systems, custom dashboards, Excel, Power BI, etc.
Yesterday, Microsoft thrilled to announce the public preview of the Azure AD Reporting API. Using this set of REST APIs you can now programmatically access data from Azure AD reports in a format best suited to your specific needs.