Need to Know podcast–Episode 327

Some Copilot and Security updates this week as well as some handy information about Microsoft OneNote and Loop, plus a whole lot more. Listen for all the latest cloud news from Microsoft.

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-327-second-brain/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

or Spotify:

https://open.spotify.com/show/7ejj00cOuw8977GnnE2lPb

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.

Brought to you by www.ciaopspatron.com

Resources

@directorcia

Join my shared channel

CIAOPS merch store

Become a CIAOPS Patron

The art and science behind Microsoft threat hunting: Part 3

North Korean threat actor Citrine Sleet exploiting Chromium zero-day

Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations

Microsoft Announces Windows Endpoint Security Ecosystem Summit With CrowdStrike on September 10

What’s new: Multi-tenancy in the unified security operations platform experience in Public Preview

Harnessing the power of KQL Plugins for enhanced security insights with Copilot for Security

Critical Cloud Assets: Identifying and Protecting the Crown Jewels of your Cloud

What’s new in Microsoft Intune August 2024

Support Tip: Enforcement of multifactor authentication for Intune admin center sign-in coming soon

What’s New in Copilot | August 2024

Getting started with LLM prompt engineering

How to draft an email with Copilot – New Outlook for Windows

OneNote Copilot now supports inked notes

OneNote as a Second Brain (What You’re Missing)

OneNote iOS Widgets

Introducing SharePoint design ideas

Loop overview Almost everything you need to know to start with Microsoft Loop

Level up your project management with Loop

CIAOPS Brief 20240831

Customer Service: Embed Copilot for Service into Microsoft 365 –

https://www.youtube.com/watch?v=sr857daYOEQ

The art and science behind Microsoft threat hunting: Part 3 –

https://www.microsoft.com/en-us/security/blog/2024/08/28/the-art-and-science-behind-microsoft-threat-hunting-part-3/

North Korean threat actor Citrine Sleet exploiting Chromium zero-day –

https://www.microsoft.com/en-us/security/blog/2024/08/30/north-korean-threat-actor-citrine-sleet-exploiting-chromium-zero-day/

What’s New in Copilot | August 2024 –

https://techcommunity.microsoft.com/t5/copilot-for-microsoft-365/what-s-new-in-copilot-august-2024/ba-p/4226565

How energy firms power the world with secure Microsoft technologies –

https://www.microsoft.com/en-us/industry/blog/energy-and-resources/2024/08/29/how-energy-firms-power-the-world-with-secure-microsoft-technologies/

OneNote Copilot now supports inked notes –

https://insider.microsoft365.com/en-us/blog/onenote-copilot-now-supports-inked-notes

Getting started with LLM prompt engineering –

https://learn.microsoft.com/en-us/ai/playbook/technology-guidance/generative-ai/working-with-llms/prompt-engineering

Get started with security settings –

https://www.youtube.com/watch?v=QJVHNfvzXrc

Peach Sandstorm deploys new custom Tickler malware in long-running intelligence gathering operations –

https://www.microsoft.com/en-us/security/blog/2024/08/28/peach-sandstorm-deploys-new-custom-tickler-malware-in-long-running-intelligence-gathering-operations/

Save ingestion costs by splitting logs into multiple tables and opting for the basic tier! –

https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/save-ingestion-costs-by-splitting-logs-into-multiple-tables-and/ba-p/4230861

Research Analysis and Guidance: Ensuring Android Security Update Adoption –

https://techcommunity.microsoft.com/t5/microsoft-defender-vulnerability/research-analysis-and-guidance-ensuring-android-security-update/ba-p/4216714

Set up your Android for work –

https://www.youtube.com/watch?v=qJx2Iwn118g

Introducing SharePoint design ideas –

https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/introducing-sharepoint-design-ideas/ba-p/4161895

After hours

OneNote as a Second Brain (What You’re Missing)

– https://www.youtube.com/watch?v=9m8EGJGYMAY

Editorial

If you found this valuable, the I’d appreciate a ‘like’ or perhaps a donation at https://ko-fi.com/ciaops. This helps me know that people enjoy what I have created and provides resources to allow me to create more content. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week

August Microsoft 365 Webinar resources

The slides from this month’s webinar are available at:

https://github.com/directorcia/general/blob/master/Presentations/Need%20to%20Know%20Webinars/202408.pdf

If you are not a CIAOPS patron you want to view or download a full copy of the video from the session you can do so here:

http://www.ciaopsacademy.com.au/p/need-to-know-webinars

Watch out for next month’s webinar

Key Topics:

Power Automate: Robert discussed the capabilities and benefits of using Power Automate for automating tasks and connecting to many data services, emphasizing its low-code/no-code nature and the potential for significant time and cost savings in business processes. 48:17
Desktop Flows: Robert introduced Desktop Flows as a feature of Power Automate, highlighting its utility for automating desktop tasks and integrating with legacy systems, and mentioned its availability on Windows 11 and for download on other versions. 47:48
Copilot for Power Automate: Robert mentioned the inclusion of Copilot for Power Automate, which aids in creating automation processes through AI, emphasizing its availability at no additional cost within Power Automate licenses. 46:26
Concerns with Power Automate Service: Robert experienced technical difficulties during the demonstration of Power Automate, indicating a temporary service issue, which impacted the ability to showcase certain features live. 51:04

Check Windows Attack Surface Reduction (ASR) enablement

Windows Attack Surface Reduction (ASR) is an excellent method to improve the security of your Windows devices for free. It is not generally enabled by default and my free script here:

https://github.com/directorcia/Office365/blob/master/win10-asr-get.ps1

enables you to quickly see whether all the ASR rules are enabled for your Windows device.

The script also has other reference links you can use if you then wish to enable ASR in your environment. Always be careful enabling something like this without at least putting it in audit mode first to determine any impact in your production environment.

The video run through above and here:

https://www.youtube.com/watch?v=1KLGsNuz088

hopefully give you a better idea about what the script can accomplish for you.

CIAOPS Brief 20240817

How to draft an email with Copilot – New Outlook for Windows –

https://www.youtube.com/watch?v=R7TNInXiqUY

Protecting the Amazon from deforestation with Microsoft AI –

https://www.youtube.com/watch?v=91_ZULhScRc

Microsoft Announces Windows Endpoint Security Ecosystem Summit With CrowdStrike on September 10 –

https://www.thurrott.com/cloud/307481/microsoft-announces-windows-endpoint-security-ecosystem-summit-with-crowdstrike-on-september-10

Level up your project management with Loop –

https://techcommunity.microsoft.com/t5/microsoft-365-events/level-up-your-project-management-with-loop/ev-p/4202537

How to share your calendar – New Outlook for Windows –

https://www.youtube.com/watch?v=k8_ZWH-FNZk

What’s new: Multi-tenancy in the unified security operations platform experience in Public Preview –

https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/what-s-new-multi-tenancy-in-the-unified-security-operations/ba-p/4225658

Loop overview Almost everything you need to know to start with Microsoft Loop –

https://www.youtube.com/live/zNp7JjfGW10

What’s new in Microsoft Intune August 2024 –

https://techcommunity.microsoft.com/t5/microsoft-intune-blog/what-s-new-in-microsoft-intune-august-2024/ba-p/4225086

Critical Cloud Assets: Identifying and Protecting the Crown Jewels of your Cloud –

https://techcommunity.microsoft.com/t5/security-compliance-and-identity/critical-cloud-assets-identifying-and-protecting-the-crown/ba-p/4222198

More magical experiences from AI-powered Edge to personalize and streamline the way you browse –

https://blogs.windows.com/msedgedev/2024/06/20/ai-powered-edge-to-personalize-and-streamline-browsing/

Harnessing the power of KQL Plugins for enhanced security insights with Copilot for Security –

https://techcommunity.microsoft.com/t5/microsoft-security-copilot-blog/harnessing-the-power-of-kql-plugins-for-enhanced-security/ba-p/4221891

OneNote iOS Widgets –

https://support.microsoft.com/en-us/office/onenote-ios-widgets-34b31a97-515d-4a6f-bcf4-9472aae43adb

Comprehensive coverage and cost-savings with Microsoft Sentinel’s new data tier –

https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/comprehensive-coverage-and-cost-savings-with-microsoft-sentinel/ba-p/4223293

Unlock inline PowerShell capabilities to streamline Logic Apps workflows –

https://techcommunity.microsoft.com/t5/azure-integration-services-blog/unlock-inline-powershell-capabilities-to-streamline-logic-apps/ba-p/4220187

Support Tip: Enforcement of multifactor authentication for Intune admin center sign-in coming soon –

https://techcommunity.microsoft.com/t5/intune-customer-success/support-tip-enforcement-of-multifactor-authentication-for-intune/ba-p/4220014

Introducing the MDTI Premium Data Connector for Sentinel –

https://techcommunity.microsoft.com/t5/microsoft-defender-threat/introducing-the-mdti-premium-data-connector-for-sentinel/ba-p/4220346

After hours

Destroying Camp CrunchLabs!- Week 12 Final Episode – https://www.youtube.com/watch?v=8_nChhKhx0U

Editorial

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week

Get Teams meeting Attendees [VIDEO]

A while back I wrote a script that allows you to report attendees of a Teams meeting with PowerShell:

https://blog.ciaops.com/2023/05/25/get-teams-meeting-attendees-via-powershell-and-the-microsoft-graph/

I have now done a video here:

https://www.youtube.com/watch?v=M0GBzGT3Igk

to provide a walk through of what the execution of that script looks like. The script is located at:

https://github.com/directorcia/Office365/blob/master/tms-attend-get.ps1

CIAOPS Need to Know podcast now available on Spotify

Spotify

I’m very happy to announce that my CIAOPS Need to Know podcast is now available on Spotify. You will find it here:

https://open.spotify.com/show/7ejj00cOuw8977GnnE2lPb

The reason for it taking this long was that Spotify only accepts audio only podcasts and while back I did a number of episodes that included video. Thus, MP4 vs MP3 versions prevented them being available on Spotify.

No longer. Subscribe and listen in to all the latest news from the Microsoft Cloud with a focus on SMB.

Need to Know podcast–Episode 326

You are going to need to update any global administrator account that doesn’t have MFA enabled soon. Failing to do so will cause you some pain when you visit the Azure, EntraID or Intune portal. See the included article for more details. This and lots of Microsoft cloud news in this episode including some great improvements to Microsoft Teams.

ou can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-326-mfa-for-all/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.

Brought to you by www.ciaopspatron.com

Resources

@directorcia

Join my shared channel

CIAOPS merch store

Become a CIAOPS Patron

Announcing mandatory multi-factor authentication for Azure sign-in

Moving to OneNote on Windows

Microsoft Defender for Endpoint’s Safe Deployment Practices

Updates to Microsoft Copilot to bring enterprise data protection to more organizations

Reimagining content management at Microsoft with SharePoint Premium

Give a custom name to the General channel in Microsoft Teams

Enhanced presenter and attendee experience with the expanded gallery view in Teams

Face Check is now generally available

Show or hide the Discover feed in Microsoft Teams

Exploring the latest AI features in Clipchamp

Professional project management with Microsoft Planner

How Microsoft and NIST are collaborating to advance the Zero Trust Implementation

Detect compromised RDP sessions with Microsoft Defender for Endpoint

Enhancements to the Outbound Messages in Transit Security Report

Key Topics:

Mandatory Multi-Factor Authentication (MFA): Robert discussed the recent announcement by Microsoft regarding mandatory MFA for Azure sign-ins, affecting Azure portal and dependencies like Intune. He emphasized the need for configuring MFA for break glass accounts without it, suggesting options like Microsoft Authenticator, passkey, or Fido key hardware token. The deadline for compliance is mid-October. 1:16
OneNote on Windows Update: Robert shared updates on OneNote for Windows, indicating a shift from the Windows 10 standalone version to a continued development of the desktop edition, incorporating features from the Windows 10 edition. He recommended reviewing a specific Microsoft article for more details. 3:24
Microsoft Defender for Endpoint: Robert highlighted the importance of safe deployment practices for Microsoft Defender for Endpoint, referencing a Microsoft article that provides guidance on staged rollouts and managing engine updates. 4:15
Enterprise Data Protection: Robert mentioned updates to Copilot aimed at bringing enterprise data protection to more organizations. He noted some confusion between commercial and enterprise data protection but underscored the importance of securing Microsoft 365 accounts. 4:48
SharePoint Premium: Robert discussed the rebranding of SharePoint syntax to SharePoint Premium, detailing new features like autofill columns, document processing, and OCR. He also mentioned the cost-effective aspect of tying syntax usage to an Azure subscription for SMBs. 5:53
Custom Naming for General Channel in Teams: Robert shared a new feature in Microsoft Teams allowing users to give custom names to the general channel, addressing a long-standing request from users for more descriptive channel naming. 7:18
Enhanced Presenter and Attendee Experience in Teams: Robert praised the enhanced presenter and attendee experience in Teams, highlighting the ability for presenters to see what their screen is displaying to the audience. 7:47
Face Check Availability: Robert announced the general availability of Face Check, a facial recognition feature for secure app sign-ins. He speculated on its potential as an MFA replacement and encouraged exploring its integration with apps. 8:26
AI Enhancements in ClipChamp: Robert discussed new AI features in ClipChamp, such as background removal, enhancing the tool’s viability for users working with images and videos within Microsoft 365 subscriptions. 10:07
Planner Updates: Robert touched on updates to Planner, including a new interface and integration with Copilot for Microsoft 365, suggesting it as a useful tool for project management within teams. 10:39
Collaboration on Zero Trust Implementations: Robert mentioned a blog post detailing collaboration between Microsoft and NIST on advancing Zero Trust implementations, emphasizing the “trust no one” approach to security. 11:23
Detecting Compromised RDP Sessions: Robert highlighted Defender for Endpoint’s capability to detect compromised RDP sessions, sharing suggestions and KQL queries for identifying such sessions. 12:05