CIA Brief 20241116

If you found this valuable, the I’d appreciate a ‘like’ or perhaps a donation at https://ko-fi.com/ciaops. This helps me know that people enjoy what I have created and provides resources to allow me to create more content. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week

Remembrance action

It is once again Remembrance day. The 11th of November. Over 110 years since the beginning of the war that we remember coming to an end on this date. Although the growth in the reverence of remembrance is always a positive thing to witness, perhaps the core reason of why we should actually remember are being lost.

One would suggest that the reason that we enshrine remembrance day is to ensure that we learn from the tragedy of the past and the waste of human life over simple failures of diplomacy and tolerance. We have lost that generation that could readily remind us of the true impact of such events and the misplaced belief that such conflicts are ‘glorious’ in victory.

Alas, we seem to be deaf to the message from our past. We seem to failing to work together for the benefit of all. Instead, we seem to accept a world today that is probably more embroiled in conflicts that it has been for a long time. Unfortunately, unless we are directly affected, we tend to turn a blind eye and hope that it will all go away and never come knocking.

In truth, our guiding voice should be our ancestors who experienced the horrors of war and survived to warn us that there is nothing glorious about war. There is nothing glorious about the countless war graves. Any rational modern human being has an innate fear of dying, yet also seem to be unwilling to reduce such risk by taking positive steps to mitigating conflict wherever it is present.

Remembrance should not be a simple act once a year. To truly take part it needs to become part of our everyday. It needs to be reflected with everyone we deal with on a daily basis, especially those we may not always agree with. Our judgement will be made on how we treat others, not on how we remember history.

Our reverence for remembrance should be rooted in the present. It should however also show in our actions with others, both friend and foe. Only by de-escalating conflicts with understand and tolerance can we ever hope to avoid the terrible tragedy that humanity seems to too often readily fall into. It is up to us to avoid such tragedies that the past reminds us regularly are still close at hand.

History reminds how easily things can get out of control and how many innocent lives can be lost for little consequence. We have the power to choose what the outcome will be. How are you exercising your choice?

Lest We Forget.

If you are interested in the history of the ANZAC battlefields of World War One visit my site – http://www.anzacsinfrance.com/

Need to Know podcast–Episode 331

Microsoft Ignite is just around the corner but still plenty of updates coming from Microsoft prior to their big tech event. Listen and stay up to date with everything that is happening in the Microsoft Cloud.

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-331-team-chat-gets-a-make-over/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

or Spotify:

https://open.spotify.com/show/7ejj00cOuw8977GnnE2lPb

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.

Brought to you by www.ciaopspatron.com

Resources

@directorcia

Join my shared channel

CIAOPS merch store

Become a CIAOPS Patron

Streamline collaboration with the new chat and channels experience in Microsoft Teams

How to manage false positives – Microsoft Defender for Office 365

Get started with false negative investigations in Microsoft Defender for Office 365

How to investigate email messages in Microsoft Defender for Office 365

How to use the Alert page – Microsoft Defender XDR

Defender XDR Monthly news – November 2024

How Microsoft Defender for Office 365 innovated to address QR code phishing attacks

Skill up to strengthen your organizations cybersecurity posture

Manage Microsoft Entra ID role assignments with Microsoft Entra ID Governance

Announcing General Availability of Inbound SMTP DANE with DNSSEC for Exchange Online

Coming in December: SC-5004: Defend against cyberthreats with Microsoft Defender XDR

What’s new in Copilot Studio: November

New Copilot agents: Supercharge Microsoft 365 Copilot

A strategic approach to assessing your AI readiness

Supercharge productivity with Microsoft 365 Copilot

AI safety first: Protecting your business and empowering your people

Microsoft 365 Copilot — Small Business Guide to Set Up Copilot

Quick actions with Copilot now at your fingertips in OneNote

Stay focused in an action-packed meeting with Microsoft 365 Copilot in Teams

How to prepare for Windows 10 end of support by moving to Windows 11 today

Github Copilot updates

A year of innovation- and feedback-driven features in Microsoft Word

Updated management features roll out for Microsoft Intune Suite

Afterhours

Apple intelligence – catch up

CIA Brief 20241109

How to manage false positives – Microsoft Defender for Office 365 –

https://www.youtube.com/watch?v=yuduVj6wvsw

What’s new in Copilot Studio: November –

https://www.microsoft.com/en-us/microsoft-copilot/blog/copilot-studio/whats-new-in-copilot-studio-november/

A strategic approach to assessing your AI readiness –

https://www.microsoft.com/en-us/microsoft-cloud/blog/2024/11/06/a-strategic-approach-to-assessing-your-ai-readiness/

Welcome Guide for Microsoft 365 –

https://www.youtube.com/watch?v=8rOpWvtxeh0

Introducing Exchange Online Delicensing Resiliency to protect against unintended delicensing actions –

https://techcommunity.microsoft.com/blog/exchange/introducing-exchange-online-delicensing-resiliency-to-protect-against-unintended/4082759

Microsoft 365 Copilot delivers productivity gains with Australian public servants –

https://news.microsoft.com/en-au/features/microsoft-365-copilot-delivers-productivity-gains-with-australian-public-servants/

Get started with false negative investigations in Microsoft Defender for Office 365 –

https://www.youtube.com/watch?v=sFMAI8MeDKQ

Transform ideas into impactful presentations with Microsoft 365 Copilot in PowerPoint –

https://www.youtube.com/watch?v=URejjkO-JC8

Defender XDR Monthly news – November 2024 –

https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/monthly-news-november-2024/ba-p/4286159

How Microsoft Defender for Office 365 innovated to address QR code phishing attacks –

https://www.microsoft.com/en-us/security/blog/2024/11/04/how-microsoft-defender-for-office-365-innovated-to-address-qr-code-phishing-attacks/

Supercharge productivity with Microsoft 365 Copilot –

https://www.youtube.com/watch?v=OMJo7BpTzmM

How to prepare for Windows 10 end of support by moving to Windows 11 today –

https://blogs.windows.com/windowsexperience/2024/10/31/how-to-prepare-for-windows-10-end-of-support-by-moving-to-windows-11-today/

After hours

Polaris Dawn – https://www.youtube.com/watch?v=MaJmUUtr2SI

Editorial

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week

New Secure Score report script

I have created a new script that uses the modern Microsoft Graph method to report all the Secure Score items and rather than me explaining what the script does I’ll turn it over to Github Copilot.

<Enter Github Copilot>

This PowerShell script, mggraph-ssdescpt-get.ps1, is designed to interact with the Microsoft Graph API to retrieve and display secure score results. Here’s a step-by-step explanation of its operation and function:

Start Transcript:

start-transcript “..\mggraph-ssdescpt-get.txt”

This line starts recording all commands and their output to a transcript file.
Check Microsoft Graph Connection:

try {

    $context = get-mgcontext -ErrorAction Stop

}

catch {

    write-host -foregroundcolor $errormessagecolor “Not connected to Microsoft Graph. Please connect to Microsoft Graph first using connect-mggraph`n”

if ($prompt) {stop-transcript}

exit

}

if (-not $context) {

    write-host -foregroundcolor $errormessagecolor “Not connected to Microsoft Graph. Please connect to Microsoft Graph first using connect-mggraph`n”

if ($prompt) {stop-transcript}

exit

}

write-host -foregroundcolor $processmessagecolor “Connected to Microsoft Graph”

write-host ” – Connected account =”,$context.Account,”`n”

if ($prompt) { pause }

This block checks if the Microsoft Graph module is installed and if the user is connected to Microsoft Graph. If not, it prompts the user to connect and exits the script.
Set API Endpoint and Method:

$uri = “https://graph.microsoft.com/beta/security/securescores”

$method = “GET”

write-host -foregroundcolor $processmessagecolor “Run Graph API Query”

The script sets the URI for the Microsoft Graph API endpoint to retrieve secure scores and specifies the HTTP method as GET.
Invoke API Request:

$query = Invoke-MgGraphRequest -Uri $URI -method $method -ErrorAction Stop

This line sends a request to the Microsoft Graph API to get secure score results.
Process and Display Results:

$names = $query.value[0].controlscores          # get the most current secure score results

$item = 0

write-host -foregroundcolor $processmessagecolor “Display results`n”

foreach ($control in $names) {

    $item++

    write-host -foregroundcolor green -BackgroundColor Black “`n*** Item”, $item, “***”

    write-host “Control Category     : “, $control.controlCategory

    write-host “Control Name         : “, $control.controlName

    write-host “Control Score        : “, $control.Score

    write-host “Control Description : “, $control.Description

    write-host “Control On           : “, $control.on

    write-host “Implementation status: “, $control.implementationstatus

    write-host “Score in percentage : “, $control.scoreinpercentage

    write-host “Last synced          : “, $control.lastsynced

    write-host “`n”

if ($prompt) { pause }

}

The script extracts the secure score results from the API response and iterates through each control score, displaying detailed information about each control.
Complete Script:

write-host -foregroundcolor $systemmessagecolor “`nScript Completed`n”

if ($prompt) {stop-transcript}

Finally, the script indicates completion and stops the transcript if the $prompt variable is set.

In summary, this script connects to Microsoft Graph, retrieves secure score data, and displays detailed information about each control score in the console.

Output

use the –prompt command line option to pause output.

CIAOPS Brief 20241102

How to investigate email messages in Microsoft Defender for Office 365 –

https://www.youtube.com/watch?v=5hA7VfaMvqs

New Copilot agents: Supercharge Microsoft 365 Copilot –

https://techcommunity.microsoft.com/t5/microsoft-365-copilot/new-copilot-agents-supercharge-microsoft-365-copilot/ba-p/4266995

Microsoft builds first datacenters with wood to slash carbon emissions –

https://news.microsoft.com/source/features/sustainability/microsoft-builds-first-datacenters-with-wood-to-slash-carbon-emissions/

Github Copilot updates –

https://t.co/79ZZFQss4o

A year of innovation- and feedback-driven features in Microsoft Word –

https://techcommunity.microsoft.com/t5/microsoft-365-insider-blog/a-year-of-innovation-and-feedback-driven-features-in-microsoft/ba-p/4282272

AI safety first: Protecting your business and empowering your people –

https://www.microsoft.com/en-us/microsoft-cloud/blog/2024/10/31/ai-safety-first-protecting-your-business-and-empowering-your-people/

Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network –

https://www.microsoft.com/en-us/security/blog/2024/10/31/chinese-threat-actor-storm-0940-uses-credentials-from-password-spray-attacks-from-a-covert-network/

Microsoft now a Leader in three major analyst reports for SIEM –

https://techcommunity.microsoft.com/t5/security-compliance-and-identity/microsoft-now-a-leader-in-three-major-analyst-reports-for-siem/ba-p/4278853

How Copilots are helping customers and partners drive pragmatic innovation to achieve business results that matter –

https://blogs.microsoft.com/blog/2024/10/29/how-copilots-are-helping-customers-and-partners-drive-pragmatic-innovation-to-achieve-business-results-that-matter/

Updated management features roll out for Microsoft Intune Suite –

https://techcommunity.microsoft.com/t5/microsoft-intune-blog/updated-management-features-roll-out-for-microsoft-intune-suite/ba-p/4279721

Responsible AI Mitigation Layers –

https://techcommunity.microsoft.com/t5/microsoft-developer-community/responsible-ai-mitigation-layers/ba-p/4281878

Refreshing the Meeting Details experience in OneNote for Mac and iPad –

https://techcommunity.microsoft.com/t5/microsoft-365-insider-blog/refreshing-the-meeting-details-experience-in-onenote-for-mac-and/ba-p/4282286

Skill up to strengthen your organizations cybersecurity posture –

https://techcommunity.microsoft.com/t5/microsoft-learn-blog/skill-up-to-strengthen-your-organizations-cybersecurity-posture/ba-p/4090397

Smart card redirection support for YubiKeys in Windows App on iOS –

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/smart-card-redirection-support-for-yubikeys-in-windows-app-on/ba-p/4281574

Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files –

https://www.microsoft.com/en-us/security/blog/2024/10/29/midnight-blizzard-conducts-large-scale-spear-phishing-campaign-using-rdp-files/

Microsoft 365 Copilot — Small Business Guide to Set Up Copilot –

https://officegarageitpro.medium.com/microsoft-365-copilot-small-business-guide-to-set-up-copilot-e56d8e1c24a5

Quick actions with Copilot now at your fingertips in OneNote –

https://techcommunity.microsoft.com/t5/microsoft-365-insider-blog/quick-actions-with-copilot-now-at-your-fingertips-in-onenote/ba-p/4278675

How to use the Alert page – Microsoft Defender XDR –

https://www.youtube.com/watch?v=cR9AVR548Ls

Stay focused in an action-packed meeting with Microsoft 365 Copilot in Teams –

https://www.youtube.com/watch?v=4AqLS8NWJZw

Manage Microsoft Entra ID role assignments with Microsoft Entra ID Governance –

https://techcommunity.microsoft.com/t5/microsoft-entra-blog/manage-microsoft-entra-id-role-assignments-with-microsoft-entra/ba-p/4120307

Announcing General Availability of Inbound SMTP DANE with DNSSEC for Exchange Online –

https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-general-availability-of-inbound-smtp-dane-with-dnssec/ba-p/4281292

Coming in December: SC-5004: Defend against cyberthreats with Microsoft Defender XDR –

https://techcommunity.microsoft.com/t5/ilt-communications-blog/coming-in-december-sc-5004-defend-against-cyberthreats-with/ba-p/4281365

Streamline collaboration with the new chat and channels experience in Microsoft Teams –

https://www.microsoft.com/en-us/microsoft-365/blog/2024/10/28/streamline-collaboration-with-the-new-chat-and-channels-experience-in-microsoft-teams/

Need to Know podcast–Episode 330 –

https://blog.ciaops.com/2024/10/28/need-to-know-podcast-episode-330/

After hours

Introducing ChatGPT search – https://openai.com/index/introducing-chatgpt-search/

Editorial

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week

October Microsoft 365 Webinar resources

The slides from this month’s webinar are available at:

https://github.com/directorcia/general/blob/master/Presentations/Need%20to%20Know%20Webinars/202408.pdf

If you are not a CIAOPS patron you want to view or download a full copy of the video from the session you can do so here:

http://www.ciaopsacademy.com.au/p/need-to-know-webinars

Watch out for next month’s webinar.

Recap by Copilot:

Key Topics:

Microsoft 365 Updates: Robert Crane discussed the upcoming new chat and channels experience in Microsoft Teams, highlighting the increased flexibility in setup and configuration, including features like dragging contacts and favoriting conversations. 1:21
Security Baselines: Robert Crane recommended the CIS A’s Scuba Gear Baselines for assessing Microsoft 365 environments, which provides a PowerShell script to generate a detailed HTML report on security status. 2:06
Autonomous Agents: Robert Crane announced the upcoming availability of autonomous agents for those with Copilot subscriptions, which will allow for automated AI processes triggered by specific events, enhancing business automation. 2:37
Copilot Studio Webinar: Robert Crane is considering conducting a full webinar on Copilot Studio around the Christmas-New Year break and invited attendees to express their interest in such a session. 3:39
Microsoft 365 Insider Handbook: Robert Crane mentioned a cheat sheet for using Insider capabilities in Microsoft 365, which provides early access to new features and updates from Microsoft. 4:05
SharePoint Overview: Robert Crane provided an in-depth overview of SharePoint, explaining its role as the technology behind file storage in Microsoft 365, and its integration with services like OneDrive and Team Sites. 4:56
File System Structure: Robert Crane emphasized the importance of structuring the file system in SharePoint, recommending a lean and mean approach to file storage and the use of OneDrive for Business as a sandbox environment for individuals. 5:33
OneDrive vs. Team Sites: Robert Crane clarified the differences between OneDrive for Business and SharePoint Team Sites, explaining that OneDrive is for personal storage while Team Sites are for shared storage among groups within an organization. 9:53
Storage Allocation: Robert Crane explained the storage allocation in Microsoft 365, where each user gets one terabyte of personal storage in OneDrive for Business, and the organization gets one terabyte plus 10 gigabytes per licensed user for shared storage. 12:26
SharePoint Permissions: Robert Crane detailed the permissions structure in SharePoint, which is similar to file servers, with inherited permissions from the parent site collection and the ability to assign permissions at various levels. 19:16
Sharing Information: Robert Crane explained the different options for sharing information in SharePoint, including sharing with anyone via a link, people inside the organization, and specific people, with options for editing, read-only access, and additional security measures. 24:08
File Synchronization: Robert Crane discussed the file synchronization feature in Microsoft 365, which allows users to synchronize files to their local machines with the option of files on demand to save local storage space. 26:09
Version Control: Robert Crane highlighted the version control feature in SharePoint, which keeps 500 versions of each file by default, allowing users to roll back to previous versions as needed. 27:32
Recycle Bin: Robert Crane explained the recycle bin feature in SharePoint, where deleted files are stored for up to 93 days, with the ability to restore files within the first 30 days using the built-in interface. 28:38

Recent presentation resources

I recently did two presentations for which the resources can be found at:

What most IT Pros overlook when configuring Microsoft 365

Microsoft 365 has a huge range of features that are designed to help keep users safe. Many of these are not fully enabled by default and typically should be. This session will highlight what are the most common settings that IT Pros overlook when setting up security for a Microsoft 365 environment

https://bit.ly/cia-m365overlooked

and

How can IT Pros get more out of Copilot

Copilot is now a vast array of services that leverage AI to make life easier. How should and IT Pro be using these AI services from Microsoft and how do they make sense inside a business to drive value for both the customer and the IT Pro. This session is more than just looking at Microsoft 365, it considers the suite of AI that is available from Microsoft and what can be done with these services.

https://bit.ly/cia-getmorefromcopilot