CIA Brief 231217

Investigating malicious OAuth applications using the Unified Audit Log –

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/investigating-malicious-oauth-applications-using-the-unified/ba-p/4007172

Patching Perforce perforations: Critical RCE vulnerability discovered in Perforce Helix Core Server –

https://www.microsoft.com/en-us/security/blog/2023/12/15/patching-perforce-perforations-critical-rce-vulnerability-discovered-in-perforce-helix-core-server/

Advancing Cybersecurity: The Latest enhancement in Phishing-Resistant Authentication –

https://techcommunity.microsoft.com/t5/microsoft-entra-blog/advancing-cybersecurity-the-latest-enhancement-in-phishing/ba-p/2365681

Get started with Microsoft 365 for business –

https://www.youtube.com/watch?v=mWutD2Zb1Zk

Copilot for Microsoft 365 | Work On –

https://www.youtube.com/watch?v=0QEL9Y3Udvc

Satya Nadella 2023: Year of AI –

https://www.youtube.com/watch?v=Vu6Wq8lLUN0

Microsoft Cloud for Sovereignty now generally available, opening new pathways for government innovation –

https://blogs.microsoft.com/blog/2023/12/14/microsoft-cloud-for-sovereignty-now-generally-available-opening-new-pathways-for-government-innovation/

Introducing New Features of Microsoft Entra Permissions Management –

https://techcommunity.microsoft.com/t5/microsoft-entra-blog/introducing-new-features-of-microsoft-entra-permissions/ba-p/2466925

Announcing updates to Copilot for Microsoft 365 availability –

https://techcommunity.microsoft.com/t5/copilot-for-microsoft-365/announcing-updates-to-copilot-for-microsoft-365-availability/ba-p/4007075

Microsoft Sentinel – SOAR through the SIEM, begin with the basics –

https://techcommunity.microsoft.com/t5/fasttrack-for-azure/microsoft-sentinel-soar-through-the-siem-begin-with-the-basics/ba-p/3990142

Disrupting the gateway services to cybercrime –

https://blogs.microsoft.com/on-the-issues/2023/12/13/cybercrime-cybersecurity-storm-1152-fraudulent-accounts/

Protect your organizations against QR code phishing with Defender for Office 365 –

https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/protect-your-organizations-against-qr-code-phishing-with/ba-p/4007041

Strengthening identity protection in the face of highly sophisticated attacks –

https://techcommunity.microsoft.com/t5/security-compliance-and-identity/strengthening-identity-protection-in-the-face-of-highly/ba-p/4006009

Threat actors misuse OAuth applications to automate financially driven attacks –

https://www.microsoft.com/en-us/security/blog/2023/12/12/threat-actors-misuse-oauth-applications-to-automate-financially-driven-attacks/

New Microsoft Incident Response team guide shares best practices for security teams and leaders –

https://www.microsoft.com/en-us/security/blog/2023/12/11/new-microsoft-incident-response-team-guide-shares-best-practices-for-security-teams-and-leaders/

Microsoft Defender XDR unified role-based access control (RBAC) model is now generally available –

https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/microsoft-defender-xdr-unified-role-based-access-control-rbac/ba-p/3993793

Staged rollout management for Graph connectors is generally available –

https://techcommunity.microsoft.com/t5/microsoft-search-blog/staged-rollout-management-for-graph-connectors-is-generally/ba-p/3998367

After hours

MInesweeper the movie –

https://www.youtube.com/watch?v=LHY8NKj3RKs

Editorial

If you found this valuable, the I’d appreciate a ‘like’. This helps me know that people enjoy what I have created. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.

I’m running a session on Microsoft Copilot in a few weeks. Read more and sign up for free here – https://blog.ciaops.com/2023/12/04/ciaops-need-to-know-microsoft-365-webinar-december-5/

Also, I’m doing a summer camp deep dive into Microsoft 365 Secure Score. You can read more and sign up here – https://blog.ciaops.com/2023/12/11/ciaops-summer-school-is-open-for-enrolments/

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week.

CIAOPS Summer School is open for enrolments

In early 2024 I’ll be running a course entitled “Secure more with Secure Score in Microsoft 365”. Training will held virtually over four consecutive weeks. Each session will be two (2) hours and run from 9am Sydney time.The dates are:

Thursday January 4th 2024

Thursday January 11th 2024

Thursday January 18th 2024

Thursday January 25th 2024

The sessions will be recorded and other materials from the sessions (checklists, etc) will be available to attendees afterwards.

This event will be conducted remotely via Microsoft Teams.

The aim of this training is to help configure security best practices inside your Microsoft 365 environment. You’ll learn what settings you should enable and why you should have these enabled. The sessions will also take you through common examples of configuring these settings and the impact they will have on your users.

The price for this event will be:

Gold Enterprise Patron = $48.67

Gold Patron = $97.34 inc GST

Silver Patron = $194.68 inc GST

Bronze Patron = $389.35 inc GST

Non Patron = $599 inc GST

You can learn more about the CIAOPS Patron community at www.ciaopspatron.com.

I hope that you’ll join me in January for this event as I believe it provides some much needed training in a very important aspect of managing and securing Microsoft 365. If you are serious about security for Microsoft 365, then you need a plan and this training will aim to give you just that plus some experience to boot!

You can enrol now in this course ready for January using this link:

https://www.ciaopsacademy.com/p/secure-more-with-secure-score-in-microsoft-3651

As always, if you have any questions about this training please email me on – director@ciaops.com.

I hope to see you there.

CIA Brief 231209

Vulnerability discovery and remediation | Microsoft 365 Defender –

https://www.youtube.com/watch?v=nm3l3mqwQ3w

Copilot in Teams | Get caught up quickly –

https://www.youtube.com/watch?v=QlXLVgrc3BM

Star Blizzard increases sophistication and evasion in ongoing attacks –

https://www.microsoft.com/en-us/security/blog/2023/12/07/star-blizzard-increases-sophistication-and-evasion-in-ongoing-attacks/

Microsoft Entra Private Access protections for on-premises & private cloud network resources –

https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/microsoft-entra-private-access-protections-for-on-premises-amp/ba-p/4002913

New Microsoft Purview features use AI to help secure and govern all your data –

https://www.microsoft.com/en-us/security/blog/2023/12/07/new-microsoft-purview-features-use-ai-to-help-secure-and-govern-all-your-data/

Managing alerts | Microsoft 365 Defender –

https://www.youtube.com/watch?v=G1650fI_l_k

Get More Together: Work on your own time with Microsoft Teams –

https://www.youtube.com/watch?v=SzybsMWMdyQ

Microsoft Security Copilot drives new product integrations at Microsoft Ignite to empower security and IT teams –

https://www.microsoft.com/en-us/security/blog/2023/12/06/microsoft-security-copilot-drives-new-product-integrations-at-microsoft-ignite-to-empower-security-and-it-teams/

Clipchamp & Designer | Visual Content Creation –

https://www.youtube.com/watch?v=Y_Hm1_lxng4

Get Started With Clipchamp –

https://www.youtube.com/watch?v=tOTiTUZSmaM

3 reasons why now is the time to go cloud native for device management –

https://www.microsoft.com/en-us/microsoft-365/blog/2023/12/05/3-reasons-why-now-is-the-time-to-go-cloud-native-for-device-management/

Microsoft Incident Response lessons on preventing cloud identity compromise –

https://www.microsoft.com/en-us/security/blog/2023/12/05/microsoft-incident-response-lessons-on-preventing-cloud-identity-compromise/

Introducing Deep Search –

https://blogs.bing.com/search-quality-insights/december-2023/Introducing-Deep-Search

Plan for Windows 10 EOS with Windows 11, Windows 365, and ESU –

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/plan-for-windows-10-eos-with-windows-11-windows-365-and-esu/ba-p/4000414

Microsoft 365 Chat | Develop new content with Copilot –

https://www.youtube.com/watch?v=51ZKBxuOA-0

Protecting credentials against social engineering: Cyberattack Series –

https://www.microsoft.com/en-us/security/blog/2023/12/04/protecting-credentials-against-social-engineering-cyberattack-series/

What’s New and What’s Coming to OneNote on Windows –

https://techcommunity.microsoft.com/t5/microsoft-365-blog/what-s-new-and-what-s-coming-to-onenote-on-windows/ba-p/3966645

Security Copilot mechanics –

https://www.youtube.com/watch?v=kGoYDEulis0

Using Power Automate | Microsoft 365 Defender –

https://www.youtube.com/watch?v=JOoKDOa3w9k

After hours

[HOONIGAN] Ken Block’s Electrikhana TWO: One More Playground; Mexico City in the Audi S1 Hoonitron –

https://www.youtube.com/watch?v=U4FAqwkn-pc

Editorial

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week.

CIAOPS Need to Know Microsoft 365 Webinar – December

Join me for the free monthly CIAOPS Need to Know webinar. Along with all the Microsoft Cloud news we’ll be taking a look at Microsoft Copilot in all it’s various forms to help separate fact from fiction.

Shortly after registering you should receive an automated email from Microsoft Teams confirming your registration, including all the event details as well as a calendar invite.

You can register for the regular monthly webinar here:

December Webinar Registrations

(If you are having issues with the above link copy and paste – https://bit.ly/n2k2312

The details are:

CIAOPS Need to Know Webinar – December 2023
Thursday 29th of December 2023
11.00am – 12.00am Sydney Time

All sessions are recorded and posted to the CIAOPS Academy.

The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:

http://www.ciaopspatron.com

or purchase them individually at:

http://www.ciaopsacademy.com/

Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.

I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session and I look forward to seeing you there.

CIA Brief 231201

Monthly Defender news – December 2023 –

https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/monthly-news-december-2023/ba-p/3998431

Connect to the Microsoft Copilot Dashboard (Preview) –

https://learn.microsoft.com/en-us/viva/insights/org-team-insights/copilot-dashboard

The Twelve Days of Blog-mas: No.3 – Windows Local Admin Password Solution (LAPS) –

https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/the-twelve-days-of-blog-mas-no-3-windows-local-admin-password/ba-p/3992457

What’s new in Microsoft Entra –

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/what-s-new-in-microsoft-entra/ba-p/3796394

Windows Events, how to collect them in Sentinel and which way is preferred to detect Incidents. –

https://techcommunity.microsoft.com/t5/fasttrack-for-azure/windows-events-how-to-collect-them-in-sentinel-and-which-way-is/ba-p/3997342

Identifying Adversary-in-the-Middle (AiTM) Phishing Attacks through 3rd-Party Network Detection –

https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/identifying-adversary-in-the-middle-aitm-phishing-attacks/ba-p/3991358

Defender EASM – Performing a Successful Proof of Concept (PoC) –

https://techcommunity.microsoft.com/t5/microsoft-defender-external/defender-easm-performing-a-successful-proof-of-concept-poc/ba-p/3994862

Microsoft Loop: Transforming the way we work together  –

https://insider.microsoft365.com/en-us/blog/microsoft-loop-transforming-the-way-we-work-together

Microsoft Sentinel: Public preview of Microsoft Defender for Cloud to Defender XDR integration –

https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/microsoft-sentinel-public-preview-of-microsoft-defender-for/ba-p/3992792

The new Forms app is here! –

https://techcommunity.microsoft.com/t5/microsoft-forms-blog/the-new-forms-app-is-here/ba-p/3981387

Essential Eight Maturity Model Update –

https://www.cyber.gov.au/about-us/view-all-content/news-and-media/november-2023-essential-eight-maturity-model-update

After hours

Tesla Cybertruck vs Porsche 911 Drag Race at Cybertruck Delivery Event – https://www.youtube.com/watch?v=1Xsdf51DJSw

Editorial

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week.

November Microsoft 365 Webinar resources

The slides from this month’s webinar are available at:

https://github.com/directorcia/general/blob/master/Presentations/Need%20to%20Know%20Webinars/202311.pdf

If you are not a CIAOPS patron you want to view or download a full copy of the video from the session you can do so here:

http://www.ciaopsacademy.com.au/p/need-to-know-webinars

Watch out for next month’s webinar because I’m pretty certain I’m going to do one on Copilot. Stay tuned!

CIA Brief 231126

Defender for Cloud unified Vulnerability Assessment powered by Defender Vulnerability Management –

https://techcommunity.microsoft.com/t5/microsoft-defender-for-cloud/defender-for-cloud-unified-vulnerability-assessment-powered-by/ba-p/3990112

Diamond Sleet supply chain compromise distributes a modified CyberLink installer –

https://www.microsoft.com/en-us/security/blog/2023/11/22/diamond-sleet-supply-chain-compromise-distributes-a-modified-cyberlink-installer/

Get email notifications for any actions in Defender XDR –

https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/get-email-notifications-for-any-actions-in-defender-xdr/ba-p/3976330

Elevating Cybersecurity Intelligence with Microsoft Sentinel’s Enrichment Widgets –

https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/elevating-cybersecurity-intelligence-with-microsoft-sentinel-s/ba-p/3985255

BlueHat playlist –

https://www.youtube.com/playlist?list=PLXkmvDo4MfutylXJNJ6gth_qIEwJdeWz7

Microsoft Defender XDR, Security Copilot & Microsoft Sentinel now in one portal –

https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/microsoft-defender-xdr-security-copilot-amp-microsoft-sentinel/ba-p/3989312

Orca 2: Teaching Small Language Models How to Reason –

https://www.microsoft.com/en-us/research/blog/orca-2-teaching-small-language-models-how-to-reason/

Social engineering attacks lure Indian users to install Android banking trojans –

https://www.microsoft.com/en-us/security/blog/2023/11/20/social-engineering-attacks-lure-indian-users-to-install-android-banking-trojans/

Copilot coming to Windows 10 –

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/copilot-coming-to-windows-10/ba-p/3984070

Triage incidents based on enrichment from threat intelligence –

https://learn.microsoft.com/en-us/security-copilot/triage-alert-with-enriched-threat-intel

What’s new in Microsoft Intune (2311) November edition –

https://techcommunity.microsoft.com/t5/microsoft-intune-blog/what-s-new-in-microsoft-intune-2311-november-edition/ba-p/3986487

Identity at Microsoft Ignite: Securing access in the era of AI –

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/identity-at-microsoft-ignite-securing-access-in-the-era-of-ai/ba-p/2747279

Introducing MDTI Free Experience for Microsoft Defender XDR –

https://techcommunity.microsoft.com/t5/microsoft-defender-threat/introducing-mdti-free-experience-for-microsoft-defender-xdr/ba-p/3976635

Microsoft Mesh –

https://www.youtube.com/watch?v=_0InCXA13L8

Our vision to bring Microsoft Copilot to everyone, and more –

https://blogs.bing.com/search/november-2023/our-vision-to-bring-microsoft-copilot-to-everyone-and-more

Ignite News: Augment your EDR with deception tactics to catch adversaries early –

https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/ignite-news-augment-your-edr-with-deception-tactics-to-catch/ba-p/3982253

Microsoft Security Copilot and NIST 800-171 –

https://techcommunity.microsoft.com/t5/public-sector-blog/microsoft-security-copilot-and-nist-800-171/ba-p/3984053

After hours

Octopus vs Underwater Maze – https://www.youtube.com/watch?v=7__r4FVj-EI

Editorial

Watch out for the next CIA Brief next week.

CIA Brief – 231118

Our vision to bring Microsoft Copilot to everyone, and more –

https://blogs.bing.com/search/november-2023/our-vision-to-bring-microsoft-copilot-to-everyone-and-more

Ignite News: Augment your EDR with deception tactics to catch adversaries early –

https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/ignite-news-augment-your-edr-with-deception-tactics-to-catch/ba-p/3982253

Microsoft Security Copilot and NIST 800-171 –

https://techcommunity.microsoft.com/t5/public-sector-blog/microsoft-security-copilot-and-nist-800-171/ba-p/3984053

Power Apps accelerates the shift toward modern, AI-infused apps with governance at scale –

https://powerapps.microsoft.com/en-us/blog/power-apps-accelerates-the-shift-toward-modern-ai-infused-apps-with-governance-at-scale/

Microsoft Defender XDR, Security Copilot & Microsoft Sentinel now in one portal –

https://www.youtube.com/watch?v=snV2joMnSlc&t=1s

What’s new with Windows at Microsoft Ignite 2023! –

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/what-s-new-with-windows-at-microsoft-ignite-2023/ba-p/3980507

Microsoft Backup in public preview –

https://learn.microsoft.com/en-us/microsoft-365/syntex/backup/backup-overview

Simplify IT management with Microsoft Copilot for Azure – save time and get answers fast –

https://techcommunity.microsoft.com/t5/azure-infrastructure-blog/simplify-it-management-with-microsoft-copilot-for-azure-save/ba-p/3981106

Universal Print makes cloud printing truly “universal” –

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/universal-print-makes-cloud-printing-truly-universal/ba-p/3982872

Microsoft Archive available in preview –

https://learn.microsoft.com/en-us/microsoft-365/syntex/archive/archive-overview

Meet the new Microsoft Planner –

https://www.youtube.com/watch?v=jwGQPWAihjQ

Copilot Studios | Explained by Microsoft –

https://www.youtube.com/watch?v=06D4G2K9UFs

Microsoft Stream: The Future of Video in Microsoft 365 –

https://www.youtube.com/watch?v=XxuVc9ji3as

Microsoft Loop: built for the new way of work, generally available to Microsoft 365 work accounts –

https://techcommunity.microsoft.com/t5/microsoft-365-blog/microsoft-loop-built-for-the-new-way-of-work-generally-available/ba-p/3982247

Microsoft Intune introduces Security Copilot-embedded experience –

https://techcommunity.microsoft.com/t5/microsoft-intune-blog/microsoft-intune-introduces-security-copilot-embedded-experience/ba-p/3982632

Announcing Microsoft Copilot Studio: Customize Copilot for Microsoft 365 and build your own standalone copilots –

https://www.microsoft.com/en-us/microsoft-365/blog/2023/11/15/announcing-microsoft-copilot-studio-customize-copilot-for-microsoft-365-and-build-your-own-standalone-copilots/

Microsoft Stream: The Future of Video in Microsoft 365 –

https://techcommunity.microsoft.com/t5/microsoft-stream-blog/microsoft-stream-the-future-of-video-in-microsoft-365/ba-p/3969156

Announcing Windows 365 GPU-enabled Cloud PC public preview –

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/announcing-windows-365-gpu-enabled-cloud-pc-public-preview/ba-p/3982952

Introducing Microsoft Copilot Studio and new features in Copilot for Microsoft 365 –

https://www.microsoft.com/en-us/microsoft-365/blog/2023/11/15/introducing-microsoft-copilot-studio-and-new-features-in-copilot-for-microsoft-365/

Microsoft unveils expansion of AI for security and security for AI at Microsoft Ignite –

https://www.microsoft.com/en-us/security/blog/2023/11/15/microsoft-unveils-expansion-of-ai-for-security-and-security-for-ai-at-microsoft-ignite/

Microsoft Cloud PKI launches as a new addition to the Microsoft Intune Suite –

https://techcommunity.microsoft.com/t5/microsoft-intune-blog/microsoft-cloud-pki-launches-as-a-new-addition-to-the-microsoft/ba-p/3982830

Announcing Microsoft Intune Advanced Analytics –

https://techcommunity.microsoft.com/t5/microsoft-intune-blog/announcing-microsoft-intune-advanced-analytics/ba-p/3982742

Microsoft Ignite 2023: AI transformation and the technology driving change –

https://blogs.microsoft.com/blog/2023/11/15/microsoft-ignite-2023-ai-transformation-and-the-technology-driving-change/

Tailor Windows Update for Business reports with Power BI –

https://techcommunity.microsoft.com/t5/windows-it-pro-blog/tailor-windows-update-for-business-reports-with-power-bi/ba-p/3978975

Ten things you need to know before buying Microsoft 365 Copilot –

https://www.directionsonmicrosoft.com/blog/ten-things-you-need-to-know-before-buying-microsoft-365-copilot/

Microsoft could be bringing its AI Copilot to billions of Windows 10 users –

https://www.tomsguide.com/news/microsoft-could-be-bringing-its-ai-copilot-to-billions-of-windows-10-users

After hours

Candy Thieves vs Rigged Candy Bowl – https://www.youtube.com/watch?v=Zb01RStdzEs

Editorial

There is still more Microsoft Ignite goodness to digest, so be prepared for lots of links in the CIA Brief next week as well!

Watch out for the next CIA Brief next week.