by Scott Muniz | May 16, 2022 | Security, Technology
This article is contributed. See the original author and article here.
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
Secure .gov websites use HTTPS
A
lock (
) or
https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.
by Scott Muniz | May 16, 2022 | Security
This article was originally posted by the FTC. See the original article here.
Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.
by Contributed | May 15, 2022 | Technology
This article is contributed. See the original author and article here.
Final Update: Sunday, 15 May 2022 13:56 UTC
We’ve confirmed that all systems are back to normal with no customer impact as of 05/15, 13:15 UTC. Our logs show the incident started on 05/15, 12:40 UTC and that during the 35 minutes that it took to resolve the issue, Some of the customers using Log Analytics may have experienced data access issue and delayed or missed alerts in West Europe region. Some customers using Azure Sentinel may also experience data access issues and delayed or misfired alerts.
- Root Cause: The failure was due to backend dependent service becoming unhealthy.
- Incident Timeline: 35 minutes – 05/15, 12:40 UTC through 05/15, 13:15 UTC
We understand that customers rely on Azure Log Analytics as a critical service and apologize for any impact this incident caused.
-Srikanth
by Contributed | May 13, 2022 | Technology
This article is contributed. See the original author and article here.
We’re excited to announce the general availability of predefined policies in the app governance add-on for Microsoft Defender for Cloud Apps. This first set of out-of-box policies represents our commitment to simplifying the entire app governance experience. The predefined policies will detect apps with anomalous and potentially malicious characteristics. We will continue to expand the set of predefined policies, further reducing the need to create manual policies and help streamline deployment.
Why are predefined policies important?
App governance currently provides a rich set of policy conditions. They do, however, require time and resources to sort out so admins can create the right policies for your organization. Predefined policies empower admins to focus on critical activities needed to keep their organization secure and compliant, not on the policy creation process itself.
You’re still in control
While the predefined policies are on by default and are designed for minimal maintenance, you will be able to:
- Quickly find and review predefined policies in your list of policies
- Activate or deactivate each policy individually
- Set each policy to block apps
- Exclude apps from the policy
Other capabilities added as part of this release
- Exclusion lists: Customers can now set policies to cover all apps except for specific apps. They can apply this scoping option to their existing custom policies as well as the predefined policies.
- Correlation to Microsoft 365 Defender incidents: All app governance alerts are now correlated by Microsoft 365 Defender to generate incidents.
- Simplified policy configuration: Customers can modify the predefined policies even faster using a new contextual flyout menu.
Get started with app governance
App governance is an add-on to Microsoft Defender for Cloud Apps that provides enhanced visibility and control over cloud apps that access Microsoft 365. It sifts through these apps to identify not only attributes and behavior that are malicious, but also characteristics that mark significant sources of risk.
Try app governance for free for 90 days
– App governance team
by Scott Muniz | May 13, 2022 | Security, Technology
This article is contributed. See the original author and article here.
CISA is temporarily removing CVE-2022-26925 from its Known Exploited Vulnerability Catalog due to a risk of authentication failures when the May 10, 2022 Microsoft rollup update is applied to domain controllers. After installing May 10, 2022 rollup update on domain controllers, organizations might experience authentication failures on the server or client for services, such as Network Policy Server (NPS), Routing and Remote access Service (RRAS), Radius, Extensible Authentication Protocol (EAP), and Protected Extensible Authentication Protocol (PEAP). Microsoft notified CISA of this issue, which is related to how the mapping of certificates to machine accounts is being handled by the domain controller.
For more information see the Microsoft Knowledge Base article, KB5014754—Certificate-based authentication changes on Windows domain controllers: Key Distribution Center registry key.
Note: installation of updates released May 10, 2022, on client Windows devices and non-domain controller Windows Servers will not cause this issue and is still strongly encouraged. This issue only affects May 10, 2022 updates installed on servers used as domain controllers. Organizations should continue to apply updates to client Windows devices and non-domain controller Windows Servers.
Recent Comments