This week, on its Patch Tuesday for March 2023, Microsoft released a patch that addresses a highly critical vulnerability (CVE-2023-23392) in the HTTP Protocol Stack. About the vulnerability CVE-2023-23392 details a remote code execution vulnerability that can be used to attack AD FS servers over the internet. An unauthenticated attacker could send a specially crafted packet … Continue reading "Windows Server 2022-based AD FS Servers may be vulnerable to Remote Code Execution (CVE-2023-23392)"
Author: Sander Berkouwer
Sander Berkouwer is CTO at SCCT, a Dutch Microsoft Partner. He is the author of the Active Directory Administration Cookbook, speaker and blogger at DirTeam.com and ServerCore.net. He is awarded Microsoft MVP, Veeam Vanguard and VMware vExpert.
Since 2009, Microsoft has awarded Sander with the Most Valuable Professional (MVP) award. Since 2016, Veeam has awarded Sander with the Veeam Vanguard award.
Pro Tip! Use YubiStyle Covers instead of writing the userPrincipalName or Domain Name on your YubiKeys
Windows Hello for Business Security Keys are Microsoft’s name to FIDO2-based security keys, when you use them with Windows Hello for Business on a Windows 10-based device. As the FIDO alliance strives to develop and promote authentication standards, FIDO2-based security keys work in many passwordless scenarios. Yubico, one of the founding members of the FIDO … Continue reading "Pro Tip! Use YubiStyle Covers instead of writing the userPrincipalName or Domain Name on your YubiKeys"
Join us for the GET-IT Identity Management and Privileged Access Management Conference on March 30, 2023
A few weeks ago, I was invited as a speaker for Petri.com’s GET-IT Identity Management and Privileged Access Management 1-Day Virtual Conference on March 30th, 2023. About the GET-IT Identity Management and Privileged Access Management Conference GET-IT Conferences are 1-day virtual events, organized by Petri.com. The upcoming GET-IT Conference has Identity Management and Privileged Access Management … Continue reading "Join us for the GET-IT Identity Management and Privileged Access Management Conference on March 30, 2023"
I'm co-presenting a webinar with Netwrix and IT GRC Forum
I’m proud to announce that I will be co-presenting a webinar with Netwrix’ Anthony Moillic on Thursday March 30th, 2023 at 7PM CET (UTC+1) for the IT GRC Forum on preventing attacks against Active Directory using Entra and Netwrix technologies. About the webinar Active Directory controls access to critical systems and data for organizations … Continue reading "I'm co-presenting a webinar with Netwrix and IT GRC Forum"
What's New in Azure Active Directory for February 2023
Azure Active Directory is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Azure Active Directory and through the Microsoft 365 Message Center, Microsoft communicated the following planned, new and changed functionality for Azure Active Directory for February 2023: What's Planned … Continue reading "What's New in Azure Active Directory for February 2023"
Join us for a Webinar on the Importance of Active Directory Monitoring
On Tuesday March 21st, 2023, I will be presenting a free 60-minute webinar on Active Directory, together with Jay Gundotra of ENow fame. About this webinar In case you've forgotten; Active Directory is Microsoft's on-premises Identity management solution. Most large organization use it as their primary Identity and Access Management (IAM) solution and then … Continue reading "Join us for a Webinar on the Importance of Active Directory Monitoring"
On-premises Identity-related updates and fixes for February 2023
Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for February 2023: Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for February 2023"
What's New in Microsoft Defender for Identity in February 2023
Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures. It is a cloud-based service, where agents on Domain Controllers provide signals to Microsoft's Machine Learning (ML) algorithms to detect and report on attacks. Its dashboard allows Active Directory admins to investigate and remediate … Continue reading "What's New in Microsoft Defender for Identity in February 2023"
Pro Tip! Don't use the Yubikey Personalization Tool. Use the Yubico Manager.
Windows Hello for Business Security Keys are Microsoft’s name to FIDO2-based security keys, when you use them with Windows Hello for Business on a Windows 10-based device. As the FIDO alliance strives to develop and promote authentication standards, FIDO2-based security keys work in many passwordless scenarios. Yubico, one of the founding members of the FIDO … Continue reading "Pro Tip! Don't use the Yubikey Personalization Tool. Use the Yubico Manager."
You're invited to the IT-University Masterclass – Securing Azure AD without Premium features, Fact or Fiction?
On Monday March 13th, 2023, I will be presenting a masterclass, together with Raymond Comvalius for IT-University.nl. Dutch Raymond and I will be presenting on a topic that is important for many organizations who are looking to do more with less. Specifically: less Premium licenses. It seems like you can only have security in Azure AD … Continue reading "You're invited to the IT-University Masterclass – Securing Azure AD without Premium features, Fact or Fiction?"