Microsoft Defender for Identity helps Active Directory admins defend against advanced persistent threats (APTs) targeting their Active Directory Domain Services infrastructures. It is a cloud-based service, where agents on Domain Controllers provide signals to Microsoft's Machine Learning (ML) algorithms to detect and report on attacks. Its dashboard allows Active Directory, AD FS, and Certification Authority … Continue reading "What's New in Microsoft Defender for Identity in August 2023"
Category: Uncategorized
What's New in Entra ID (Azure Active Directory) for August 2023
Entra ID, previously known as Azure AD is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Entra ID and through the Microsoft 365 Message Center, Microsoft communicated the following planned, new and changed functionality for Entra ID for August 2023: … Continue reading "What's New in Entra ID (Azure Active Directory) for August 2023"
Download the Active Directory Security Playbook for 2023 (Free)
I have worked together with ENow software to develop the Active Directory Security Playbook for 2023. Based on my Cookbook recipes The Playbook includes five of the recipes from my Active Directory Administration Cookbook: Proven Solutions to Everyday Identity and Authentication Challenges for Both On-Premises and the Cloud. It also includes a sixth, brand … Continue reading "Download the Active Directory Security Playbook for 2023 (Free)"
Windows Server 2022-based AD FS Servers may be vulnerable to Remote Code Execution (CVE-2023-23392)
This week, on its Patch Tuesday for March 2023, Microsoft released a patch that addresses a highly critical vulnerability (CVE-2023-23392) in the HTTP Protocol Stack. About the vulnerability CVE-2023-23392 details a remote code execution vulnerability that can be used to attack AD FS servers over the internet. An unauthenticated attacker could send a specially crafted packet … Continue reading "Windows Server 2022-based AD FS Servers may be vulnerable to Remote Code Execution (CVE-2023-23392)"
Join us for a webinar on Preventing attacks against Active Directory using Entra and Netwrix technologies
I’m proud to announce that I will be co-presenting a webinar with Netwrix’ Dirk Schrader on Tuesday February 21st, 2023 at 8PM CET (UTC+1) on preventing attacks against Active Directory using Entra and Netwrix technologies. About the webinar Active Directory controls access to critical systems and data for organizations around the world, but it … Continue reading "Join us for a webinar on Preventing attacks against Active Directory using Entra and Netwrix technologies"
Multi-Factor Authentication Server version 8.1.3.1 offers improved migration functionality to Azure MFA
On November 11th, 2022, Microsoft released version 8.1.3.1 of its Azure MFA Server product that allows organization to add multi-factor authentication to RADIUS-, AD FS-, IIS-based and other on-premises authentication scenarios. What’s New The release notes mention the following changes: Seamless Upgrades Azure MFA Server 8.1.3 introduces functionality to eliminate downtime when upgrading to … Continue reading "Multi-Factor Authentication Server version 8.1.3.1 offers improved migration functionality to Azure MFA"
I’m speaking at the European SharePoint, Office 365 and Azure Conference (ESPC22)
I’m happy to announce that I am returning as a speaker for the European SharePoint, Office 365 and Azure Conference (ESPC) 2022 from November 28th to December 1st, 2022. About ESPC22 The European SharePoint, Office 365 & Azure Conference (ESPC) provides Microsoft 365 and Azure professionals with the expert content and connections to help them achieve … Continue reading "I’m speaking at the European SharePoint, Office 365 and Azure Conference (ESPC22)"
Azure AD Connect v2.1.20.0 offers to synchronize to Azure AD’s employeeLeaveDateTime attribute
With Microsoft introducing the Lifecycle Workflows functionality Public Preview at its Microsoft Ignite event last month, some things are definitely changing… Azure AD is now poised to become the leading identity management plane and Active Directory to become a mere authentication store.However, to make that dream work, Azure AD Connect needs to offer additional functionality … Continue reading "Azure AD Connect v2.1.20.0 offers to synchronize to Azure AD’s employeeLeaveDateTime attribute"
HOWTO: Detect Kerberos tickets that are encrypted using RC4
When it comes to encryption, many weak algorithms and ciphers are still heavily used and relied upon in Active Directory environments everywhere. One of the typical weak algorithms used in encrypting Kerberos tickets is RC4; the cipher RC4-HMAC to be precise. Typically, RC4 is used by legacy systems, over misconfigured Active Directory trusts, and by … Continue reading "HOWTO: Detect Kerberos tickets that are encrypted using RC4"
Defender for Identity sensors will no longer be supported on Windows Server 2008 R2
Starting June 15 2022, Microsoft will no longer support Microsoft Defender for Identity sensors on servers running Windows Server 2008 R2. Microsoft recommends that admins identify any remaining domain controllers (DCs), AD FS servers and AD FS Proxy servers that are still running Windows Server 2008 R2 as an operating system and make plans to … Continue reading "Defender for Identity sensors will no longer be supported on Windows Server 2008 R2"