Sander de Wit

@NickInformation that looks interesting. I’ve just updated my msix ps module as well. still need to quite a bit but I like my win11 sandbox integration. install-module msix

We have released our universal modern shell extension for MSIX packages. It is intended as a replacement and can, among other things, auto patch WinRAR for #MSIX using my #PowerShell module #MSIXForcelets github.com/AndreasNick/Ms…

@_dirkjan what does it do if json bulk requests are used against the graph bulk endpoint to run them in parallel?

Now I could easily avoid this by hardcoding a sleep timer between requests, but it's still odd that I get a confirmation from the graph and a separate audit event that the key was removed, while the next request simply puts it back.

It shows how much trust people have in the Graph, but 50% of the people selected the only wrong answer (15) 😂. In reality the number of keys that are still there depends on how fast you delete them. If as fast as possible it'll likely be 14. Why? A 🧵

@IAMERICAbooted the interesting part is, a gdap relationship can have privileged admin that never expires but not global admin (than it needs to expire)

IDK who needs to hear this, but a Privileged Authentication Administrator has a privilege escalation path to Global Admin. Don't mind me. Just studying to be a different kind of "expert" :P

@MarkSimos great, when will we be able to create multi-tenant EntraID (scim-enabled) apps again. as currently that is 'paused' due to this initiative.

Microsoft's Secure Future Initiative (SFI) is a Zero Trust initiative tailored to Microsoft's needs. You can think of SFI as a kind of Zero Trust case study from Microsoft that you can learn from to improve your own security. microsoft.com/en-us/security… a short 🧵

@richardhicks my point exactly, threat it like a token/session

@Sander_deWit Sure, why not? 😉

Public #TLS certificate maximum lifetime will be reduced to 47 days. Should we do the same for private #PKI user and device authentication certificates? #security #enterprise rmhci.co/3SgmZqZ

@UK_Daniel_Card forgot the easy integration with app control for business and all executables signed (via cat inside package)

@UK_Daniel_Card its odd the industry doesnt adopt msix more. some of the pros: * update while in use. *download only changes not entire package, *ready for app isolation, *support app attach. etc

Deploying apps in intune sucks.... it's 2025.... it feels like 2005!

@UK_Daniel_Card awesome, still play this sometimes

WOW THIS IS SO COOL! :)

@EricaZelic it has potential but configuration issues are all too common with pp. I’ve seen many customers accidentally creating bypass issues and misunderstanding their entire mail flow. Exchange does risk management a bit better

I spent some time in Proofpoint last night. Essentially, it's just like Exchange Online with some Purview functionality AND it works better :p

@UK_Daniel_Card the amount of issues found in proofpoint configs that are often reviewed by proofpoint support has been mindblowing. while the product might be fine, the quality of the generic implementations is far below common quality standards in the industry

linkedin.com/posts/craig-ta… This is gold! 😂😂😂😂😂

@UK_Daniel_Card That will fit nicely with my new physical vm's in 19" rack.

I deployed 12 New physical vlans with blue cables this morning! #Networking #reddit

@vxunderground let’s try

Hi, we're doing giveaway number next. We're going to do something a little crazy. We're going to give 1 person $1,000 in BTC. If you'd like $1,000, leave a comment below. - Winners will be selected randomly in the next 24 hours. - We will DM winners. - If you do not confirm your win in 24 hours a new winner will be selected - If your DMs are closed, you automatically forfeit your prize

@vxunderground @cyberwarfarelab awesome

Hi, it's giveaway number ??? (we're almost half way there) Our friends at @cyberwarfarelab hooked us up with 5 vouchers for their Certified Exploit Development Professional course. If you wanna learn about about exploit development, leave a comment below. - Winners will be selected randomly in the next 24 hours. - We will DM winners. - If you do not confirm your win in 24 hours a new winner will be selected - If your DMs are closed, you automatically forfeit your prize Have a nice day

@vxunderground @MalDevAcademy that would be nice

Hi, it's tuts-for-nerds giveaway ??? (lost track of giveaways) Our friends at @MalDevAcademy hooked us up with x3 lifetime access plans and x3 database access plans Thank you, mr.d0x and friends for hooking us up and supporting our giveaways. If you'd like to learn about malware development, leave a comment below - Winners will be selected randomly in the next 24 hours. - We will DM winners. - If you do not confirm your win in 24 hours a new winner will be selected - If your DMs are closed, you automatically forfeit your prize Have a nice day

@janbakker_ never mind, been a long week :-)

@Sander_deWit A user can only have one TAP, so by creating a new one, any existing TAP will be deleted. Or do you mean deleted TAPs can be used even after they've been deleted?

Earlier this week, I posted a Proof of Concept about requesting Temporary Access Passes on behalf of others using Entra ID Identity Governance. Today, we will go one step further and use the requestor information to determine the request's properties, like the TAP's lifetime. Here's how it's done: janbakker.tech/use-requestor-…

@JasonSandys @AxelGauliard @IntuneSuppTeam @JasonSandys is that a known issue? as I was under the impression it would be available until December

@JasonSandys @AxelGauliard @IntuneSuppTeam @JasonSandys that documentation is pretty scary. basically says to manually remove the policy which in case of signed policies would brick a device. better to keverage dgss to sign a new policy to has defined trusted signing as allowed. speaking of which seems dgss doesnt work

@IntuneSuppTeam how to configure the permissions for Device Guard signing now the dinosaur page businessstore.microsoft.com can't be reached anymore? 🦖 Seems the doc page has to be reviewed: "Sign an MSIX package with Device Guard signing"

@UK_Daniel_Card at that time packet injection, replays, deauths. one case of fakeap with impersonation.

@Sander_deWit Thanks dude! Any detail on the attack types detected?

if anyone works with a high volume wifi campus and fancies helping with my research please get in contact.