@IAMERICAbooted Infostealers can also be mitigated with application whitelisting.
For the 99% something like aaronlocker though we use Threatlocker and their SOC
English
Raphael Waller
3.5K posts
Raphael Waller
@rwllr
Graduate Electronics/Computer Engineering student, full time senior sysadmin. Looking for more hours in the day and more things to automate.
London, UK Katılım Ocak 2010
196 Takip Edilen94 Takipçiler
@LahavHarkov The craziest thing is that I'm pretty sure they actually consult for other regions and faiths helping them implement it within their own communities.
English
Imagine if the response to this was “how can I get my Muslim community to engage in more volunteer work?” (And I’m sure many already do.)
There are much more Muslims than Jews in the UK. It would redound to everyone’s benefit.
Instead, she lies out of racism and resent.
Dr Rahmeh Aladwan@doctor_rahmeh
Jews are the only group who operate their own ambulances (hatzola) and police (shomrim) in Britain. They do this in 14 other countries, mostly European. In the US, Hatzola has been accused of tending to jews while non-jews have died at the same scene. Why the apartheid?
English
The irony is that they actually consult for other regions and faiths helping them implement it within their own communities.
Dr Rahmeh Aladwan@doctor_rahmeh
Jews are the only group who operate their own ambulances (hatzola) and police (shomrim) in Britain. They do this in 14 other countries, mostly European. In the US, Hatzola has been accused of tending to jews while non-jews have died at the same scene. Why the apartheid?
English
@bastienperez_ @IAMERICAbooted They already are going after the most egregious abusers who have 1 license for the whole tenant.
English
📣 For years, Microsoft has been fairly permissive with Entra ID P1/P2 feature usage: you could buy a single license and it would effectively “unlock” features for the entire tenant.
This creates a lack of visibility to know whether tenants are complying with licensed feature usage limits, such as:
* Conditional Access (minimum Entra ID P1)
* Risk-based policies (Entra ID P2)
Microsoft has updated its page to track license usage and identify “spikes” (overages).
🔺 Where to find it:
Entra ID portal > Licenses > License usage (Preview)
Direct link: #view/Microsoft_AAD_IAM/LicensesMenuBlade/~/LicenseUtilization" target="_blank" rel="nofollow noopener">entra.microsoft.com/#view/Microsof…
The real question: will Microsoft eventually start going after the €€ from tenants that exceed their limits?
Wait and see…
English
@IAMERICAbooted @DeeOakster It depends who you are. For most SMB's they're not defending against a determined adversary and just need to be better than most against someone who doesn't typically know what they're doing.
English
@DeeOakster Um, I beg to differ. IME, the "bad guys" know it better and are not inhibited by silos, administrative burden, or politics in their endeavors :)
English
@fabian_bader @NathanMcNulty I guess the standard is still under active development and so things like the ability to mark it as non exportable.
But as an admin I'd like to be able to 'trust' GPW for standard users.
English
@rwllr @NathanMcNulty It's not a can't do but a decision not to do so. Technically synced Passkeys would support attestation, but since they roam around and are even exportable to other passkey providers, nobody is attesting
English
Good flow diagram for the upcoming passkey changes
Two things to be aware of:
1) If you are not enforcing attestation, you are not truly enforcing your AAGUID key restrictions
2) If you start enforcing attestation, existing passkeys are not attested, only newly registered ones
Matt Levy | Microsoft Security MVP@MattChatt42
Struggling to understand the impact of the upcoming passkey rollout in Microsoft Entra tenants (MC1221452)? ME TOO. So I had this flow diagram created.
English
@NathanMcNulty @fabian_bader The fact that iCloud and GPW can't do attestation and have no plans to work it in is one of the most frustrating things.
English
@fabian_bader My recommendations:
1. Inventory your settings
2. If not attested, inventory passkeys
3. Enable passkey profiles, set default profile to enforce attestation, create new profile without attestation (allows synced)
4. Set all users to default only, add exception group for synced
English
The Persians have been there every night for several weeks mourning those murdered in the protests
Niyak Ghorbani (نیاک)@GhorbaniiNiyak
Persian and Jew celebrating together in London
English
Raphael Waller retweetledi
Friends! Iran 🇮🇷 is experiencing one of the darkest periods of her history. I am trying to be the voice of voiceless!
I will never forget who stood up for us during this terrible time. #FreeIran
English
The true Clippers way is he goes on a revenge your and drops 40 tonight.
Farbod Esnaashari@Farbod_E
They should just suspend him against the Clippers tonight so it'll be no Kawhi vs no Ant. Seems fair?
English
Raphael Waller retweetledi
@IAMERICAbooted Consider Business Premium and Microsoft Defender and Purview Suites for Business Premium bundle
English
@IAMERICAbooted @arpeyton The settings catalog is I believe just a wrapper to make things easy and stop us breaking it.
We had to manually configure because the catalog wasn't built out fully at the time.
English
@IAMERICAbooted @arpeyton It's THE MDM settings specification.
Apple MDM's use them too, and I'm fairly certain they were around in Windows Mobile 6.5
English
@SwiftOnSecurity The difficulty is scale. The number of Hilton corporate employees is really low. Franchisee employees make up the vast majority of staff.
And franchisees and owners are the real hotel chain customers and who they need to keep happy.
English
I do sympathize with Hilton's problem here because they are under immense cyber attack on customers, and establishing a root of trust with the hilton.com domain does make sense. Just a big crap sandwich.
In a prev company we used to only forward a "dealer-###@" mail
English
InfoSec/Brand Protection tabletop scenario:
A front office manager at a franchised chain hotel location has an account on your root corporate brand domain and tells the government to kick rocks. They make headlines on every conservative news media front page.
English
@IAMERICAbooted @ar4nier If there isn't enough value or too much noise from someone I usually end up unfollowing
English
@IAMERICAbooted @ar4nier I've only ever looked at my following tab and never any of the algorithm. It means the content I read is only people I've consciously decided to follow or things they've consciously decided are worth sharing.
English
My mom's reaction to James Harden scoring 55 points: "Oh my God! You have to give him a raise!"
English