Yonathan Grunewald

@TalMorgenstern מדיניות הפרטיות לעומת זאת, לכאורה מאפשרת להם לאסוף המון מידע, כולל אישי/עסקי. למשל הם מקבלים לא רק את הטקסט שמכתיבים אלא את הטקסט שבמסך של האפליקציה שמכתיבים לה.

מוצר וואו וגם חווית אונבורדינג לפנתאון. ממליץ מאוד. wisprflow.ai/r?TAL222960

@orcarmi @Meir_Rubin הסוגריים שלך כל מהותן המשך התחפרות - אני תמיד בסדר וגם כשאני לא בסדר אני בסדר, ואין לי ספק שX לא בסדר. שורה תחתונה, כתבת תגובה צינית וארסית שקיבלה לייקים ושיתופים מחדש. גם על כותב הפוסט וגם על חבר הכנסת, אחרי ״בדיקה לא מספיק יסודית״…

מי שאחראים למחדל המטורף הזה צריכים לשבת בכלא. מצד אחד חוסמים פה ייבוא חקלאי מארה"ב או מאירופה מכל מינוי נימוקים מופרכים, או מטילים סטנדרטים מופרכים, מצד שני מכניסים רעלים קשים כדי שלא לעכב סחורה מהרש"פ במחסומי הבדיקה עד לקבלת תוצאות מעבדה.

@orcarmi @Meir_Rubin למה שלא תבדוק *לפני* שאתה כותב או עונה? במיוחד תגובות קנטרניות כאלו…

@Meir_Rubin קראתי, ולשם שינוי מסתבר שאתה צדקת, ואני טעיתי: יש תימוכין של משרד הבריאות לטענות העובדתיות של מר הלוי (להבדיל מהטענות הפוליטיות). כשאני טועה - אני מתקן את עצמי, מוחק ומתנצל. ממליץ לך לנהוג באופן דומה.

BREAKING: MOSSAD ATTEMPTED MURDER IN NEW YORK That's right. A man named AHMAD MOSSAD has been charged with attempted murder for setting another man on fire in Times Square on March 16, 2025 using gasoline from his food cart leaving the victim in a coma for weeks. Finally you can all say "it was Mossad"

@fabian_bader Legacy auth protocols, legacy API endpoints, excluded clients like company portal

#Entra sunday question: You have implemented a Conditional Access policy without any exclusions, enforcing MFA. Can somebody test a user + pwd combo without showing in the logs as 50074 - Strong Authentication is required?

@rucam365 Thanks for sharing ! Bookmarked now for a thorough reading later

New post: focusing on the key biggest Microsoft 365 security considerations. READ: campbell.scot/microsoft-365-… When we talk about Microsoft 365 security, we are talking about two things: (a) securing Microsoft 365 the platform, (b) using Microsoft 365 security tooling.

@merill What does that mean for Lokka?

🤔 Imagine asking your tenant, "Do I have any global admins that don't have phishing resistant authentication?" and getting an instant, accurate answer without writing a single line of code. 🤯 The way we interact with Microsoft Graph is changing forever. In this episode of Entra Chat, we sit down with @Licantrop0 from the Entra AI Innovations team to discuss the launch of the Microsoft MCP Server for Enterprise. Why is this a big deal? 🌀 Solves the "Context Window" issue: Standard LLMs get confused by the massive amount of data in Graph APIs. This MCP server uses patented "magic sauce" (RAG + few-shot prompting) to translate natural language into optimized queries. 🌀 Admin Control is King: Unlike other AI tools, this isn't just "plug and play" insecurity. Admins explicitly provision the service principle and granularly assign permissions. You decide exactly what the AI can see. 🌀 Future-Proofing: While it’s currently read-only, the team is working on enabling write operations and even generating full PowerShell scripts from your prompts. Whether you are a developer looking to learn Graph or an admin tired of mundane reporting tasks or you are working with agents, this is going to be a standard part of the future of tenant management. Listen to the full deep dive here: entra.chat #MicrosoftEntra #MicrosoftGraph #AI #MCP #SysAdmin #CloudSecurity #PowerShell

@NathanMcNulty That’s huge, had some deployment that were really messy, this looks like it can help a lot!

@merill Sign in logs were just an example of licensed features that might affect data

@yonigrin The sign in logs are only used on two of the charts. You wouldn't gain much going back more than 30days

👋 Folks, I'm super excited to announce the launch of the Microsoft Zero Trust Assessment! I've been working on this project for the past year at Microsoft with an extended team including our security researchers, product feature teams and docs Here's what it does 🧵👇

@TalBeerySec Hi Tal, tried DMing but can’t

For WhatsApp research, I need someone NOT in my WhatsApp contacts to help test non-contact visibility behavior (but preferably know each other from Twitter). Nothing malicious - just documenting the expected security boundaries. If you're interested, please DM

@Ano_F_ Nice, will test it! Any plans to support PAC url as proxy address?

4 months of code, tests, and rewrites later {} ProxyBridge 2.0 is live! A Windows proxy client with full UDP support, authentication, rule-based routing, and more. UDP and proxying finally made simple ♥️ github.com/InterceptSuite…

@RavivTamir 1. Why? What about customers that don’t want to onboard DCs to MDE and/or using other security products? 2. Will the development of standalone v2 continue? Will there be a standalone v3 ?

And then there was one… MDI+MDE combined sensor GA means faster deployment, fewer errors, and more data. Plus, opt-in for advanced RPC monitoring to unlock identity threat alerts. Check prerequisites and activate now. techcommunity.microsoft.com/blog/microsoft…

@DebugPrivilege @NathanMcNulty To be fair, It’s in the product name..ofc requires permissions to fully function. User can manually choose the permissions they configure in Entra (like monitoring only). the worst is the “Wizard” that asks you to consent with a global a admin so they can do it for you :(

I bet at least 80% of Entra admins would blindly grant RoleManagement.ReadWrite.All to an Enterprise app that was purchased by their company Most wouldn't even know what that means - and in doing so, they practically give Global Admin level permissions to the application vendor

@IceSolst @vercel Can’t believe you are so smart and yet, compare a random selfie with the unknowing Israeli PM with arming a ww2 camp. Do your research, like you do in InfoSec.

Joining @vercel is an embarrassing admission of being morally desolate. Like a permanent emblem of willingly arming a ww2 concentration camp, fully aware of what’s inside.

Over the weekend I wrote an ADSecurity.org article on "How to Improve Entra ID Security More Quickly" based on my recent @BSides_NoVA talk. This covers important areas including user & guest user configuration, Entra ID roles, admin protections, application permissions, conditional access policies, etc. adsecurity.org/?p=4825

@NathanMcNulty Very true! + A. the logo can be copied in real time by phishing frameworks like nginx, can’t trust it blindly B. Great tip on wildcard-vendors (including MS) advise customers to whitelist *.blob.core.windows.net and other svcs through proxy/fw (for products to work). Don’t :)

This has been going on for a very long time, with varying degrees of responsiveness from Microsoft on takedowns If you use Defender for Endpoint, you really should be using the new streamlined connectivity Don't block all blob storage, you will break things. Check service URLs.

@alitajran Very true! + A. the logo can be copied in real time by phishing frameworks like nginx, can’t trust it blindly B. Great tip on wildcard-vendors (including MS) advise customers to whitelist *.blob.core.windows.net and other svcs through proxy/fw (for products to work). Don’t :)

ATTENTION: Phishing Attack Uses Azure Blob Storage to Impersonate Microsoft! Attackers have found a new method to trick end users into logging in to a malicious login page, intercepting tokens, and infiltrating the tenant. What makes this particularly sneaky is that they are using Microsoft URLs. The link they receive is forms.office.com followed by a value. Clicking that takes them to a strange URL with a PDF, which they then have to log in with their M365 account. And that's where the real danger lies. The URL ends in windows.net and is therefore considered valid. If you log in and the URL isn't login.microsoftonline.com, you can assume it's a bad one. Block the endpoint *.blob.core.windows.net entirely, and only allow access to the specific storage account you trust, like: .blob.core.windows.net Now that you're aware of this, please also set up company branding in your Microsoft 365 tenant! It helps users trust the sign-in page. When they see your logo and colors, they know it's safe. If they see a random portal, they'll think twice before entering their credentials! Read more: learn.microsoft.com/en-us/entra/fu… #Microsoft365 #EntraID #CloudSecurity #IdentityProtection

@Osint613 Mr. @realDonaldTrump, thank you for your attention to this matter.

BREAKING 🔴 Mohammed Nazal, a senior Hamas official in Qatar: “Hamas will not disarm. We will maintain control over Gaza’s security. This ceasefire is only a temporary ‘hudna’, a pause to rebuild our strength and regain some breathing room.”