Anthony Peyton

@Rabid_F30 @SonsOfLibertyGW It’s up to the citizens in these states to fight for their own freedom. Nobody is going to risk their life or freedom for people who aren’t willing to do it themselves first.

@SonsOfLibertyGW Keep sending them. What would the forefathers have done in this situation? Same goes for Virginia. Any law against the 2nd amendment is void.

It was bittersweet but morale was high. The SOLGW armorer & shipping crews were eager to work nights to air drop hundreds of lower halves & rifles into Massachusetts before the ban took effect. The last SOLGW guns to "legally" enter the birthplace of the Original Sons of Liberty!

@IntCyberDigest Again?

‼️🇫🇷 MAJOR OPSEC FAILURE: The French aircraft carrier Charles de Gaulle was located by Le Monde journalists through the Strava app of an officer jogging on the ship's deck…

The annoying part IMO is that we had perfectly function PowerShell cmdlets that were efficient and solved problems in single lines that have now been replaced by tomes of graph documentation, the horrors of the mggraph wrapper, authorization scopes, and a million other points of annoyance. The majority of M365 admins are not developers and will not take up learning how to write their own tools in their free time to perform basic administrative tasks.

.@Office365 Some Microsoft MVPs have questioned the gaps appearing in Graph API coverage and a lack of consistency and robustness in some APIs. It seems like Microsoft is not dedicating enough resources to this topic. Thoughts? office365itpros.com/2026/03/18/mic… #Microsoft365

@kmcnam1 Then make him manage multiple inboxes and log emails into HubSpot/Salesforce with New Outlook.

@PennStationSubs @TheDegenWeekly I had no idea Penn Station was an Ohio chain, or that 36 states have to suffer through the lack of their delicious Chicken Teriyaki subs. Also, those chocolate chip cookies, fresh cut fries … and now I’m hungry.

@TheDegenWeekly Hey, Jeff! We're so glad you could stop by! We started in Ohio, but we're in 14 states now 😉 thanks for the love

Trying a cheesesteak from some place called Penn Station Subs. Never heard of it - I think it’s an Ohio thing? Looks good! Will be back with a review.

@egosumdns @supersat @0xMatt This is the answer. Strict alignment and hygiene is key. Way too many people just throw p=none into DMARC without realize it does just that (nothing) and almost as many believe that p=reject is enough, and it’s not.

@supersat @0xMatt Your question inspired a lunch break blog post: dstreefkerk.github.io/2026-03-the-dm…

Confused that you have strong DKIM/DMARC rules & configured SPF, yet people are still spoofing your CEO's mail in fraud attempts? This may be because you included Salesforce, Mailchimp, or other SaaS in your SPF. Abusers can use free/fraudulent accounts there to spam "as" you.

They also stole his money. It would violate community guidelines to explain what these deputies deserve, in the history and tradition of 1776-1791, so I’ll just say they should all be fired, forced to pay restitution to him personally, and prosecuted to the fullest extent of the law.

Afroman found NOT liable for monetary damages to Adams County Sheriff Deputies who wrongfully damaged his home and ate his lemon pound cake during a search..Finding nothing..So.. the injured party prevails .. I stand with Afroman… he is free.. In your view… is this justice.??

A lot of people intentionally abuse this knowing that Microsoft has not been enforcing it. I personally find that unethical - not liking the licensing model doesn’t entitle you to use it without paying. I strongly suspect MS is about to crack down on this, as well as customers “stacking” Business SKUs to exceed the 300 user guideline.

📣 For years, Microsoft has been fairly permissive with Entra ID P1/P2 feature usage: you could buy a single license and it would effectively “unlock” features for the entire tenant. This creates a lack of visibility to know whether tenants are complying with licensed feature usage limits, such as: * Conditional Access (minimum Entra ID P1) * Risk-based policies (Entra ID P2) Microsoft has updated its page to track license usage and identify “spikes” (overages). 🔺 Where to find it: Entra ID portal > Licenses > License usage (Preview) Direct link: #view/Microsoft_AAD_IAM/LicensesMenuBlade/~/LicenseUtilization" target="_blank" rel="nofollow noopener">entra.microsoft.com/#view/Microsof… The real question: will Microsoft eventually start going after the €€ from tenants that exceed their limits? Wait and see…

@TylerSebreezy That random quiet day though…

Ohio in the last 5 days: •Hurricane wind storm •Random quiet day •70s and sunny •Severe thunderstorms •Snow •More wind •Wind chills near 0⁰ •Meteor exploding in the sky

Agreed, one someone pops a GA it doesn't seem likely that much is going to save you. In a world where people are: - syncing on-prem accounts, including DAs, to Entra and assigning them admin roles, including GA - assigning GA to normal user accounts with mailboxes - using GA for all admins instead of proper RBAC - not using phishing resistant MFA or PIM for admin roles solutions such as multi-admin approval aren't going to do much.

@maxsec @arpeyton @IAMERICAbooted It is, but there are still bypasses. It reminds me of the saying about once a hacker has physical access, it’s game over. Kinda, same goes for GA.

Reduce your Intune Admins and use intune rbac and restricted admin units. Segregate device management into groups to decrease the blast radius. Treat Intune Admins like Global Admins. Require PIM with approvals. I've been saying this since before it was popular. As unpopular as this may sound right now, Microsoft is not to blame. They wrote about how to do all this in their documentation, but nobody does it. You have to keep in mind that it could have been a Global Admin too. In that case, the situation is even more dire. The vast majority of orgs are still hybrid. If the compromise was of the on-prem AD, not much you can do because you can pivot to an Intune Admin's device and use the APIs. This is why your EDR should be throwing high alerts when admin machines stop checking in and you should validate visibility on those machines. Managing admin machines is really really hard. Admins write code, run scripts, and look like they are compromised all the time when they're not.

如果你买了罗技的高端鼠标（如MX Master等）。 结果发现要用它的全部功能，必须装一个叫 Logitech Options+ 的SB软件。 这软件要联网，要账号，还会在后台偷偷收集数据。 有个叫 TomBadash 的程序员受够了。 他开发了一个叫 Mouser 的开源工具，用来替代罗技官方程序。 开源地址见评论

The idea behind “Ageless Linux” is simple: Take Debian Linux. Run a script that changes a few words to “ageless”, in some key spots, declaring that the current Operating System (“Ageless Linux”) is knowingly refusing to comply with new Age Verification laws. “Software for humans of indeterminate age. We don't know how old you are. We don't want to know. We are legally required to ask. We won't.” “We are in full, knowing, and intentional noncompliance with the age verification requirements of Cal. Civ. Code § 1798.501(a).” agelesslinux.org

@IAMERICAbooted This has always been the right answer, yet I still find AD DAs synced to Entra with GA assigned and a UPN with the vanity domain.

Unsolicited reminder: cloud only admin accounts should be in the following format - ericaISawesome@yummytacos.onmicrosoft.com Or fuckTHEhaters@snaffletastic.onmicrosoft.us

@manelrodero @MountainsGuy1 California?

@MountainsGuy1 The Windows laptop is a company-issued device. However, if MFA is required during Autopilot, the user would need to add MFA on a mobile device. Since there are no company-issued mobile phones, the user would have to use their personal phone, which is undesirable.

I'm trying to create a CA policy that forces MFA to be used for all resources but does not apply during Autopilot User Driven OOBE. I have defined the CA as the screens show, but it doesn't work, it keeps asking the user for MFA. Has anyone implemented something similar?

@techspence For me, it’s about building good habits. If you don’t always lock it, are you always going to remember to do it? Also, sometimes that 3 minutes at the water cooler turns into 2 hours when you get pulled into something “critical” in the hallway.

Yes, you should lock your computer when you get up and walk away while at the office. No, you're not gonna get hacked in the 3 minutes that you're gone from your desk getting some water. YMMV

Turn off Diagnostics and Feedback on Windows devices! By default, Windows devices send telemetry data to Microsoft. However, not all users or organizations may wish to share this information. To disable diagnostics and feedback, follow the steps below: 1. Open Settings 2. Click Privacy & Security 3. Click Diagnostics & feedback 4. Turn off Send optional diagnostic data 5. Turn off Improve inking and typing 6. Turn off View diagnostic data 7. Delete Diagnostic data 8. Set Feedback frequency to Never For organizations, control this centrally and set it up using Group Policy or Intune. #Microsoft #Windows #Privacy #Telemetry

I don’t see how this is ever going to work. It’s a fundamentally different piece of software that doesn’t address the core use cases that many user of Outlook “classic” require. Most single-mailbox users could effectively use OWA, and that’s effectively what “New Outlook” is, a webmail wrapper. It also falls apart quickly trying to manage multiple mailboxes, calendars, and other key features that make Outlook “classic” a key AP for IT, Accounting, HR, Marketing, Sales, and Admin Assistants. That’s without even going into the COM add-in debacle, not going to beat that horse to death when others already have. I’m really not sure what MS is thinking here.

Microsoft hits snooze on the New Outlook migration — again Microsoft is pushing the New Outlook opt‑out deadline all the way to 2027, giving IT admins another year to prep for the switch. The company says the extension is meant to give organizations more time to test features, adjust workflows, and make sure the new client fits their needs before the old Outlook is phased out. It’s a big shift for businesses that weren’t ready for the 2024 or 2025 timelines, and Microsoft is clearly responding to feedback from admins who said the transition needed more breathing room. The New Outlook is still the future, but now the rollout has a little less pressure — and a lot more time for organizations to get their house in order. Full details below👇 windowscentral.com/microsoft/micr…

This feels like one of the dumbest hills to die on. If it was delivered as a native app, people would call it bloatware. If you had to download it, they’d complain about the Microsoft Store. I’m not saying that Windows 11 doesn’t have serious problems, it does and that’s indisputable. My point is that launching a speed test in a browser (just like Ookla and Fast have done for years) isn’t something worthy of the outrage.

Even the basic SKUs have gotten so complicated. Customer: “I want Business Premium.” MS: “Great will that be Business Premium (No Teams) [New Commerce Experience], Microsoft 365 Business Premium and Microsoft 365 Copilot Business [New Commerce Experience], Microsoft 365 Business Premium (No Teams) and Microsoft 365 Copilot Business [New Commerce Experience], or plain old Microsoft 365 Business Premium [New Commerce Experience]?” Customer: “What?” Microsoft: “Would you like to hear about our new 3-year commitment? It’s part of the New Commerce Experience.”

@arpeyton @PyroTek3 and there's so much pay as you go now, it's awful

Alex leaves and now we have Microsoft 365 E7