Panagiotis Pagkas’ Post

Zero Trust Security with Microsoft Entra is now generally available.

Microsoft’s unified security operations platform is now GA 🎉🎉🎉 ✅ Blog : https://lnkd.in/g2rTpddS 🎯 Based on MS research, organizations use as many as 80 individual tools in their security portfolio. 🎯 We’ve been on a journey to unify these tools over the last few years and are excited to take the next step by bringing Microsoft Sentinel into the Microsoft Defender portal, which we can announce is generally available. #XDR #SIEM #MicrosoftDefenderXDR #MicrosoftSentinel #MicrosoftSecurity #XSPM #ThreatIntelligence

Microsoft Patches 61 Flaws, Including Two Actively Exploited Zero-Days: Microsoft has addressed a total of 61 new security flaws in its software as part of its Patch Tuesday updates for May 2024, including two zero-days which have been actively exploited in the wild. Of the 61 flaws, one is rated Critical, 59 are rated Important, and one is rated Moderate in severity. The two security shortcomings that have been weaponized in the wild are CVE-2024-30040 (CVSS score: 8.8 & CVE-2024-30051 (CVSS score: 7.8 ). Recommendations; It’s recommended to test and patch these 2 CVE “ CVE-2024-30051 & CVE-2024-30040” first which are under active exploitation as preventive measure. And recommended to follow default patching life cycle for remaining patches. References:

Dear mami... As part of this Patch Tuesday, Microsoft has fixed 26 Security Feature Bypass (SFB) vulnerabilities in Secure Boot. Most of them were reported by Azure Yang of Kunlun Lab and aren't exploited itw. Even though an attacker should be authenticated to exploit most of them, some can be exploited with LAN access alone /the attack vector is adjacent (AV:A)/. "These security updates address this vulnerability by updating the Windows Boot Manager and other components, but the protections are not enabled by default. Additional steps are required at this time to mitigate this vulnerability." 📝 CVE-2024-29061, CVE-2024-28921, CVE-2024-20689, CVE-2024-26250, CVE-2024-28922, CVE-2024-29062, CVE-2024-20669, CVE-2024-28898, CVE-2024-20688, CVE-2024-23593, CVE-2024-28896, CVE-2024-28919, CVE-2024-23594, CVE-2024-28923, CVE-2024-28903, CVE-2024-26189, CVE-2024-26240, CVE-2024-28924, CVE-2024-28897, CVE-2024-28925, CVE-2024-26175, CVE-2024-28920, CVE-2024-26194, CVE-2024-26180, CVE-2024-26171, CVE-2024-26168 https://lnkd.in/e5ENdNjf

🚨 Understanding CVE-2022-26923: A Critical Vulnerability in Microsoft Active Directory Certificate Services (AD CS) 🚨 One major vulnerability disclosed is CVE-2022-26923, which affects Microsoft’s Active Directory Certificate Services (AD CS). This issue can allow attackers to escalate privileges in a network, posing a big threat to organizations using AD CS. 🔍 What is CVE-2022-26923? CVE-2022-26923 is a security flaw that affects how certificates (which are like digital IDs) are issued in Active Directory. Specifically, it impacts machine accounts, which are the accounts used by computers in a network. Here's how it works: if an attacker is able to manipulate the system, they can request a certificate that gives them higher privileges, like Domain Admin. This would allow them to control or even compromise the entire network! 📈 Why is it dangerous? In an Active Directory environment, certificates are used to verify identities and secure communications. This vulnerability can lead to: Forged certificates: Attackers could pretend to be legitimate users or systems. Privilege escalation: Attackers could gain more control over the network, eventually accessing sensitive systems or data. Lateral movement: Attackers could use this access to move across the network and target more systems. This is especially concerning in larger organizations with hybrid or cloud-based environments. 🛡️ How can organizations protect themselves? Apply Patches: Microsoft has released a patch to fix this vulnerability. It’s crucial to keep systems updated! Check out the official Microsoft Security Update here (https://lnkd.in/eCD_WQFA) Audit Certificate Templates: Organizations should review who has access to request certificates and tighten security controls. Harden AD CS Configurations: This includes ensuring best practices are followed, such as using strong encryption and proper role-based access control (RBAC) for issuing certificates. Monitor Activity: Security teams should regularly monitor for any suspicious certificate requests. Conduct Regular Audits: It’s important to regularly check the security of AD CS systems and configurations. #CVE202226923 #ActiveDirectory #MicrosoftVulnerability #InfosecLearning #DigitalCertificates #StudentLearning #PatchManagement

Just finished the course “Top 10 Security Features to Enable within Microsoft 365” by Liam Cleary! Check it out: https://lnkd.in/gJwQFN96 #microsoft365 #informationsecurityawareness.

Just finished the course “Top 10 Security Features to Enable within Microsoft 365” by Liam Cleary! Check it out: https://lnkd.in/dXxHVEBF #microsoft365 #informationsecurityawareness.

Just finished the course “Top 10 Security Features to Enable within Microsoft 365” by Liam Cleary! Check it out: https://lnkd.in/gar4Rg-4 #microsoft365 #informationsecurityawareness.

April 16th, 2024 - Microsoft 365 and Security Webinar Join Skillsoft Global Knowledge for week three of our #MicrosoftHypeMonth! You can learn best practices for Microsoft Information Protection (MIP) mastery. In just one hour, you'll gain practical insights into classifying and labeling data, building data walls with access control, embracing encryption's shield, and best practices for MIP mastery. Register now: https://bit.ly/43SJdEN #Microsoft365 #MicrosoftSecurity #MicrosoftData

Hi all, Please join me for a webinar on July 11th where we will explore the powerful capabilities of Microsoft Entra Conditional Access and Security Service Edge. Sign up now! #MicrosoftEntraConditionalAccess #MicrosoftEntra #MSSP