Some stuff to read … https://learn.microsoft.com/de-de/graph/permissions-reference #Microsoft #Azure #GraphAPI Reference with explanations for each privilege…
pebes
Know what your #enemy does:
https://microsoft.github.io/Azure-Threat-Research-Matrix/
#Microsoft #M365 #Threat-Matrix shows how attackers work from Initial Access to Persistence.
How does DevSecOps work?
Not very Well ...
https://www.datadoghq.com/state-of-devsecops/
Administrative-tier-model to impede privilege escalation attacks in 2024:
Wondering about E-Mail-Security configuration regarding senders and their authentication? #BSI TR-03182 is here to safe your day:
BSI-compliant e-mail authentication involves #SPF #DKIM #DMARC - great to have it standardized now.
Hunting for Threats in #M365? Watch those Events collected by #MSIRT: https://www.microsoft.com/content/dam/microsoft/final/en-us/microsoft-brand/documents/MSFT-IR-UAL-Entra-Guide-JAN24.pdf
Find out what‘s happening in your tenant using the #Microsoft Unified Audit Log to identify malicious activities:
Great to read: #Microsoft IR Team on Common Attacks against identities and recommendations to impede them.
Pretty cool next step to optimize phishing - using Microsoft DevTenants with custom domains:
https://badoption.eu/blog/2023/12/03/PhishingInfra.html
Phishing from within .. so to say .. and with the trust everyone puts into *.protection.outlook.com senders.
Great post about current #Microsoft #Azure / #M365 attack tooling including #evilginx and #roadtools.
The posting also describes the automation from capturing tokens to exfiltrate data - good luck defenders when not automating the defense …
How to manage your #M365 tenant configuration? Using desired state machine of course: https://microsoft.github.io/Microsoft365DSC/user-guide/get-started/introduction/
A #PowerShell Module that helps to automate tasks in the #Microsoft 365 World including Import and Export of configuration.
#Microsoft Release Updates to the #Defender Attack Surface Reduction rules and docs: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide
#ASR provides additional protection against specific attacks - if you use #MDE as primary AV solution. It's worth a try.
#ransomware #infosec
Nice summary of #ad #pentest Tools and Commands: https://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
Including "stealthy" get-aduser and Common #bloodhound #rubeus and #powerview
Tricking #Fingerprint readers? Nice idea and Write up: https://blackwinghq.com/blog/posts/a-touch-of-pwn-part-i/
The attack does Not Fake a finger, but changes the database used by the Reader for #dell, #lenovo and #microsoft surface.
Learn how to #secure you #M365 / #Azure Tenant from scratch in under 3 hours with this #Udemy course: https://www.udemy.com/course/microsoft-cloud-and-m365-security-fundamentals/learn/
All #security basics hands-on explained in #Entra ID!
There are many lists with #Cybersecurity #BlackFriday offers. The most comprehensive one right now seems to be: https://github.com/0x90n/InfoSec-Black-Friday
News for #Entra ID from #MS #Ignite - https://www.youtube.com/watch?v=5ti7REV7Yfo
Attacking #Windows environments using by relaying Kerberos - still a topic - https://github.com/cube0x0/KrbRelay
Crazy days regarding #OpenAI and #Microsoft - https://www.theverge.com/2023/11/20/23968988/openai-employees-resignation-letter-microsoft-sam-altman
Managing OpenAI with just a few people left in the company? Hard work ...
Client Info
Server: https://mastodon.social
Version: 2025.07
Repository: https://github.com/cyevgeniy/lmst