The problem with OAuth apps is that they don’t ever fully uninstall themselves. The permissions are left there forever, even after you close the account, just waiting for a hacker to figure out how to exploit. In this blog I’ll show you what permissions are granted and how to remove them for M365 and Google users.
Defender
This newsletter is a curated blog roll of the 8 most important topics published by Microsoft in the previous week.
In today’s meeting, a person I met with was sent a meeting recap from “me”. Otter had joined a meeting that I was invited to and then emailed them that person a recap of our meeting. I was very disturbed by this event
You will have now prevented misleadingly named apps, potentially malicious apps, apps with misleading publisher names, apps performing unusual amounts of file downloads, the addition of credentials to OAuth, and apps with a strange ISP for an OAuth.
Microsoft Defender Vulnerability notifications sent an email informing about a new zero-day in Open SSL. I don’t use Open SSL intentionally so how am I subject to this zero-day?
In this session, I reviewed the very most important parts to start with when setting up your XDR. That doesn’t mean, skip the rest. It means start here and then go back through and configure everything.
It was my pleasure to introduce peer groups to Third Tier. In 2024, we’re introducing focused learning groups for Defender, Intune, Public speaking and more
Despite criminal masterminds and “security researchers” always coming up with the next greatest tool for causing financial damage to our businesses and economy, there are patterns.
Defense implies a reactionary approach. Prevention set the scene where ransomware can’t get you in the first place.
Many vendors call this Endpoint Detection and Response (EDR) or Extended Detection and Response (XDR). Microsoft calls it Defender for Business.