Newsletter #5 2023

Published on: November 05, 2023

Hi,

First of all, thank you for subscribing and reading the EndpointCave security newsletter.

I feel honored that you will join me on the journey of this bi-weekly Security Newsletter! My goal is to deliver valuable security content directly to you and your inbox.

But I need your help, do you have any valuable content that needs to be shared with the community? Did you create a security blog post or did you find a security-related news item that needs to be mentioned in my upcoming newsletters?

Please send me a message. You can contact me on Twitter (X) or LinkedIn.

It is already the fifth of November, which means less than 50 days to Christmas. But besides that in the last two weeks, the community has created a lot of content, which I will share with you.

Highlights

Microsoft copilot has finally been released

Common Vulnerability Scoring System Version 4.0

CVSS version 4.0 is the next generation of the Common Vulnerability Scoring System standard.

Some of the changes incorporated into CVSS v4.0 include:

  • Reinforce the concept that CVSS it not just the Base score
  • Finer granularity through the addition of new Base metrics and values:
  • Enhanced disclosure of impact metrics:
  • Temporal metric group renamed to Threat metric group
  • New Supplemental Metric Group to convey additional extrinsic attributes of a vulnerability that do not affect the final CVSS-BTE score
  • Additional focus on OT/ICS/Safety

Read more about the new CVSS version 4.0

Auto-rollout of basic Conditional Access policies to protect your Microsoft tenant

Don’t be surprised when you get more MFA requests than usual somewhere in November, Microsoft will now auto-create & enable MFA policies to protect tenants. In my point of view, these policies should have already been implemented by admins. If you want to know the impact, create Conditional Access policies and use the What If or report-only functionality.

Windows LAPS with Microsoft Entra ID is now GA!

Microsoft is excited to announce the general availability of Windows Local Administrator Password Solution (LAPS) with Microsoft Entra ID and Microsoft Intune. This capability is available for both Microsoft Entra joined and Microsoft Entra hybrid joined devices. It empowers every organization to protect and secure their local administrator account on Windows and mitigate any Pass-the-Hash (PtH) and lateral traversal type of attacks. 

Read more information here.

Security topics to watch

Microsoft Security Copilot is the first generative AI security product that allows organizations to defend at machine speed. This demonstration of Microsoft Security Copilot exhibits an incident response scenario. Security Copilot pulls data from Microsoft 365 Defender, Microsoft Sentinel, Microsoft Defender Threat Intelligence, and Microsoft Intune to provide next-level enrichment and context to the security analyst performing the investigation. Follow along as the incident is summarized, threat intelligence profiles are revealed, device context is added, natural language is translated to Kusto Query Language for simplified threat hunting, and a reported is generated, all with natural language prompts.

Click here to view the video on YouTube

Pouyan, Frans, and Sander are thrilled to announce the launch of their brand-new podcast series: TalkingSecurity – The DevSecOps Roundtable: Innovate, Integrate, Secure!

In the first episode, they will kick off with a hot topic in the DevSecOps world – The Developer’s Workstation. they explore the developers’ workstations and discuss how to secure them properly while ensuring everyone is happy. Developers’ workstations are often the first line of defense against cyberattacks, as they contain sensitive data and code that can be compromised. However, developers also need the freedom and flexibility to work efficiently and creatively, without being hindered by excessive security controls or policies.

Click here to view the video on YouTube

Want to automate actions that your organization does during the lifecycle of when users join/move/and leave your organization? Join The Microsoft 425Show (Presented by Kristina Smith and Jef Kazimer) for a deep dive into the Microsoft Entra ID Governance Lifecycle workflows feature and learn how you can move from doing manual tasks to automation at scale!

Click here to view the video on YouTube

Blogs from the community

This is the end of this newsletter. Thank you for reading the Endpoint Security newsletter, I hope you have found valuable content that you can use.

Do you have any feedback? Please feel free to share your thoughts and suggestions with me for future editions. Any valuable content of blogs that I need to monitor or share.  Please send me a message. You can contact me on Twitter (X) or LinkedIn.

Kind Regards,

René
EndpointCave

Subscribe or follow me

DON’T MISS A BEAT

Receive the monthly newsletter directly in your mailbox

Followon XSubscribeto RSS Feed

Latest blog posts