Newsletter #7 2024

Published on: April 28, 2024

Hi,

First of all, thank you for subscribing and reading the EndpointCave security newsletter.

I feel honored that you will join me on the journey of this bi-weekly Security Newsletter! My goal is to deliver valuable security content directly to you and your inbox.

But I need your help, do you have any valuable content that needs to be shared with the community? Did you create a security blog post or did you find a security-related news item that needs to be mentioned in my upcoming newsletters?

Please send me a message. You can contact me on X (Twitter) or LinkedIn.

The community has created a lot of content. In this newsletter, I reviewed about 209 items, I selected 30 community blogs and 4 videos. I also highlighted the following items:

  • Maester open source framework
  • Some Fritz!Box modems might have been hijacked
  • How to Become a Microsoft Copilot for Security Ninja: The Complete Level 400 Training

Enjoy

Highlights

Maester open source framework

Fabian Bader, Thomas Naunheim and Merill Fernando are excited to launch Maester, after working on this over many long nights and weekends! Maester is an open source framework to help you stay on top of your Microsoft tenant’s security configuration.

You can write automated regressions tests for your Conditional Access policies using the awesome new Microsoft Entra Conditional Access What If API! To help you get started we include over 60+ tests out of the box and more being added. Their initial focus has been on Entra and they look forward to having more collaborators joining us to expand the out-of-the-box tests to other products.

All the details over at maester.dev

Some Fritz!Box modems might have been hijacked

Fritz!Box devices using custom DNS resolution services like Pihole or Adguard might have been compromised by DNS hijacking and using those Fritz!Box devices might be unsafe, especially for Windows users. After posting the article on HN, Marco came to the conclusion based on comments from other HN commenters that the Fritz!Box will not externally resolve *.fritz.box domain names. This it not the case if you use your own DNS resolution service like Pihole or Adguard however, in which case your DNS resolution could still be hijacked.

More information: Click here

How to Become a Microsoft Copilot for Security Ninja: The Complete Level 400 Training

This course is designed to equip you with the necessary skills to effectively utilize Microsoft Copilot for Security, a cloud-based platform renowned for providing comprehensive visibility and safeguarding of organizational assets and data. You’ll learn to monitor, detect, analyze, and respond to security threats across hybrid environments.

The course is divided into three parts—beginner, intermediate, and advanced—each consisting of several modules that explain different aspects and features of Copilot for Security. After completing each module, you will be given a knowledge assessment to measure your comprehension and retention of the information presented. Furthermore, participants will have access to additional resources and dedicated support, ensuring a guided and enriching learning experience.

More information: Click here

Security topics to watch

MPARR 2 – How to build Power BI reports from scratch

In this video, Sebastian Zamorano & MPARR will explain: How to build Power BI reports from scratch using the data collected by MPARR. On that session was presenting tips, how you can get some information, queries on Kusto, export the data to Power BI, Geolocation and more

Click here to view the video on YouTube

Secure AI applications using Microsoft Defender for Cloud Apps | Microsoft Secure Tech Accelerator

Learn how to discover, manage, and monitor the usage of Generative AI applications in your environment using Microsoft Defender for Cloud Apps.

Click here to view the video on YouTube

POCaaS Session 1: ITDR Introduction and Prevention Capabilities

In this video, Chris will explain Microsoft’s vision on ITDR and why having capability here is so important in the modern-day threat landscape. They will also introduce one of the core pillars of ITDR, prevention, and understand how adaptive controls and security posture are a critical foundation.

Click here to view the video on YouTube

Microsoft Data Loss Prevention Policies Demystified: Step-by-Step Tutorial

In this video, Peter will prep for the SC-400 Exam. Microsoft Data Loss Prevention Policies Demystified: Step-by-Step Tutorial In this tutorial, dive into the mysteries of Microsoft 365 Data Loss Prevention Policies (DLP). Learn how to protect sensitive information and prevent data leaks outside your organization. From policy creation to deployment.

Click here to view the video on YouTube

Blogs from the community

This is the end of this newsletter. Thank you for reading the Endpoint Security newsletter, I hope you have found valuable content that you can use.

Do you have any feedback? Please feel free to share your thoughts and suggestions with me for future editions. Any valuable content of blogs that I need to monitor or share.  Please send me a message. You can contact me on X (Twitter) or LinkedIn.

Kind Regards,

René Laas – MVP
EndpointCave

Subscribe or follow me

DON’T MISS A BEAT

Receive the bi-weekly newsletter directly in your mailbox

Followon XSubscribeto RSS Feed

Latest blog posts