Newsletter #7 2024
Published on: April 28, 2024
Hi,
First of all, thank you for subscribing and reading the EndpointCave security newsletter.
I feel honored that you will join me on the journey of this bi-weekly Security Newsletter! My goal is to deliver valuable security content directly to you and your inbox.
But I need your help, do you have any valuable content that needs to be shared with the community? Did you create a security blog post or did you find a security-related news item that needs to be mentioned in my upcoming newsletters?
Please send me a message. You can contact me on X (Twitter) or LinkedIn.
The community has created a lot of content. In this newsletter, I reviewed about 209 items, I selected 30 community blogs and 4 videos. I also highlighted the following items:
- Maester open source framework
- Some Fritz!Box modems might have been hijacked
- How to Become a Microsoft Copilot for Security Ninja: The Complete Level 400 Training
Enjoy
Highlights
Maester open source framework
Fabian Bader, Thomas Naunheim and Merill Fernando are excited to launch Maester, after working on this over many long nights and weekends! Maester is an open source framework to help you stay on top of your Microsoft tenant’s security configuration.
You can write automated regressions tests for your Conditional Access policies using the awesome new Microsoft Entra Conditional Access What If API! To help you get started we include over 60+ tests out of the box and more being added. Their initial focus has been on Entra and they look forward to having more collaborators joining us to expand the out-of-the-box tests to other products.
All the details over at maester.dev
Some Fritz!Box modems might have been hijacked
Fritz!Box devices using custom DNS resolution services like Pihole or Adguard might have been compromised by DNS hijacking and using those Fritz!Box devices might be unsafe, especially for Windows users. After posting the article on HN, Marco came to the conclusion based on comments from other HN commenters that the Fritz!Box will not externally resolve *.fritz.box domain names. This it not the case if you use your own DNS resolution service like Pihole or Adguard however, in which case your DNS resolution could still be hijacked.
More information: Click here
How to Become a Microsoft Copilot for Security Ninja: The Complete Level 400 Training
This course is designed to equip you with the necessary skills to effectively utilize Microsoft Copilot for Security, a cloud-based platform renowned for providing comprehensive visibility and safeguarding of organizational assets and data. You’ll learn to monitor, detect, analyze, and respond to security threats across hybrid environments.
The course is divided into three parts—beginner, intermediate, and advanced—each consisting of several modules that explain different aspects and features of Copilot for Security. After completing each module, you will be given a knowledge assessment to measure your comprehension and retention of the information presented. Furthermore, participants will have access to additional resources and dedicated support, ensuring a guided and enriching learning experience.
More information: Click here
Security topics to watch
MPARR 2 – How to build Power BI reports from scratch
In this video, Sebastian Zamorano & MPARR will explain: How to build Power BI reports from scratch using the data collected by MPARR. On that session was presenting tips, how you can get some information, queries on Kusto, export the data to Power BI, Geolocation and more
Secure AI applications using Microsoft Defender for Cloud Apps | Microsoft Secure Tech Accelerator
Learn how to discover, manage, and monitor the usage of Generative AI applications in your environment using Microsoft Defender for Cloud Apps.
POCaaS Session 1: ITDR Introduction and Prevention Capabilities
In this video, Chris will explain Microsoft’s vision on ITDR and why having capability here is so important in the modern-day threat landscape. They will also introduce one of the core pillars of ITDR, prevention, and understand how adaptive controls and security posture are a critical foundation.
Microsoft Data Loss Prevention Policies Demystified: Step-by-Step Tutorial
In this video, Peter will prep for the SC-400 Exam. Microsoft Data Loss Prevention Policies Demystified: Step-by-Step Tutorial In this tutorial, dive into the mysteries of Microsoft 365 Data Loss Prevention Policies (DLP). Learn how to protect sensitive information and prevent data leaks outside your organization. From policy creation to deployment.
Blogs from the community
This is the end of this newsletter. Thank you for reading the Endpoint Security newsletter, I hope you have found valuable content that you can use.
Do you have any feedback? Please feel free to share your thoughts and suggestions with me for future editions. Any valuable content of blogs that I need to monitor or share. Please send me a message. You can contact me on X (Twitter) or LinkedIn.
Kind Regards,
René Laas – MVP
EndpointCave