View profile

Microsoft Defender Weekly Wrap - Issue #40

Microsoft Defender Weekly Wrap
Microsoft Defender Weekly Wrap - Issue #40
By Microsoft Defender Weekly Wrap • Issue #40 • View online
Happy Friday, everyone! Thanks for your continued support for this community and this newsletter.
We’ve had a flurry of new subscribers this week, so I want to welcome all the new readers. I hope this community effort meets and exceeds your expectations.
I noted in the last issue that I’ll be heading off for a true vacation in the near future and there was a bit of hesitancy about whether the newsletter would deliver during that time. Those that have been here for a while know that this newsletter delivers every Friday without fail and has not missed an issue since the beginning.
I want to take a quick moment to thank those that have reached out to offer help and also make a big public, formal THANK YOU to my colleague Andrea Fisher, who will be stepping in and building and delivering the newsletter in my absence. You all are in wonderful hands, and I might add, you’ll probably beg me not to come back. Andrea is awesome.
Many of you are already familiar with the Microsoft Security Insights show that myself and a few of my colleagues host each Wednesday evening. For those not familiar, the hour-long dialog show introduces guests from various areas within Microsoft and some of our partners. It delivers live starting at 5pm EST every Wednesday. For those that miss the live event and miss asking live questions, the replay is available immediately after and the audio is delivered as a podcast the week after.
As an example, the next episode (117) is on August 31st, and features Kara Cole (CxE Program Manager) and Kim Griffiths (Program Manager for CxE and CAT). You can subscribe to the YouTube channel or set a notification to be reminded here:
This one will be extra interesting as a recent guest, Gary Bushey, will be guest hosting. Kara is Gary’s manager. Imagine trying to interview your own boss on a podcast.
I say all that to say this, for those that have been following along recently you’ve seen some interesting changes. We’ve recently changed our streaming platform to deliver to more people at once and begun to delve deeper into other engagement areas. This is in preparation for a Microsoft Security Insights conference we’re planning in February 2023. More to come on that and, if this interests you, you can keep tabs on the updates in our just christened LinkedIn page:
Hey all, for a limited time, there’s a 20% discount on Must Learn KQL merch. Just enter KQLFRIENDS at checkout.
As always, all proceeds go to St. Jude
One last thought…
This week, forward this newsletter to at least one person. It could be a colleague, it could be a customer. Someone you know could benefit from it.
That’s it from me from this week.
Talk soon.
P.S. Yes…the wife is back from her vacation and I’m sleeping much, much better.

Things to Attend
Stop Ransomware with Microsoft Security 2022 - Home - Home
Four Session Series Covering All Aspects of Microsoft Cyber Defense - Azure Cloud & AI Domain Blog
Things that are Related
Microsoft Learn modules for KQL
15. MustLearnKQL - The Distinct Operator
Migrate advanced hunting queries from Microsoft Defender for Endpoint | Microsoft Docs
MagicWeb: NOBELIUM’s post-compromise trick to authenticate as anyone - Microsoft Security Blog
Things to Have Cybersecurity: Attack and Defense Strategies: Improve your security posture to mitigate risks and prevent attackers from infiltrating your system, 3rd Edition eBook : Diogenes, Yuri, Ozkaya, Dr. Erdal: Kindle Store
Cyber Signals: Defend against the new ransomware landscape - Microsoft Security Blog
Defender for Endpoint Things
BLOG: Microsoft Defender for Endpoint - Block applications with Indicators - Microsoft Workplace Community Blog
BLOG: Microsoft Defender for Endpoint - Block applications with Indicators - Microsoft Workplace Community Blog
BLOG: Uncovering a ChromeOS remote memory corruption vulnerability - Microsoft Security Blog
BLOG: How to deploy Attack Surface Reduction rules to Azure VMs using Azure Guest Configurations - Microsoft Tech Community
Microsoft Defender for IoT Things
VIDEO: Critical Defense for IoT and OT environments: Microsoft Defender for IoT
Microsoft 365 Defender Things
BLOG: MERCURY leveraging Log4j 2 vulnerabilities in unpatched systems to target Israeli organizations - Microsoft Security Blog
BLOG: How to Get the KQL Query Created by the New 365 Defender Query Builder - Azure Cloud & AI Domain Blog
NEW: Hunt in Microsoft 365 Defender without KQL! - Microsoft Tech Community
VIDEO: Microsoft 365 Security Basics: Deploy MFA (4 Options)
BLOG: Using Microsoft Security APIs for Incident Response - Part 1 - Microsoft Tech Community
Defender for Cloud Apps Things
BLOG: Hunt for compromised Azure subscriptions using Microsoft Defender for Cloud Apps
Microsoft Purview Things
BLOG: Data governance: 5 tips for holistic data protection - Microsoft Security Blog
BLOG: Microsoft Purview Insider Risk Management | Admin Set-up Tutorial
BLOG: Co-authoring for files with sensitivity labels is now generally available on Android and iOS devices - Microsoft Tech Community
BLOG: Microsoft Purview DevOps policies enable at scale access provisioning for IT operations - Microsoft Tech Community
Defender for Office Things
BLOG: Introducing tenant blocks via admin submissions - Microsoft Tech Community
Windows Defender Things
BLOG: How to Verify the Most Current Defender AV Security Intelligence Update Versions on the Web - Azure Cloud & AI Domain Blog
BLOG: Looking for the ‘Sliver’ lining: Hunting for emerging command-and-control frameworks - Microsoft Security Blog
Did you enjoy this issue?
Microsoft Defender Weekly Wrap

The weekly Microsoft Defender Weekly Wrap newsletter helps uncover the new and important features and news for Microsoft's Defender-branded security tools.

In order to unsubscribe, click here.
If you were forwarded this newsletter and you like it, you can subscribe here.
Powered by Revue