Trouble with Microsoft Office 365 Apps has disappeared – Trouble with ASR
Marius Sandbu
by Marius Sandbu
2w ago
Today many organizations got faced with the issue that they have lost all access to their Microsoft apps, such as outlook/excel/word from their Windows machines. This is a bug caused by the latest signature updates from Microsoft (It comes with defender version 1.381.2140) and will impact machines that have ASR (Attack Surface Reduction Rules) that are configured to block “Block Win32 API calls from Office macro”  Latest security intelligence updates for Microsoft Defender Antivirus and other Microsoft antimalware – Microsoft Security Intelligence You can also see that status from Mi ..read more
Visit website
Auditing Windows File Servers with Azure Sentinel / Log Analytics
Marius Sandbu
by Marius Sandbu
3w ago
A colleague of mine asked if he could use Azure Sentinel / Log Analytics to audit the usage of a Windows File server, hence this blog post saw the light of day. In migration projects, you might need to see, who is actually using the file server??? Before you start migrating data or deleting data that you might not even need anymore. Therefore, you might need to do an audit of who is using it over a course of 14 days to verify that you don’t delete or migrate data that is actively being used. Within Windows, you don’t have a lot of built-in mechanisms to do audit checks of file access to a file ..read more
Visit website
New book – Windows Ransomware Protection and Detection
Marius Sandbu
by Marius Sandbu
1M ago
For the last year or so I’ve been working on a new book project. Given the last few years, I’ve been working a lot with customers that have been impacted by ransomware or wanted to implement more countermeasures. Therefore, last year I pitched my idea to Packt Publishing about my book idea and they were on board! The book itself is now available for pre-ordering on Amazon which you can find here –> Windows Ransomware Protection and Detection: Countermeasures using practical approaches to reducing the risks of attacks on your infrastructure: Amazon.co.uk: Marius Sandbu: 9781803246345: Books ..read more
Visit website
OpenAI – Use cases and Automation
Marius Sandbu
by Marius Sandbu
1M ago
A Couple of days ago, the people at OpenAI released ChatGPT which is an AI-based system optimized for dialogue. The service is available for free preview here –> ChatGPT (openai.com)  The service itself uses large language models trained by OpenAI and uses deep learning to generate natural language text based on the input. The service has support for a wide range of different languages such as: English, Spanish, French, German, Italian, Portuguese, Dutch, Norwegian, Swedish, Danish, Finnish, Polish, Czech, Russian, Arabic, Chinese, Japanese, Korean, Hindi, Bengali, Urdu ..read more
Visit website
DevSecOps and Securing the Developer Experience
Marius Sandbu
by Marius Sandbu
2M ago
For the last decade, I’ve worked a lot with building virtual apps and desktops from a lot of different providers, going from Citrix, VMware, Microsoft, and even old 2X and Dell vWorkspace even… The focus was always providing in most cases a centralized secure workspace for end-users, which needed to access their applications whether it be a Windows application or web-based application. We have also seen we also have had the ability to provide CAD engineers with GPU-powered workspaces as well still against many of the same Windows applications.  VDI platforms have been ..read more
Visit website
Azure Deployment Environments – Self-service Azure
Marius Sandbu
by Marius Sandbu
2M ago
One of the things that we have been trying to solve repeatedly is a way to provide self-service mechanisms for developers when it comes to building public cloud services. Where we want to provide developers with a predefined service catalog that contains different packaged services or even a full environment that they can order on-demand. I’ve spent a lot of time on CMP (Cloud Management Platforms) that tries to solve this by providing a centralized self-service portal across different cloud platforms. Either by using its own automation engine or using existing tooling such as Terraform, Ansib ..read more
Visit website
Tessell – A new way to provide DBaaS in Public Cloud
Marius Sandbu
by Marius Sandbu
3M ago
One of the compelling reasons of using PaaS services in the Public Cloud, is the ease of management- and lowering the complexity of use. Such as with the use of Database Services, where you no longer need to manage a complex cluster of machines that are responsible for running one of the most heavy workloads – databases. Therefore, many want to use managed PaaS services for hosting their database workloads to remove much of that complexity. There are a lot of different options from the different vendors, depending oh what kind of database engine that you need to host your workload. Here w ..read more
Visit website
Security Vulnerability in OpenSSL CVE-2022-3602 (RCE) and CVE-2022-3786 (DOS)
Marius Sandbu
by Marius Sandbu
3M ago
Earlier today a new Security Vulnerability was disclosed in the popular OpenSSL (libssl) Library (affecting products using OpenSSL 3.0.0-3.0.6.) which affects most software companies in the world. The OpenSSL team released an updated version of the library today 3.0.7. OpenSSL CVE-2022-3602 (RCE) and CVE-2022-3786 (DOS) published earlier today and was fixed in the release 3.0.7 NOTE: The chances of being able to exploit this vulnerability is really low, since there are a lot of requirements that needs to be in place for someone to be able to successfully exploit it, more details here –> ..read more
Visit website
Microsoft Premium V2 SSD – CSI v2 and AKS PVC Resizing
Marius Sandbu
by Marius Sandbu
3M ago
Microsoft has recently released Premium SSD P2 Disk. This new feature is highlighting a change in the underlying architecture of the storage service in Azure. Before this v2 release, the performance of a disk was always associated with the size of the disk. With the v2 release, there are numerous improvements to the disk service. Among other things you have the ability now to define what kind of IOPS and bandwidth you want without the need to have a larger size on the disk. Also, you can define size more granularly with 1 GB increments, and unlike regular premium disks. (Well almost close to t ..read more
Visit website
Microsoft Defender falsely detecting Win32/Hive.ZY
Marius Sandbu
by Marius Sandbu
3M ago
Just a quick post, after a recent signature update to Microsoft Defender (This one –> Antimalware updates change log – Microsoft Security Intelligence)  you might get these events from Defender. This was a false positive and has been fixed in the latest signature updates from Microsoft Antimalware updates change log – Microsoft Security Intelligence (1.373.1537.0 ..read more
Visit website

Follow Marius Sandbu on Feedspot

Continue with Google
OR