Microsoft Security Summit Greece

Microsoft Security Summit Greece

Given the recent events in Europe, cybersecurity has become imperative as a national and a business priority. Furthermore, governments and organizations are looking to harden their digital networks and protect their critical infrastructure from cyber-attacks. Microsoft’s Security Summit aims to provide key insights on current and future cybersecurity trends, uncover Microsoft’s security strategy and internal … Read more

Deprecation of basic authentication in Exchange Online

Exchange Online migration design considerations

Introduction Microsoft has announced the deprecation of Basic authentication in Exchange Online. Basic authentication will be permanently disabled in Exchange Online on October 1st, 2022. More specifically, Microsoft is removing the ability to use Basic authentication in Exchange Online for Exchange ActiveSync (EAS), POP, IMAP, Remote PowerShell, Exchange Web Services (EWS), Offline Address Book (OAB), … Read more

PCI DSS 4.0 has been released

PCI DSS 4.0

The Payment Card Industry Data Security Standard (PCI DSS) is a global standard that provides a baseline of technical and operational requirements designed to protect account data. It is a multi-layered set of specifications which target at acceptable security and privacy levels for all organizations which process any type of payment cards in their transactions … Read more

OCSP SHA-1 support ending 30 May 2022

security and privacy

OCSP SHA-1 support ending 30 May 2022 Microsoft has announced the sunset for SHA-1 Online Certificate Standard Protocol signing. Microsoft is updating the Online Certificate Standard Protocol (OCSP) service to comply with a recent change to the Certificate Authority / Browser Forum (CA/B Forum) Baseline Requirements. This change requires that all publicly-trusted Public Key Infrastructures … Read more

Microsoft 365 secure score top 10 improvement actions

security and privacy

Introduction Microsoft 365 security score is a consolidated security score based on Microsoft best practice security configurations for Microsoft 365 tenants. The higher the score the higher theoretically your overall Microsoft 365 tenant security levels. The score comprises a list of improvement actions based on your current security posture. Not all improvement actions may be … Read more

TLS 1.0 and 1.1 deprecation in Azure services

TLS on Azure services

Overview Some of TLS protocols (TLS 1.0 and TLS 1.1) as well as ciphers suites (3DES –  TLS_RSA_WITH_3DES_EDE_CBC_SHA) are gradually being deprecated from all software systems (client and server). This undoubtably affects Azure services as well. If there is a mismatch in the TLS configuration among the components of your Azure solution, you may encounter … Read more

Mainboard TPM 2.0 hardware support for Windows 11

TPM-2.0-module-card

For upgrade instructions from Windows 10 to Windows 11, review the following article: https://stefanos.cloud/blog/upgrade-to-windows-11/. Mainboard TPM 2.0 hardware support Many Windows 10 PC owners these days are looking for ways to upgrade their PC to Windows 11. One mandatory preparation step is to ensure there is support for the Trusted Platform Module (TPM) version 2.0. … Read more

Exchange Online and SharePoint Online data protection mechanisms

Exchange Online and SharePoint Online data protection mechanisms

All Office365 components are adequately protected from accidental deletion via the usage of various Office365 features. The following features are offered out of the box for Office 365 data protection. Feature Sharepoint and OneDrive for Business Recycle Bins In SharePoint Online, items are retained for 93 days from the time you delete them from their … Read more

Microsoft acquires CloudKnox Security to offer unified privileged access and cloud entitlement management

cloudknox

The acquisition of CloudKnox further enables Microsoft Azure Active Directory customers with granular visibility, continuous monitoring and automated remediation for hybrid and multi-cloud permissions. Microsoft is committed to providing their customers with unified privileged access management, identity governance and entitlement management including: Automated and simplified access policy enforcement in one integrated multi-cloud platform for all … Read more

Overview of Microsoft Azure Security Tools

Microsoft Security Portal

Microsoft Azure Security Tools Besides the Microsoft Security Response Center (MSRC), Microsoft offers a handful of security related tools and APIs which are available via Web-based consoles, Microsoft Graph API and Powershell. By navigating to https://security.microsoft.com/info, you should be able to utilize all available security tools and consoles as described below. Microsoft 365 security center. … Read more

Darpa research on next generation Fully Homomorphic Encryption

FHE encryoption

DARPA Fully Homomorphic Encryption (FHE) Protecting and preserving personally identifiable information (PII), intellectual property, intelligence insights, and other forms of sensitive information has never been more critical. A steady cadence of data breaches and attacks are reported seemingly daily. As the use of cloud computing and virtual networks becomes increasingly pervasive for storing, processing, and … Read more

Microsoft Exchange Server critical patches

Microsoft Exchange Server

Microsoft announcement Microsoft has recently identified zero-day exploits and vulnerabilities in all active Exchange Server on-premise released and has announced (March 2021) that a series of critical patches have been released for all Exchange Server on-premise versions (2013, 2016, 2019) which mitigate the vulnerabilities. Exchange Server Online is not affected. To urgently patch the Exchange … Read more

Top 10 Cybersecurity Tips

Center for Internet Security

The Center for Internet Security (CIS) has recently published a useful security tips checklist. These tips are applicable at all times and should be taken into special consideration during the holiday season where online commerce activity is raised significantly. The top 10 cybersecurity tips at a high level are the following: Do not use public … Read more