Hi All, I've heard from OneNote Phishing in the last few Months. That seems to be a new way of Attack. Sadly i don't know the exact details of that Attack. What came to my mind was to block OneNote Attachments in the Malware Filter.
Microsoft: Besserer Schutz vor riskantem OneNote-Phishing geplant
https://www.heise.de/news/Microsoft-Besserer-Schutz-vor-riskantem-OneNote-Phishing-geplant-7543318.html Also Microsoft want's to improve here according to the M 365 Roadmap https://www.microsoft.com/de-ch/microsoft-365/roadmap?filters=&searchterms=122277
I've checked the OneNote file Extensions on my Computer
Hi All, Yesterday a new Preview Version of the ExchangeOnlineManagement PowerShell Module has been released to the PowerShell Gallery.
ExchangeOnlineManagement 3.2.0-Preview2
https://www.powershellgallery.com/packages/ExchangeOnlineManagement/3.2.0-Preview2
Check what Module is installed and what's available from the PowerShell Gallery.
Get-InstalledModule ExchangeOnlineManagement Find-Module ExchangeOnlineManagement -AllowPrerelease
To install the Module Side by Side you have to use the -Force Parameter
Install-Module ExchangeOnlineManagement -AllowPrerelease -Force Get-InstalledModule ExchangeOnlineManagement -AllVersions
Make sure the new Module is loaded
Import-Module ExchangeOnlineManagement Get-Module
Hi All, Yesterday i've got again a Message that a new Version is available for Jabra Direct. Release Notes
https://www.jabra.com/support/release-notes/release-note-jabra-direct
Regards Andres Bohren
Hi All, There is a Outlook Escalation of Privilege Vulnerability in Outlook. Tony Redmond has explained that very well
Outlook Elevation of Privilege Vulnerability Leaks Credentials via NTLM
https://practical365.com/cve-2023-23397-ntlm-vulnerability/
Microsoft Outlook Elevation of Privilege Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397 Exchange CSS has released a Script to test and mitigate
CVE-2023-23397 script
https://microsoft.github.io/CSS-Exchange/Security/CVE-2023-23397/ Exchange On Prem You need to have an RBAC Admin Role that allows Application Impersonation and assign an Account. If you don't have that Role you can create it New-RoleGroup -Name "
Hi All, Today the March 2023 Exchange Server Security Updates have been released.
Released: March 2023 Exchange Server Security Updates
https://techcommunity.microsoft.com/t5/exchange-team-blog/released-march-2023-exchange-server-security-updates/ba-p/3764224 Description of the security update for Microsoft Exchange Server 2019, 2016, and 2013: March 14, 2023 (KB5024296)
https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-microsoft-exchange-server-2019-2016-and-2013-march-14-2023-kb5024296-e13b0369-2102-4c95-bee2-456514630727
Security Update For Exchange Server 2016 CU23 SU7 (KB5024296)
https://www.microsoft.com/en-us/download/details.aspx?id=105091
The downloaded exe File extracts then starts the Installation in a elevated Promt After the Security Update is installed, it is a good idea to restart the Server.
Hi All, A few days ago, i was very enthusiastic, because i found some new Logs in Azure Active Directory Diagnostic Settings EnrichedOffice365AuditLogs MicrosoftGraphActivityLogs I've enabled all those logs
But i could not see any new Tables in the Log Analytics Workspace
So i googled around and found out, that you can enable those logs, but the Tables are not created unless you where in the Preview :(
Integrate Azure AD logs with Azure Monitor logs
Hi All, GitHub recently announced that they will make Two Factor Authentication (2FA) mandatory.
Raising the bar for software security: GitHub 2FA begins March 13
https://github.blog/2023-03-09-raising-the-bar-for-software-security-github-2fa-begins-march-13/ Let's enable that straight away. I've logged into my Github Account. Under "Password and Authnentication" you can enable Multifactor Authentication.
In my Case GitHub Mobile was used to verify my Access
The Website showed a code i had to Enter in the GitHub Mobile App
Hi All, Yesterday i stumbled across something odd. Did not see the M365 Groups in Outlook for Windows anymore. They seem to be gone in the newest Version. Let's start at the beginning. Office in the Current Channel
Outlook Profile is set up with Cached Mode (without Chached Mode you don't see the M365 Groups either). As you can see the Groups are listed here
The cached Files are stored in C:\Users\<Username>\AppData\Local\Microsoft\Outlook
Hi All, Just a few Hours ago, a new Version of the AZ PowerShell Module has been released to PowerShell Gallery. Az 9.5.0
https://www.powershellgallery.com/packages/az/9.5.0 Release Notes
https://learn.microsoft.com/en-us/powershell/azure/release-notes-azureps
Show Installed AZ Module and what's available in the PowerShell Gallery
Get-InstalledModule AZ
Find-Module AZ #Run Script directly from GitHub $ScriptFromGitHub = Invoke-WebRequest "https://raw.githubusercontent.com/BohrenAn/GitHub_PowerShellScripts/main/Azure/Cleanup-AZModules.ps1" Invoke-Expression $($ScriptFromGitHub.Content) The AZ Module is just a Wrapper Module for all AZ* Modules Get-InstalledModule AZ* Regards Andres Bohren
Hi All, Do you know the User reported Settings in Microsoft 365 Defender for Office 365? For instance, you can send the Mails that a user reports with the "Report Message" Add-In to Microsoft also to a reporting Mailbox that you own.
User reported settings
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/submissions-user-reported-messages-custom-mailbox?view=o365-worldwide User Reported Settings
https://security.microsoft.com/securitysettings/userSubmission I've enabled that a while ago. As you can see the Reporting Mailbox receives all types: - Junk - Phishing - Not Junk