Maecenas pharetra risus sit amet gravida fermentum. Mauris vitae magna maximus, tempus neque ac, feugiat velit. Etiam a enim nec quam fringilla cursus. In porttitor elit mi, at tempor lorem fringilla vitae. Proin in egestas purus. Cras vestibulum efficitur tempor. Morbi magna nisl, sollicitudin nec quam in, tempor convallis dolor. Nullam eu urna magna. Suspendisse […]

Vivamus quis placerat ligula, sed eleifend orci. Vestibulum ante ipsum primis in faucibus orci luctus et ultrices posuere cubilia Curae; Sed ornare nibh quis arcu pretium, eget ultrices enim euismod. Nullam sed rutrum odio. Nullam urna turpis, facilisis ut nunc vel, molestie ornare turpis. Integer ultrices magna sed justo mollis tempor. Lorem ipsum dolor sit […]

Pellentesque habitant morbi tristique senectus et netus et malesuada fames ac turpis egestas. Suspendisse lorem arcu, varius eu dapibus in, semper id nisl. Praesent sagittis quam non est rutrum, eu tempus dolor sodales. Nunc porttitor tempus rutrum. Aenean at sapien vel massa pellentesque pulvinar eget a erat. Ut ut est sed urna porta malesuada. Pellentesque […]

Etiam id ex at erat fermentum luctus maximus et justo. Aenean ultricies faucibus sagittis. Etiam ultrices mollis faucibus. Sed finibus neque nec eros posuere varius a a ante. Nulla euismod eget eros non posuere. Aliquam vel felis porta, egestas massa nec, mattis neque. Sed egestas fringilla dolor sit amet ullamcorper. Pellentesque habitant morbi tristique senectus […]

Maecenas pharetra risus sit amet gravida fermentum. Mauris vitae magna maximus, tempus neque ac, feugiat velit. Etiam a enim nec quam fringilla cursus. In porttitor elit mi, at tempor lorem fringilla vitae. Proin in egestas purus. Cras vestibulum efficitur tempor. Morbi magna nisl, sollicitudin nec quam in, tempor convallis dolor. Nullam eu urna magna. Suspendisse […]

Maecenas pharetra risus sit amet gravida fermentum. Mauris vitae magna maximus, tempus neque ac, feugiat velit. Etiam a enim nec quam fringilla cursus. In porttitor elit mi, at tempor lorem fringilla vitae. Proin in egestas purus. Cras vestibulum efficitur tempor. Morbi magna nisl, sollicitudin nec quam in, tempor convallis dolor. Nullam eu urna magna. Suspendisse […]

Artificial Intelligence (AI) has revolutionized the way we work, especially in document management. Microsoft Copilot, for example, is a powerful tool integrated into the Microsoft 365 suite to facilitate collaboration and boost productivity. However, when dealing with sensitive and confidential documents, its use raises crucial issues regarding security and compliance. In this article, we explore … […]

Coming soon: New security features for Microsoft Loop for organizations that have enabled sensitivity labels (also known as Microsoft Information Protection or MIP). Before this rollout, Microsoft Loop supports users or admins adding item-level sensitivity labels on all .loop files (including Loop components, Loop pages, and Copilot pages) in the Microsoft Loop app (on the web and … […]

Implementing multi-factor authentication (MFA) in the Microsoft 365 admin center significantly reduces the risk of account compromise, prevents unauthorized access, and safeguards sensitive data. By adding an extra layer of protection beyond standard username and password authentication, MFA makes it harder for attackers to steal data and prevents unauthorized access from phishing, credential stuffing, brute … […]

As part of ongoing improvements to bulk email filtering in Microsoft Defender for Office | Exchange Online Protection, Microsoft is refining our detection capabilities by recalibrating and redistributing bulk senders across different bulk complaint levels (BCL). This would automatically make the current bulk thresholds slightly more aggressive. As a consequence, Microsoft is updating bulk threshold for standard … […]

Microsoft is announcing that the prevent data exfiltration by securing app access feature will be available for public preview starting on October 7, 2024. How does this affect me?This feature will allow admins and makers to protect against data exfiltration by controlling what apps can be run in your Dataverse environment. This feature will help to prevent … […]

Customers are no longer required to have optional diagnostic data enabled as a prerequisite for the active usage metrics currently displayed in the Microsoft 365 Copilot usage report in the admin center and a subset of the metrics displayed in the Microsoft Copilot Dashboard in Viva Insights. The data that powers these metrics has been … […]

If your tenant uses legacy Exchange Online tokens, they will be deprecated and Outlook add-ins that still use them will break when tokens are turned off. NOTE: This change only applies to Exchange Online; add-ins used in on-premises environments are not impacted by this change. Recommended actions: When will Microsoft turn off legacy Exchange Online … […]

In Microsoft Entra ID, device-based Conditional Access to Microsoft 365 and Microsoft Azure resources on Red Hat Enterprise Linux will be generally available. When this will happen: General Availability (Worldwide): Microsoft will begin rolling out mid-August 2024 and expect to complete by late August 2024. How this will affect your organization: r> This release extends support … […]

The Attacker in the Middle detection will be Generally Available for users in Microsoft Entra ID Protection. When this will happen: General Availability (Worldwide): Microsoft will begin rolling out mid-August 2024 and expect to complete by late August 2024. How this will affect your organization: This high-precision detection will be triggered on a user account … […]

Microsoft Purview Insider Risk Management will roll out exfiltration of business sensitive data to free public domain emails. When this will happen: General Availability: available since July 2024. How this will affect your organization: We are enhancing the existing email insight alerts to provide additional information when business sensitive data is potentially leaked from a … […]

Coaching by Copilot for Microsoft Outlook email client now offers users the option to apply the coaching feedback and rewrite their email draft simply by using an Apply All button.  When this will happen: Public Preview: Microsoft will begin rolling out late August 2024 and expect to complete by late September 2024. General Availability: Microsoft will begin … […]

Through Microsoft Purview | Information Protection, and for greater consistency and reliability, Microsoft Word, Excel, and PowerPoint for Windows will soon display the same Data Loss Prevention policy tips that admins have set in their tenants for files on Microsoft SharePoint Online and Microsoft OneDrive sites. When this will happen: General Availability (Worldwide): Microsoft will … […]

Bulk emails play a crucial role in modern enterprise communications. Determining the right balance of these messages—what should be allowed and what should be blocked—poses a significant challenge. Many organizations default to standard settings, often leading to issues like false positives (FP) and false negatives (FN) in email. With Bulk Senders Insight in Microsoft Exchange Online Protection … […]

There is a new experience for selecting which users should have which permissions when a sensitivity label configured for user-defined permissions is applied to a file in Microsoft 365 apps or when a user applies protection using standalone Information Rights Management. When this will happen: Preview (Worldwide, GCC): Microsoft will begin rolling out mid-July 2024 … […]

Updated on July 20, 2024: Microsoft has released KB5042426, which contains step-by-step guidance for Windows Servers hosted on-premises that are running the CrowdStrike Falcon agent and encountering a 0x50 or 0x7E error message on a blue screen. Microsoft will continue to work with CrowdStrike to provide the most up-to-date information available on this issue.  A new USB … […]

Microsoft Defender for Office 365 is retiring four legacy override alerts that are now mostly redundant due to Secure by default. With Secure by default, ZAP (zero-hour auto purge) blocks high confidence phishing emails by default despite the legacy overrides. The four alerts are: As part of the deprecation and rollout, When is the change? Microsoft plan to … […]

Microsoft will be retiring the Files page from Microsoft Defender for Cloud Apps on September 1, 2024. Information Protection policies can be created, modified and explored via the Policy Management page. You can explore malware files on the Policy Management page. Read More

Your organization can now disable connected experiences for privacy concerns without impacting data security policies, such as sensitivity labels. Services associated with Microsoft Purview (sensitivity labels, rights management, and so on) are no longer controlled by policy settings to manage privacy controls for Microsoft 365 apps. Instead, these services will rely on their existing security admin controls in Purview … […]

If you use a Firewall (Windows or 3rd party), non-Microsoft anti-malware, or application control solution and had to add the Microsoft Defender for Endpoint process to an allowlist to run, then an additional process (“MpDlpService.exe”) will need to be added to your allowlist. Starting June 2024, we will be decoupling the Microsoft Purview Data Loss … […]

Coming soon: For Microsoft Purview, Microsoft will release a tenant-wide Hold report in eDiscovery (Premium). When this will happen: General Availability (Worldwide): Microsoft will begin rolling out mid-May 2024 and expect to complete by early June 2024. How this will affect your organization: The Hold report in eDiscovery (Premium) will let users with eDiscovery Administrator … […]

Microsoft Purview: Microsodt announced upcoming enhancements to Microsoft Purview Data Loss Prevention (DLP). With the forthcoming update, the capability to scan, classify, and protect sensitive content on Windows endpoint devices will be significantly expanded. The number of supported file types will increase from approximately 40 to over 100, aligning endpoint coverage with other platforms like … […]

Currently, in Microsoft Defender for Office 365, when a notification message is reported by an end user and arrives at the reporting mailbox, the subject lines begin with: Moving forward, the subject lines of notification messages reported by end users will start with This change is being made to ensure readability and enable you to create better … […]

Coming soon, Microsoft Purview Insider Risk Management will roll out exfiltration of business sensitive data to free public domain emails. When this will happen: Public Preview: Microsoft will begin rolling out mid-May 2024 and expect to complete by late May 2024. General Availability: Microsoft will begin rolling out late June 2024 and expect to complete … […]

Coming soon for Microsoft Purview Data Loss Prevention (DLP): Enhance your DLP incident management with the new send email notification remediation action and customize email templates in Purview DLP and Defender. Use dynamic variables and tokens to easily create and maintain consistent and efficient email communications, complete with an audit trail. Utilize these email templates to take … […]

In Microsoft Defender XDR for Office 365, Microsoft is enhancing the Submit to Microsoft for review options on the Email entity page and Summary panel so admins can convey whether they are submitting for a second opinion or submitting to confirm a clean or a malicious verdict. In the same workflow, we are also introducing the Entities allow option that Security … […]

In Microsoft Teams, Microsoft has introduced a new Tenant Federation setting to block all subdomains of domains in the federation Block list. If your organization is using a Block list to protect your users from malicious or other domains, you should enable this new setting to also protect users from all related subdomains without manually … […]

The Azure Information Protection (AIP) Unified Labeling add-in for Office is retired on April 11th, 2024. When this will happen: Important retirement milestones are: How this will affect your organization: To continue using sensitivity labels powered by Microsoft Purview Information Protection in Office applications, you must transition to the built-in labeling experience in Microsoft 365 … […]

Microsoft Outlook has added additional logging and Microsoft Purview eDiscovery support for Copilot in Outlook features that have already been released, and future Copilot in Outlook features as well. These features will be available in Outlook for Mac, web, iOS, Android, and the new Outlook for Windows. When this will happen: General Availability (Worldwide): Microsoft … […]

Microsoft is introducing password protected downloads of email messages from the Email Entity Summary Panel in Microsoft Defender for Office 365. Today, password protected downloads are available from the Quarantine experience.  When this will happen: General Availability: Microsoft will begin rolling out mid-March 2024 and expect to complete by late March 2024. How this will … […]

In Microsoft Defender for Office 365, Microsoft is rolling out new details on who or what is responsible for releasing a message from quarantine. These details will now be included in the email summary flyout panel accessible from the Quarantine page. When this will happen: General Availability : Microsoft will begin rolling out late March … […]

Microsoft Purview Insider Risk Management will be rolling out public preview of Global exclusions in the in the Microsoft Purview compliance portal. When this will happen: Public Preview: Microsoft will begin rolling out early May 2024 and expect to complete by mid-May 2024. General Availability: Microsoft will begin rolling out mid-August 2024 and expect to complete by … […]

As part of the transition to the Microsoft Defender XDR portal, the entire Microsoft Defender for Cloud Apps experience in the Microsoft 365 Defender XDR portal will be available for all supported by Defender for Cloud Apps admin roles. How this will affect your organization: For Public Preview customers, the entire Defender for Cloud Apps … […]

Microsoft Defender Antivirus is rolling out an update to the support plan for the anti-malware scan “engine update” (MpEngine.dll). To align with the current Defender Antivirus platform update, only N-2 versions will be supported. Reasons: When this will happen: General Availability : The changes will take effect May 1, 2024. How this will affect your … […]

Microsoft has identified an issue that affects Windows Server domain controllers (DCs), and has expedited a resolution that can be applied to affected devices. Out-of-band (OOB) updates have been released for some versions of Windows today, March 22, 2024, to addresses this issue related to a memory leak in the Local Security Authority Subsystem Service (LSASS). … […]

Coming soon, Microsoft Purview Insider Risk Management will be rolling out a public preview of policy wizard enhancements. Microsoft Purview Insider Risk Management correlates various signals to identify potential malicious or inadvertent insider risks, such as IP theft, data leakage, and security violations. Insider Risk Management enables customers to create policies based on their own … […]

The Microsoft Graph eDiscovery premium API that supports Purge for Teams messages will now expand to support items stored in Microsoft Exchange including emails, calendar invitations, and more. In addition to expanding to support Exchange email items and Microsoft Teams, the limit for each purge action per unique location will expand from 10 items per … […]

Starting today, Copilot in Windows (in preview)* begins to roll out to more Windows 11 and Windows 10 devices. In addition, starting this week, people can access up to 10 Copilot requests in Windows before signing in with a Microsoft account or Microsoft Entra ID. After reaching this limit, it will be necessary to sign in … […]

There is now increased information in the alert email notification sent to the Data Loss Prevention (DLP) admins upon a DLP policy match. Previously a DLP alert email only included the user activity and the type of sensitive information matched in the alert. Now, DLP admins will get additional context such as alert ID, policy … […]

The March 2024 security update is available for Windows 11 and all supported versions of Windows 10. For more information about the contents of this update, see the release notes, which are easily accessible from the Windows 11 and Windows 10 update history pages. Highlights for the Windows 11, versions 23H2 and 22H2 update:  REMINDER The June 2024 security update … […]

In Microsoft Defender for Office 365, Microsoft is updating the way end users allow and block emails in Exchange Online.  When this will happen: Microsoft will begin rolling out late April 2024 and expect to complete by mid-May 2024. How this will affect your organization: With one click, end users will block emails from unwanted … […]

Update of https://thibaultchatiron.fr/2023/07/31/use-double-key-encryption-to-protect-your-most-sensitive-files-and-emails-in-microsoft-365-apps/ To protect your most sensitive content, users of Microsoft 365 Apps can now use Double Key Encryption (DKE) for files and emails using the built-in labeling client. With DKE, Microsoft stores one key in Microsoft Azure and you hold the other key, ensuring that only you can ever decrypt protected content, under all circumstances. … […]

Microsoft Purview Information Protection helps organizations classify and protect their data while ensuring end user productivity. To apply a sensitivity label to documents, emails, meetings, groups, and sites manually, the following licenses are required for both the tenant admin and each end user: For both client and server-side automatic sensitivity labeling, the following licenses are … […]

Conditional Access authentication strengths in Microsoft Entra ID will be improved to support registration of device-bound passkeys (defined at passkeys.dev) stored on computers, security keys, and mobile devices.  When this will happen: Public Preview: Microsoft will begin rolling out early March 2024 and expect to complete by mid-March 2024. Worldwide: Microsoft will begin rolling out late … […]

Microsoft is adding new fields in Microsoft Exchange to help prevent data loss. With these updates, admins can see more details about the attachments that are present in the email that violated the Data Loss Prevention (DLP) rules, including name, size, and labels. There will be new fields for the attachments that are in emails when … […]

In Microsoft Purview, Data Loss Prevention (DLP) analytics is a feature that enables you to analyze data protection challenges, gaps, policy, and posture enhancement possibilities in the organization. Use intelligent Purview features to explore these challenges and resolve them in a few easy steps. After you turn on analytics, you can review analytics and recommendations … […]

Admins can manage add-ins across Outlook, Word, Excel, and PowerPoint from the Integrated Apps blade in the Microsoft 365 Admin Center. This capability is currently available to Global Administrators, Global Readers, Exchange Administrators, and Azure Application Administrators. Going forward, Microsoft is suspending capability for Azure Application Administrators from management of add-ins across Outlook, Word, Excel, and … […]

Quarantine End User Allow and Block list management, sign in to the security portal will be required for the Block Sender action in Quarantine notifications.  When this will happen: Microsoft will begin rolling out early March 2024 and expect to complete by mid-March 2024. How this will affect your organization: When the user clicks on … […]

Microsoft would like to inform you about an upcoming change in the way you access and manage your Exchange Online audit logs. Starting April 30, 2024, Microsoft will be retiring the following four cmdlets in the Exchange Online V3 module: When this will happen: Microsoft will roll out this change late April 2024 and expect … […]

Microsoft is retiring the Azure Information Protection (AIP) Unified Labeling add-in for Office on April 11th, 2024. When this will happen: The AIP Add-in for Office will be permanently disabled in Office after May 1st, 2024. How this will affect your organization: To continue using sensitivity labels powered by Microsoft Purview Information Protection in Office … […]

Update of Prepare for device-bound passkeys in Microsoft Entra ID (changes to FIDO2 and Windows Hello for Business) | Thibault Chatiron Beginning mid-February 2024, Microsoft Entra ID will support device-bound passkeys stored on computers and mobile devices as an authentication method in preview, in addition to the existing support for FIDO2 security keys. This enables your users … […]

This new feature grants the user the capability to view the source link of the file associated with the activity flagged in Activity Explorer. When this will happen: Rollout will begin in late January 2024 and is expected to be complete by early February 2024.  How this will affect your organization: Users can view the … […]

Microsoft Defender Antivirus on Windows 10 and Windows 11 will be shipping with a new service: When this will happen: Microsoft will roll out to all rings (Current Channel (Preview), Current Channel (Staged) and Current Channel (Broad)) during the week of March 11th, 2024. How this will affect your organization: To enhance your endpoint security … […]

The Windows Autopatch Reliability report is a new feature that will be accessible in the Windows Autopatch Reports section of the Microsoft Intune admin center. This new report provides a calculated reliability score across update cycles based on the occurrences of stop code errors detected on managed devices. Scores are determined at both the service and tenant … […]

Currently, there is there no support available for iOS users looking to edit PDF files on the previewer in Outlook mobile. Microsoft is rolling out a new “Open Microsoft 365” button that helps users open/edit PDF files received on Outlook through the Microsoft 365 for mobile app. When this will happen: Microsoft will begin rolling … […]

The January 2024 security update is now available for Windows 11 and all supported versions of Windows 10. We recommend that you install these updates promptly. For more information about the contents of this update, see the release notes, which are easily accessible from the Windows 11 and Windows 10 update history pages. To learn more about the different types … […]

Previously, admins could not change the retention period set on existing labels configured to start retention from when items were labeled. This feature will remove this restriction, and the resulting behavior will be consistent with other retention label types.   When this will happen: Rollout will begin in mid-January 2024 and is expected to be complete … […]

This capability allows the admin with view-only restricted permissions to view the Data Loss Prevention and Information Protection policy configuration details without editing the policies or label configurations. When this will happen: Microsoft will begin rolling out in late December 2023 and complete by early February 2024. How this will affect your organization: 1. Assign … […]

The Activity-Based Authentication Timeout for Outlook on the web will be replaced by Idle Session Timeout for Microsoft 365. When this will happen: Microsoft expect to complete by mid-February 2024. How this affects your organization: At the end of 2023, we will be ending support for Activity-Based Authentication Timeout, at that point all organizations who … […]

Exchange online protection (EOP)/ Defender for Office 365 (MDO) customers who want to send phishing simulation emails, need to configure advance delivery policy for optimal behavior. This policy will ensure that emails that match your conditions are delivered unfiltered to the Inbox and that safe links time of click protection and post-delivery actions are disabled. … […]

Microsoft is updating Microsoft Secure Score improvement actions to ensure a more accurate representation of security posture. The improvement actions listed below will be added to Microsoft Secure Score. Your score will be updated accordingly. When this will happen: This is expected to be complete by late January 2024. How this will affect your organization: … […]

Currently available in preview, Microsoft is rolling out a new action for Data Loss Prevention in Exchange Online called “Deliver the message to the hosted quarantine”.  When this will happen: Rollout is expected to be complete by late November 2023. How this will affect your organization: Previously while managing messages delivered to hosted quarantine, admins … […]

During FIDO2 security key registration, Microsoft Entra ID users may see an operating system or browser-generated prompt for creating a passkey on another device, such as a phone or tablet. In some cases, a QR code is shown to facilitate this option. When this happens, the user needs to select “Use a different device” to … […]

Previously, admins could not change the retention period set on existing labels configured to start retention from when items were labeled. This feature will remove this restriction, and the resulting behavior will be consistent with other retention label types.   When this will happen: Rollout will begin in late December 2023 (previously late November) and is … […]

As a part of the extensibility vision of Microsoft and first release to Microsoft Graph, Microsoft is introducing three new APIs for retention labels, events, and event types in the Microsoft Graph beta environment. These APIs will enable you to customize and extend on what we have built in the product so far. These APIs … […]

Microsoft will be retiring the “MDE Settings” and “New version” options from Threat Explorer as they work to clean up and streamline the user experience. When this will happen: Microsoft expect to complete by late December 2023. How this will affect your organization: Users and Administrators will no longer see the “MDE Settings” and “New … […]

November 17th, Microsoft is announcing the general availability of new Teams on web for Edge and Chrome. How this will benefit your organization: When will this happen: New Teams on web begins rolling out today. How this will affect your organization: What you can do to prepare: Visit the support article or download resources to learn how to get … […]

Coming soon, Microsoft Purview Insider Risk Management will be rolling out the public preview of browsed to generative AI websites indicator. When this will happen: Rollout will begin mid-December and is expected to be complete by early January.  How this will affect your organization: With this update, we are adding a new indicator, “browsed to … […]

Simulation mode in DLP provides DLP admins with an isolated experience to try a DLP policy, assess its impact, and build confidence in the policy efficacy to eventually reduce the time to policy enforcement. Simulation mode is an enhancement to the existing test mode behavior to help Admins evaluate new policies confidently. When this will … […]

Beginning January 2024, Microsoft Entra ID will support device-bound passkeys stored on computers and mobile devices as an authentication method in preview, in addition to the existing support for FIDO2 security keys. This enables your users to perform phishing-resistant authentication using the devices that they already have. Microsoft will be expanding the existing FIDO2 authentication methods policy … […]

Microsoft is rolling out a new feature to enable customers with Microsoft Purview Audit (Premium) and the 10-Year Retention Add-on to create additional customized retention policies. When this will happen: Rollout to general availability in the worldwide clouds will begin in early December and is expected to be complete by late December. How this will … […]

Service side auto-labeling now supports scoping of Exchange auto-labeling to non-mail enabled security groups. When this will happen: Rollout is expected to be complete by late November.  How this will affect your organization: Admins can create new or edit existing auto-labeling policies to include new Exchange locations for non-mail enabled security groups. What you need … […]

The ability for Microsoft Teams users to report internalchats, channels and meeting conversations within Teams as a security risk will be turned ON by default. Security risk messages could include ones that contain phishing or spam or malicious content, such as phishing URL or malware file, spam content. To learn how end users can report, … […]

Currently rolling out in public preview, SharePoint and OneDrive will support discovery and coauthoring of files labeled with user-defined permissions.  When this will happen: Rollout to public preview began in mid-June and is expected to be complete by early September. Standard release will begin in mid-September 2023 (previously early September) and is expected to be … […]

Public preview alert. We have started rolling out support for labeled PDF files in SharePoint Online. SharePoint now supports search, eDiscovery, DLP for sensitivity label encrypted PDFs. The sensitivity column will start showing the label names for newly uploaded PDF files. When this will happen: Preview: This rollout is underway and expected to complete by … […]

Auto labeling (for files at rest in SharePoint Online) will soon label PDF files. When this will happen: Preview: Rollout to public preview will begin in mid-July 2023 and expect to complete by early August 2023.   How this will affect your organization: Once the changes are rolled out to your tenant, the following are … […]

In order to better protect our customers from exact domain spoofing attacks and improve deliverability of email, Microsoft is making changes to how we handle DMARC p=reject and p=quarantine. For the enterprise customers, Microsoft is making updates to how DMARC policy-based reject can be handled. This change will help Security Administrators be able to choose … […]

In this increasingly digital world, identity is the most attacked surface area, and the sophistication and frequency of attacks continue to rise. Manual investigations and responses can’t keep pace. We need to think differently about how we protect identities from compromise and respond rapidly to emerging threats.   Microsoft Entra ID Protection (recently renamed from Azure … […]

Starting in September 2023, Microsoft will begin including new Microsoft Teams as part of the new and existing installations of Microsoft 365 apps for Windows depending on the schedule provided in this post. Currently, users can install the new Teams by using the Try the new Teams toggle switch in classic Teams or having administrators … […]

When this will happen: Beginning May 8, 2023 How this affects your organization: To prevent accidental approvals, admins can require users to enter a number displayed on the sign-in screen when approving an MFA request in the Microsoft Authenticator app. This feature is critical to protecting against MFA fatigue attacks which are on the rise. … […]

Remediating vulnerabilities in organizations takes time so it’s essential to have effective risk management strategies in place. We know that addressing software vulnerabilities can be challenging due to a variety of factors. To help with risk mitigation, Microsoft Defender Vulnerability Management (MDVM) users can leverage the application block feature to take immediate action to block … […]

Microsoft will be updating the way intra-organizational SCL ratings are assigned for intra-organizational messages. When this will happen: Changes to logging intra-organizational messages will begin rolling out in early April and is expected to be complete by late June. How this will affect your organization: All intra-organizational messages are currently marked with SCL -1 (bypass … […]

When this will happen: Rollout to Current Channel (preview) will begin in mid-March (previously early March) and is expected to be complete by early April (previously mid-March). Rollout to Current Channel will begin in early May (previously early April) and is expected to be complete by mid-May (previously late April).  How this will affect your … […]

This article is a follow-up to a previous one discussing conflicting proxy configurations and how Microsoft Defender for Endpoint behaves in these situations. The first article can be found in here. As outlined in the documentation, Defender for Endpoint supports three different types of proxy configurations: However, when these configurations are mixed, it can cause confusion … […]

Overview  Some attack scenarios may require you to isolate a device from the network. This action can help prevent the attacker from controlling the compromised device and performing further activities such as data exfiltration and lateral movement. Just like in Windows devices, this device isolation feature disconnects the compromised device from the network while retaining connectivity to the … […]

Attack Simulation Training is an intelligent phish risk reduction tool that measures behavior change and automates deployment of an integrated security awareness training program across an organization. It is available with Microsoft 365 E5 or Microsoft Defender for Office 365 P2 plan. As per the previous experience, users were directed to the Microsoft curated credential harvest login … […]

Post Content Read More

Historically, admins that needed to move mailboxes between Microsoft 365 tenants were required to export or offboard the mailbox to on-premises and then import or onboard the mailbox to a new tenant. Today, Microsoft is thrilled to announce that cross-tenant user data migration is now generally available. Specifically, the cross-tenant mailbox migration and cross-tenant OneDrive migration features previously in … […]

Intune is excited to announce new device control capabilities that allows greater flexibility for enhanced endpoint security. This feature allows IT admins to manage access and use of removable storage devices, such as USB and solid-state drives, on Intune-managed devices. Admins will be able to configure the allow, block, or auditing permissions to read, write, … […]

Intune can integrate data from Mobile Threat Defense (MTD) solutions such as Microsoft Defender for Endpoint and other non-Microsoft MTD partners as an information source for unenrolled devices using Intune app protection policies (APP). Admins can use this information to help protect corporate data within an Intune protected app and issue a block or selective wipe through APP conditional launch settings … […]

Microsoft is excited to announce the general availability of hybrid cloud Kerberos trust, a new Windows Hello for Business deployment model that enables a passwordless sign-in experience. Why passwordless and Windows Hello for Business? Windows Hello for Business is a modern, strong, two-factor authentication method that is a more secure alternative to passwords and has … […]

With this change Microsoft is giving the ability to password protects items they download from quarantine. Microsoft wants users to be confident that the items they are downloading to their systems will not execute involuntarily without their consent, and this capability will allow them to safely transport the items to external analysis tools. When this … […]

When all holds and retention policies are removed from an inactive mailbox, it becomes soft-deleted and remains in Exchange for a period of time to allow for recovery before permanent deletion. Based on customer feedback, and to maintain consistency with other solutions, Microsoft will be changing this period to 30 days (from current 183 days). … […]

With the deployment of the Tenant Allow/Block List, as being the single source of truth for Tenant Allows, other mechanisms for Tenant Allows are being removed. This will give SecOps teams one place to manage all Tenant Allows. Today, “DoNotRewrite” list is used to Skip wrapping URLs Detonation(SONAR) Verdicts. The intended purpose of “DoNotRewrite” is … […]

Please review the blog post: Apply sensitivity labels to PDFs created with Office apps for additional details. Coming soon to public preview, Microsoft is introducing the ability to maintain label and protection for PDF files created from Microsoft Office apps.   When this will happen: Public preview: rollout will begin in late June and is expected to … […]

Currently the AAD “Security Reader” role can manage Microsoft Defender for Cloud Apps alerts, however, it can only view alerts from all other security workloads. The AAD “Security Reader” role update will now be aligned with AAD role definition to provide clarity and prevent confusion of the same role use. When this will happen: As … […]

Given feedback from customer on the need for an additional time to triage the emails or files that were quarantined as result of potential malware, Microsoft is increasing the retention period from 15 days to 30 days. When this will happen Standard Release: will begin rolling this out by end of July and expect to … […]

Malware hashes available for SharePoint and OneDrive (Preview)In addition to file hashes available for malware detected in non-Microsoft storage apps, now new malware detection alerts will provide hashes for malware detected in SharePoint and OneDrive. For more information, see Malware detection. SaaS Security Posture Management capabilities for Salesforce and ServiceNowSecurity posture assessments are available for Salesforce … […]

Microsoft has begun the rollout of security defaults to existing customers who haven’t yet rolled out security defaults or Azure AD Conditional Access.  Microsoft introduced security defaults in October 2019 for new tenants, ensuring that new customers would be created and maintained with basic security hygiene in place – especially MFA and modern auth requirements – regardless … […]

The April 13, Microsoft announced general availability of differentiated protection for priority accounts, people like executives, leaders, managers, or other users who have access to sensitive, proprietary, or high priority information. With this release, users tagged as priority accounts will receive a higher level of protection against threats. Licences The Priority account protection feature is … […]

Improvements in malware detection for non-Microsoft storage appsDefender for Cloud Apps has introduced major improvements in the non-Microsoft storage apps detection mechanism. This will reduce the number of false positive alerts. Read More

Support for Rome and San Diego ServiceNow versionsThe Defender for Cloud Apps connector for ServiceNow now supports Rome and San Diego versions of ServiceNow. With this update, you can protect the latest versions of ServiceNow using Defender for Cloud Apps. For more information, see Connect ServiceNow to Microsoft Defender for Cloud Apps. Read More

Get-AdvancedThreatProtectionDocumentReport and Get-AdvancedThreatProtectionDocumentDetail will be retired Microsoft will be retiring the Get-AdvancedThreatProtectionDocumentReport and Get-AdvancedThreatProtectionDocumentDetail cmdlet from Microsoft Defender for Office 365. Instead, Microsoft recommends the use of the Get-ContentMalwareMdoAggregateReport | Get-ContentMalwareMdoDetailReport cmdlet. Key points Timing: retirement will begin in early May and is expected to complete by mid-May Action: review and transition to the Get-ContentMalwareMdoAggregateReport … […]

Microsoft will no longer be onboarding new Log Analytics workspaces to store Azure Information Protection (AIP) audit logs. Note: Customers who have previously configured Log Analytics to store AIP audit logs will continue to receive forwarded audit logs into their workspaces until the data pipeline is fully retired. When this will happen: Microsoft will stop … […]

If you’ve configured users for a default sensitivity label policy for Office documents, the label you chose will automatically be applied to Word, Excel, and PowerPoint documents you create or modify. Previously, this only applied to new documents only. Note: This update applies to Word, Excel, and PowerPoint on the Web, and Word and PowerPoint on … […]

Updated severity levels for Defender for Cloud Apps anomaly detectionsThe severity levels for Defender for Cloud Apps built-in anomaly detection alerts are being changed to better reflect the risk level in the event of true positive alerts. The new severity levels can be seen in the policies page: https://portal.cloudappsecurity.com/#/policy Read More

In April 2020, the combined security information registration experience for registering both multifactor authentication (MFA) and self-service password reset (SSPR) was released for you to opt in. Upcoming, Microsoft will be making the new combined security information registration experience the default for all tenants. Note: This change will not impact you if your tenant was … […]

With dynamic administrative units, you no longer have to manually manage membership of your administrative units (or write your own automation to manage it for you).Indeed, I previously used a custom script in order to populate the Administrative Units with members, and it can take some time to finish… Instead, Azure AD allows you to specify … […]