Monday, February 27, 2023

Adding IPv6 support to Azure Active Directory - March 7

Adding IPv6 support to Azure Active Directory


We're excited to bring IPv6 support to Azure Active Directory (Azure AD) to support customers with increased mobility and help reduce spending on fast-depleting expensive IPv4 addresses. The meeting is targeted to all IT Professionals.


  • Why are we introducing IPv6?
  • Rollout plan
  • What is the impact?
  • Steps to take before the enablement.


Kunal Ghosh, Senior Product Manager, Identity CxP

Lisa Huang-North, Senior Product Manager, Identity CxP

Gautam Anand, Senior Product Manager, Identity CxP


Go here to register 

Friday, February 24, 2023

Protecting your small business with Microsoft Free Session


Small businesses are known for their agility and adaptability. Just as small businesses must evolve with changing technology, it is important to recognize changing landscape in cybersecurity.
Cyberattacks are increasingly targeting small businesses because they typically do not have the same infrastructure as a large organization. But what if your business could have a more comprehensive cybersecurity strategy to combat the sophistication of evolving cyberthreats?
Join the experts at Maureen Data Systems and Microsoft for a live session to learn how to protect your business with a more secure and cost-efficient solution. Our experts will discuss:

  • How to promote secure collaboration and efficiency in hybrid work
  • How to enable a Zero-Trust strategy that can reduce the total cost of ownership across devices
  • How to protect customer and user data

Event Details:
March 7, 2023
11:00 AM Pacific Time / 2:00 PM Eastern Time

To register go here

Tuesday, February 21, 2023

2022 in review: DDoS attack trends and insights a Microsoft article

As organizations strengthen their defenses and take a more proactive approach to protection, attackers are adapting their techniques and increasing the sophistication of their operations. Cybercrime continues to rise with the industrialization of the cybercrime economy providing cybercriminals with greater access to tools and infrastructure.

In the first half of 2022, the cyberthreat landscape was focused around the war in Ukraine and the rise of nation state attacks and hacktivism across the world. In February, Ukraine was hit with the largest distributed denial of service (DDoS) attack ever in the country’s history, impacting government websites and banking web services. As the conflict continued, there was a ripple effect to western countries, including the UK, US, and Germany. UK financial services firms experienced a significant increase in DDoS attacks as they were heavily targeted by nation state attackers and hacktivists looking to disrupt Ukraine’s allies.

Hacktivism continued to be rampant throughout the year, including Taiwanese websites experiencing outages in August 2022 due to DDoS attacks ahead of House Speaker Nancy Pelosi’s arrival in Taiwan. Beyond attacks with political motives, DDoS attacks also impacted a wide range of industries. In particular, the gaming industry continued to be highly targeted. In March 2022, a DDoS attack brought down the game servers of Among Us, preventing players from accessing the popular multiplayer game for a few days. A new version of RapperBot (heavily inspired by the Mirai botnet) was used in the second half of 2022 to target game servers running Grand Theft Auto: San Andreas.

In this blog, we share trends and insights into DDoS attacks we observed and mitigated throughout 2022.

2022 DDoS attack trends

Large volume of attacks during the holiday season

In 2022, Microsoft mitigated an average of 1,435 attacks per day. The maximum number of attacks in a day recorded was 2,215 attacks on September 22, 2022. The minimum number of attacks in a day was 680 on August 22, 2022. In total, we mitigated upwards of 520,000 unique attacks against our global infrastructure during 2022.

Figure 1. Attack volume

This year, we saw a lower volume of attacks in June through August and a high volume of attacks during the holiday season until the last week of December. This is in line with attacks trends we have seen in the last few years, except for 2021 where there were fewer attacks during the holiday season. In May, we mitigated a 3.25 terabits per second (TBps) attack in Azure, the largest attack in 2022.

DDoS protection tip: Make sure to avoid having a single virtual machine backend so it is less likely to get overwhelmed. Azure DDoS Protection covers scaled out costs incurred for all resources during an attack, so configure autoscaling to absorb the initial burst of attack traffic while mitigation kicks in.

TCP attacks remain the most common attack vector

TCP attacks were the most frequent form of DDoS attack encountered in 2022, comprising 63% of all attack traffic, which includes all TCP attack vectors: TCP SYN, TCP ACK, TCP floods, etc. Since TCP remains the most common networking protocol, we expect TCP-based attacks to continue to make up most DDoS attacks. UDP attacks were significant as well with 22% of all attacks (combined for UDP flood and UDP amplification attacks), while Packet anomaly attacks made up 15% of attacks.

Figure 2. Attack type

Out of UDP flood attacks, spoofed floods consumed most of the attack volume with 53%. The remaining attack vectors were reflected amplification attacks, with the main types being CLDAP, NTP, and DNS.

We observed TCP reflected amplification attacks becoming more prevalent, with attacks on Azure resources using diverse types of reflectors and attack vectors. This new attack vector is taking advantage of improper TCK stack implementation in middleboxes, such as firewalls and deep packet inspection devices, to elicit amplified responses that can reach infinite amplification in some cases. As an example, in April 2022, we monitored a reflected amplified SYN+ACK attack on an Azure resource in Asia. The attack reached 30 million packets per second (pps) and lasted 15 seconds. Attack throughput was not very high, however there were 900 reflectors involved, each with retransmissions, resulting in high pps rate that can bring down the host and other network infrastructure.

DDoS protection tip: To protect against UDP and TCP attacks, we recommend using Azure DDoS Protection. For gaming customers, consider using A10 virtual appliances and Azure Gateway Load Balancers to help with volume-based attacks.

Shorter attacks continue to be popular.

Figure 3. Attack duration

Shorter duration attacks were more commonly observed this past year, with 89% of attacks lasting less than one hour. Attacks spanning one to two minutes made up 26% of the attacks seen this year. This is not a new trend as attacks that are shorter require less resources and are more challenging to mitigate for legacy DDoS defenses. Attackers often use multiple short attacks over the span of multiple hours to make the most impact while using the fewest number of resources.

Short attacks take advantage of the time it takes systems to detect the attack and for mitigation to kick in. While time to mitigation may only take one or two minutes, the information from those short attacks can make it into the backend of services, impacting legitimate usage. If a short attack can cause a reboot of the systems, this can then trigger multiple internal attacks as every legitimate user tries to reconnect at the same time.

To read the full article go here


Thursday, February 16, 2023

Decommissioning AD FS

 Have you completed your Azure AD migration journey and not sure what's left to do with AD FS, then view our short new Decommissioning video hosted by Mark Morowczynski and Ramiro Calderon. Learn how to complete your AD FS to Azure AD migration.

Free click here

Wednesday, February 15, 2023

You are invited! Microsoft Entra Identity Governance - Streamline Identity Lifecycle & Entitlements


Microsoft Entra Identity Governance - Streamline Identity Lifecycle & Entitlements

 Please join us for this event, Microsoft and Invoke would like to partner on a customer-facing webinar on the topic of Identity Governance.


Join Invoke and the Microsoft Entra product group for an overview of Identity Governance and how this Microsoft Cloud solution can help solve business challenges by streamlining processes, reducing costs, and improving compliance. In this session, we will align real-world use cases to specific Identity Governance features including Lifecycle workflows, Entitlement management, Access reviews, and Privileged identity management. Whether you're a decision maker or a technical influencer, this webinar is a must-attend event for anyone looking to improve their organization's security and compliance posture.

  March 8, 2023 9:00 -10:00 PST



Tuesday, February 14, 2023

The 2022 Microsoft Digital Defense Report

Increase your cyber resiliency by acting on new threat intelligence insights from a diverse team of Microsoft security researchers.

As a company with billions of customers around the world, Microsoft has a unique vantage point to understand the scope and scale of digital threats around the globe.

The 2022 Microsoft Digital Defense Report is the culmination of threat intelligence data and insights gathered by a diverse group of Microsoft security professionals over the past year. Download the latest report to:

Learn about the state of cybercrime and the evolving threat landscape.

Explore the latest intel on hacking trends and attack methods that are growing in popularity.

Get data-backed advice on how to improve cyber resiliency and bolster your organization’s security posture.

Download the 2022 Microsoft Digital Defense Report

Monday, February 13, 2023

Stay compliant with evolving California Consumer Privacy Act (CCPA) regulations


We know protecting your customer and employee data is one of your highest priorities. Leveraging comprehensive security and privacy compliance solutions is the best way for organizations to increase data security, maintain consumer trust, and prevent any costly fines.

Join the compliance experts at Microsoft and Lighthouse for an upcoming webinar to learn how to keep up with both the recent updates to the California Consumer Privacy Act (CCPA) and other pending regulatory changes. You’ll learn how to quickly assess your current compliance status, prioritize solving any gaps, and mitigate future risks. Additionally, the experts will cover:

  • Recommendations to ensure your organization adheres to CCPA regulations
  • Insights from organizations who are successfully using compliance tools
  • Best practices to ensure your organization stays ahead of evolving compliance laws

Webinar date:
Thursday, February 16, 2023
11:00 AM Pacific Time / 2:00 PM Eastern Time


Stay ahead of the rapidly changing landscape of the California Consumer Privacy Act (CCPA)


New Three-Part Webinar Series and Share your Input on Draft NIST SP 800-63-4, Digital Identity Guidelines

 NIST is hosting a new webinar series to gain critical input on Draft NIST Special Publication 800-63 Revision 4, Digital Identity Guidelines. During these three separate virtual events, NIST moderators will explore different aspects of the guidance with expert panelists and seek additional input from the public via a moderated Slack discussion and extended Q&A.

Webinar #1: Digital Identity Risk Management and Assurance Level Selection


This webinar will feature a discussion about digital identity risks. Panelists will explore the various lenses through which digital identity can be viewed, the variety and breadth of associated risks, and how those risks might be considered in organizational, societal, and individual contexts.


Webinar #2: Innovating Identity Proofing


This webinar will focus on the changes NIST has made to identity proofing guidance and illicit inputs on how the government and industry can continue to innovate on identity proofing technology and services. Panelists will discuss leading practices in commercial and public sector use cases, emerging trends, areas of continued improvement, and techniques that may provide additional optionality and choice for end users.


Webinar #3: The Future of Authentication


This webinar will focus on the evolving nature of authentication technology and how organizations and NIST are addressing new innovations in the space. Panelists will explore phishing resistant authentication, trends in multifactor authentication, and the challenges with moving on from SMS authentication.


Learn More

Sunday, February 12, 2023

High-Performance Computing (HPC) Security: Draft NIST SP 800-223

 NIST is requesting public comments on the initial public draft of Special Publication (SP) 800-223, High-Performance Computing (HPC) Security: Architecture, Threat Analysis, and Security Posture.

Executive Order 13702 established the National Strategic Computing Initiative (NSCI) to maximize the benefits of high-performance computing (HPC) for economic competitiveness and scientific discovery. Securing HPC systems is challenging due to their size; performance requirements; diverse and complex hardware, software, and applications; varying security requirements; the nature of shared resources; and the continuing evolution of HPC systems.

Draft SP 800-223 provides guidance on standardizing and facilitating the sharing of HPC security postures by introducing a zone-based HPC system reference model that captures common features of HPC systems and serves as a foundation for a system lexicon. The draft also discusses HPC system threat analysis, security postures, challenges, and recommendations.

The public comment period for this initial public draft is open through April 7, 2022. See the publication details for a copy of the draft and instructions for submitting comments. Additional information can be found at the NIST HPC Security Working Group website. A 3rd High-Performance Computing Workshop will be held March 15-16, 2023; see the event page for more details and a registration link.

NOTE: A call for patent claims is included on page ii of this document. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.

Read More

NIST Selects ‘Lightweight Cryptography’ Algorithms to Protect Small Devices

 Lightweight electronics, meet the heavyweight champion for protecting your information: Security experts at the National Institute of Standards and Technology (NIST) have announced a victor in their program to find a worthy defender of data generated by small devices. The winner, a group of cryptographic algorithms called Ascon, will be published as NIST’s lightweight cryptography standard later in 2023.

The chosen algorithms are designed to protect information created and transmitted by the Internet of Things (IoT), including its myriad tiny sensors and actuators. They are also designed for other miniature technologies such as implanted medical devices, stress detectors inside roads and bridges, and keyless entry fobs for vehicles. Devices like these need “lightweight cryptography” — protection that uses the limited amount of electronic resources they possess. According to NIST computer scientist Kerry McKay, the newly selected algorithms should be appropriate for most forms of tiny tech.

Read More