Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086

 Title:
Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094,
and CVE-2021-24086

URL: https://msrc-blog.microsoft.com/2021/02/09/multiple-security-updates-affecting-tcp-ip/
Published On (YYYY-dd-MM):2021-09-02
Overview:
Today Microsoft released a set of fixes affecting Windows TCP/IP
implementation that include two Critical Remote Code Execution
(RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and
an Important Denial of Service
(DoS) vulnerability (CVE-2021-24086). The two RCE vulnerabilities are
complex which make it difficult to
create functional exploits, so they are not
likely in the short term. We believe attackers will be able to create
DoS exploits much more quickly and expect all three issues might
be exploited with a DoS attack shortly after
release. Thus, we recommend customers move …

Multiple Security Updates Affecting TCP/IP: 
CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086
Read More »

Azure AD B2C Deep Dive Webinar Series

 

Azure AD B2C
Deep Dive Webinar Series

Virtual
Event | 2/19 – 5/14, 2021 | 3:00 – 4:30pm, GMT

 

Please join us for Azure AD B2C
series. You can register for all sessions or pick topics of interest to you.

– Join
the entire series

Register here

 

Session 1 – February 19th –
Azure AD B2C overview

This session focuses on
understanding the use case and architecture for Azure AD B2C. When do I use
it? How does it work? How can I configure it? What is the roadmap? The
session will be a combination of slides and demos ranging from basic to more
advanced tasks.

Register here

 

Session 2 – March 12th – How
to deploy Azure AD B2C from scratch

Learn how to create your Azure
AD B2C environment, configure connections to identity providers, customize
attribute collection and add your branding:

  • Create your Azure
    AD B2C directory
  • Connect with
    social and enterprise identity providers
  • Integrate your
    applications and systems
  • Brand and
    customize the user experience

Register here

 

Session 3 – April 9th- Get started with Azure
AD B2C custom policies

Learn how to set up the Azure AD B2C policy and relying party
policies. Explorer the custom policy XML elements, and file structure.

  1. Deploy a custom
    policy starter pack (manual and automatically)
  2. Understanding the
    basics of custom policy: claims, claims transformation, user journeys, technical
    profile, and relying party policy.
  3. Customized your
    policy (add sign-in option with social IDP, customized the UX, and more)
  4. Troubleshooting

Register here

 

Session 4 – May 14th- Extend
B2C capability through ISV partner ecosystem

Learn how to extend B2C
capabilities through ISV partner ecosystem. Enable bot detection, fraud
protection, device fingerprinting and provide secure hybrid access to
on-premise/legacy applications with ISV partners.

Scenario:

  • Prevent
    fraudulent accounts from being created
  • Understand if
    user is logging in with a new or known device
  • Enable Azure AD
    B2C for on-premise  applications

Register here

 

We
look forward to you joining us!

Microsoft Warns of Windows Win32k Privilege Escalation

Original
release date: February 9, 2021

Microsoft has released a security advisory to address an escalation of
privileges vulnerability, CVE-2021-1732,
in Microsoft Win32k. A local attacker can exploit this vulnerability to take
control of an affected system. This vulnerability was detected in exploits in
the wild.

CISA encourages users and administrators to review Microsoft Advisory for
CVE-2021-1732 and apply the necessary patch to Windows 10 and Windows 2019
servers.

This product is provided subject to this Notification
and this Privacy
& Use
policy.

Modernize Your Network Security Strategy free session

 

Microsoft Azure

 

Modernize Your Network Security Strategy

 

 

 

Take
a Zero Trust approach to secure your networks

You’re
not going to want to miss this great event. This is your chance to learn
how a Zero Trust approach can secure your cloud and hybrid networks.
You’ll be hearing firsthand from industry leaders how Azure network
security can help your organization. Sign up today.

 

Modernize Your Network Security Strategy
Thursday, February 18, 2021
10:00 AM–11:00 AM Pacific Time

Note: Registering with the button below will sign you up for this event
using the email address where you received this mail as well as the full
name, contact information, company, and country you previously provided.

To Register
here
.

 

 

 

 

Ann Johnson
Corporate Vice President Business Development, Microsoft

 

 

Sinead
O’Donovan

Director of
Product Management for Azure Network Security, Microsoft

 

 

 

 

Privacy
Statement
| Unsubscribe

 

Microsoft
Corporation
One Microsoft Way
Redmond, WA 98052

 

Microsoft

New security blogs from Microsoft

 Title:
Microsoft Cloud App Security User Interface Updates

URL: https://techcommunity.microsoft.com/t5/microsoft-security-and/microsoft-cloud-app-security-user-interface-updates/ba-p/2083113

Overview: In the coming months, Cloud App Security will be updating its UI to provide a more consistent experience across Microsoft 365 security portals. 


Title: Protect your Box
environment and Data using Microsoft Cloud App Security
URL: https://techcommunity.microsoft.com/t5/microsoft-security-and/protect-your-box-environment-and-data-using-microsoft-cloud-app/ba-p/2080226

We have a new Microsoft Security blog for your consideration.
Title: What’s new:
Dedicated clusters for Azure Sentinel

URL: https://techcommunity.microsoft.com/t5/azure-sentinel/what-s-new-dedicated-clusters-for-azure-sentinel/ba-p/2072539

Overview: If you ingest over 1Tb per day into your Azure Sentinel workspace and/or
have multiple Azure Sentinel workspaces in your Azure enrolment, you may want
to consider migrating to a dedicated cluster, a recent addition to the
deployment options for Azure Sentinel.

Title: Categorizing
Microsoft alerts across data sources in Azure Sentinel

URL: https://techcommunity.microsoft.com/t5/azure-sentinel/categorizing-microsoft-alerts-across-data-sources-in-azure/ba-p/1503367

Overview: In today’s security operation centers (SOCs),
analysts have a large set of security solutions that they leverage to protect
their organization and monitor activity. However, when setting up a SIEM it is
challenging to prioritize what data to ingest and what protections each
solution provides. SOCs must consider size and cost of ingestion, detections,
and necessary use cases for each data source they would like to connect to
their SIEM.  Because of these considerations, SOCs should focus on
ingesting data that is critical and has a low level of overlap to reduce the
probability of double ingestion


Title:
Deep dive into the Solorigate second-stage activation: From SUNBURST to
TEARDROP and Raindrop
URL: https://www.microsoft.com/security/blog/2021/01/20/deep-dive-into-the-solorigate-second-stage-activation-from-sunburst-to-teardrop-and-raindrop/

Overview: One missing link in the complex Solorigate attack chain is the handover from
the Solorigate DLL backdoor to the Cobalt Strike loader. How exactly does the
jump from the Solorigate backdoor (SUNBURST) to the Cobalt Strike loader
(TEARDROP, Raindrop, and others) happen? What code gets triggered, and what
indicators should defenders look for?

Title: What’s new:
Managed Identity for Azure Sentinel Logic Apps connector

URL: https://techcommunity.microsoft.com/t5/azure-sentinel/what-s-new-managed-identity-for-azure-sentinel-logic-apps/ba-p/2068204

Overview: Now available: Grant permissions
directly to a playbook to 
operate on Azure Sentinel, instead of creating additional identities
.
 

Title: Microsoft
Defender for Endpoint: Automation defaults are changing

URL: https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/microsoft-defender-for-endpoint-automation-defaults-are-changing/ba-p/2068744

Overview: We are excited to announce that we are about to increase our customers’
protection by upgrading the default automation level of our Microsoft Defender
for Endpoint customers who have opted into public previews from Semi – require approval for any remediation
to Full – remediate
threats automatically

Title:
The dynamic duo: How to build a red and blue team to strengthen your
cybersecurity, Part 2
URL: https://www.microsoft.com/security/blog/2021/01/21/the-dynamic-duo-how-to-build-a-red-and-blue-team-to-strengthen-your-cybersecurity-part-2/

Overview:

In this blog Jake Williams, Founder of Rendition InfoSec shares his insights
on the 2020 threat landscape—who to watch for and why—and offers cybersecurity
guidance and best practices on how to structure and evolve red and blue teaming
within your organization. 


Free Training in Azure Sentinel

 https://techcommunity.microsoft.com/t5/azure-sentinel/become-an-azure-sentinel-ninja-the-complete-level-400-training/ba-p/1246310

 

EU drafts data breach notification guidelines

EDPB Publishes Guidelines on Examples Regarding Data Breach Notification

Tuesday, January 19, 2021

On January 18, 2021, the European Data Protection Board (“EDPB”) released draft Guidelines 01/2021 on Examples regarding Data Breach Notification (the “Guidelines”). The Guidelines complement the initial Guidelines on personal data breach notification under the EU General Data Protection Regulation (“GDPR”) adopted by the Article 29 Working Party in February 2018. The new draft Guidelines take into account supervisory authorities’ common experiences with data breaches since the GDPR became applicable in May 2018. The EDPB’s aim is to assist data controllers in deciding how to handle data breaches, including by identifying the factors that they must take into account when conducting risk assessments to determine whether a breach must be reported to relevant supervisory authorities and/or the affected data subjects.

To read the full article go here

CERT/CC and CISA Report Multiple Vulnerabilities in Dnsmasq

01/21/2021 07:13 AM EST

 

Original
release date: January 21, 2021

CISA and the CERT Coordination Center (CERT/CC) are aware of multiple
vulnerabilities affecting Dnsmasq version 2.82 and prior. Dnsmasq is a
widely-used, open-source software that provides Domain Name Service forwarding
and caching and is common in Internet-of-Things (IoT) and other embedded
devices. A remote attacker could exploit some of these vulnerabilities to take
control of an affected system.

CISA encourages users and vendors of IoT and embedded devices that use
Dnsmasq to review CERT/CC VU#434904
and CISA ICSA-21-019-01
21
for more information and to apply the necessary update. Refer to vendors
for appropriate patches, when available.

Are you a good candidate for 2021 CDPSE

 

Help build the
world’s best community of privacy professionals. Recommend CDPSE.

 

CDPSE - Spread the Word! CDPSE Pros are in Demand

 

 

Who do you know that is a privacy expert? Or an
up-and-coming star in the technical privacy field? Like you, they
should be a Certified Data
Privacy Solutions Engineer™ (CDPSE™)
. Will you forward
this email to someone who would benefit from the CDPSE designation on
their resume or business card? Or better yet, make a call and forward an
email.

ISACA is actively recruiting qualified candidates for CDPSE
certification to take the beta test later this month, 11-31 January. There is no experience requirement
to take the exam, however to qualify for the certification, candidates
need five years’ experience in the following fields (or three years’
experience plus a current ISACA certification):

  • Privacy
    Governance

    (governance, management and risk management)
  • Privacy
    Architecture

    (infrastructure, applications/software and technical privacy
    controls)
  • Data
    Lifecycle

    (data purpose and data persistence)

Registrants for the January exam receive a FREE CDPSE review manual
and US$50 off the
fee
(in addition to ISACA member discounts) with promo
code
50CDPSE. Exams will be individually graded
and analyzed against others to help validate the test instrument.
Individual results are expected in March 2021.

Help a colleague or professional acquaintance advance their career,
affirm their privacy acumen and assist ISACA as we build a community of
recognized technical privacy professionals. We appreciate your
commitment to the advancement of the technical privacy field.

 

 

 

Explore CDPSE
Beta.

Forward this
email to your eligible colleagues and friends today.

 

Learn More

 

 

 

CDPSE was created by technical privacy practitioners for
technical privacy practitioners and administered by ISACA.
Certification holders gain the credential that proves their skillset in
implementing privacy-by-design solutions.

Know Someone Who
Knows Privacy? Tell Them About CDPSE!

 

 

 

Attackers Exploit Poor Cyber Hygiene to Compromise Cloud Security Environment

 

Attackers Exploit Poor Cyber Hygiene to Compromise
Cloud Security Environments

01/13/2021 02:44 PM EST

 

Original
release date: January 13, 2021

CISA is aware of several recent successful cyberattacks against various
organizations’ cloud services. Threat actors used a variety of tactics and
techniques, including phishing and brute force logins, to attempt to exploit
weaknesses in cloud security practices.

In response, CISA has released Analysis
Report AR21-013A: Strengthening Security Configurations to Defend Against
Attackers Targeting Cloud Services
 which provides technical details
and indicators of compromise to help detect and respond to potential attacks.

CISA encourages users and administrators to review AR21-013A and
apply the recommendations to strengthen cloud environment configurations.

resilience against Solorigate and other sophisticated attacks

Title:
Increasing resilience against Solorigate and other sophisticated attacks with
Microsoft Defender

URL: https://www.microsoft.com/security/blog/2021/01/14/increasing-resilience-against-solorigate-and-other-sophisticated-attacks-with-microsoft-defender/
Published On
(YYYY-dd-MM): 2021-14-01

Overview:

This blog is a guide for security administrators using Microsoft 365
Defender and Azure Defender to identify and implement security configuration
and posture improvements that harden enterprise environments against
Solorigate’s attack patterns.

The post Increasing
resilience against Solorigate and other sophisticated attacks with Microsoft
Defender
appeared first on Microsoft Security.