Category: Security

Securing Onedrive – Cleaning up unwanted sharing permissions

OneDrive for Business is great! The administration tools provided is not! If you’re still reading you might agree with me when I say that Sharepoint Online admin center is far from the best experience when administrating anything related to OneDrive. Luckily we have access to everything we might need using the OneDrive REST API, a…



Don’t get phished this holiday season

Holiday season is coming closer and I would like to take this opportunity to discuss phishing since the amount of phishing attacks increases a lot during holiday season. According to Zscaler the amount of phishing attacks increased with 400% from October to November this year as Black Friday and Cyber Monday came closer. Phishing, which…



Manage Kubernetes with Azure ARC

During Ignite there was some big news, one of them was Azure ARC. A couple of years ago Azure started to deliver Azure stack, further on Azure also provided DevOps which could be used within any environment and cloud. With Azure Arc Microsoft can also enable customers to move from only hybrid cloud solutions to…



Great new feature for O365 – reduce the amount of successful phishing attempts

As I wrote in my blogpost back in March, phishing is an attack concept where an attacker usually contacts a victim pretending to be from a trustworthy source to get information that they shouldn’t have gotten if they used their real identity. When an attacker targets specific individuals or groups within an organization the phishing method…



Varonis DatAdvantage – Verify continuous communication with all domain controllers

When you are using Varonis to monitor your environment it’s important to make sure that you don’t miss any critical events. One weakness in the current version of Varonis that I found out about is that you won’t get any notification if the event collection from one domain controller stops to work and you will…



Netscaler – Configure Kerberos Authentication + LDAP Group/Attribute Extraction to achieve SSO for internal users

SSO to Netscaler hosted web services for internal users: A request we receive from time to time from our Netscaler customers is that they would prefer internal users (users connected to the company’s LAN/Wifi or through VPN) to automatically get SSO when they browse to a load balanced web system (https://sharepoint.mycompany.com). One way of doing…



Netscaler – Customizing messages when using ”Enhanced authentication feedback” with RfWebUI Theme

Some customers want to be able to provide more feedback to users when, for some reason, their logon to Netscaler fails or if the new password they specify during password change does not meet the AD’s password complexity requirements. Citrix has published the article https://support.citrix.com/article/CTX223404 that specifies how you can customize the message strings. However,…



Level up your incident response with DatAlert and Varonis

Varonis offers a great product that can be used for threat detection and response. It will help you identify and handle security incidents faster and more effective and it’s called DatAlert. In this blog post I’m going to discuss some of its features. With the DatAlert Suite added to your existing Varonis environment you can…



Azure AD authentication methods, MFA and SSPR insights and reports

We’ve been rolling out MFA (Multi-Factor authentication) and SSPR (Self-Service Password Reset) for many customers last couple of years. It often takes time and requires preparations but done right it will succeed and once finished they users get used to it just as they get used logging in using MFA to their bank. During the…



ClickOnce application suddenly blocked by AppLocker Group Policy

INTRODUCTION With the release of the Windows 7 and corresponding server operating system, the AppLocker technology has become a quintessential tool for system administrators to utilize. Thanks to it, administrators can restrict or allow end-users to run certain applications based on its publisher value, file path or even its unique file hash, all within an…