SpireTech Blog - Tag: Azure
Microsoft Azure topics and updates.
Many things are changing in the world right now, and technology is no exception. As usual, we are spending a lot of time on R&D, training, and investigating new technology. Why do you care? Because we see certain technologies being key enablers for our clients moving forward. We’re already using most of these technologies (accelerated by WFH), and many clients are rethinking the way they want to work.
If you don’t know about these key enablers, you should, because they are disruptive technologies. We’ll give you a primer here, with the “why” for each.
|Azure AD||Enables security in a WFH, cloud-first workplace|
|Intune||Automatic software deployment, enforcement of company IT standards, mobile device security|
|Autopilot||Automatic setup and configuration of new computers, anywhere|
|SharePoint||File sharing without a server, simultaneous document editing|
|OneDrive||Easy access to SharePoint and backup of local documents|
|Teams||Team chat, meetings, calls, and collaboration|
|Microsoft 365 Business Voice||Potentially disruptive extension to teams calling and traditional business phone systems|
Many of these features are things you’re already paying for, and others present minimal additional cost. Read more...
used with permission from Microsoft Secure, by Michael Melone, Principal Cybersecurity Consultant, Enterprise Cybersecurity Group
Earlier this year, the world experienced a new and highly-destructive type of ransomware. The novel aspects of WannaCry and Petya were not skills as ransomware, but the combination of commonplace ransomware tactics paired with worm capability to improve propagation.
WannaCry achieved its saturation primarily through exploiting a discovered and patched vulnerability in a common Windows service. The vulnerability (MS17-010) impacted the Windows Server service which enables communication between computers using the SMB protocol. Machines infected by WannaCry propagate by connecting to a nearby unpatched machine, performing the exploit, and executing the malware. Execution of the exploit did not require authentication, thus enabling infection of any unpatched machine.
Petya took this worming functionality one step further and additionally introduced credential theft and impersonation as a form of worming capability. These techniques target single sign-on technologies, such as traditional domain membership. Read more...