4 things to know and 4 things to do this week in Microsoft 365
TTlogo250

Blog roll for M365 admins

Supporting IT Professionals is all we do

Announcing Microsoft Applied Skills, the new credentials to verify in-demand technical skills

Announcing Microsoft Applied Skills, the new credentials to verify in-demand technical skills

An alternative to certification. Each year, we help millions of learners gain expertise by developing and validating skills. Advances in AI, cloud computing, and emerging technologies have made it more important than ever to demonstrate your proficiency in the most sought-after technical skills.  

favicontechcommunity.microsoft.com

Think like a People Scientist: Designing a survey that meets your organization's needs

Think like a People Scientist: Designing a survey that meets your organization's needs

May 28th: Join us for this series of webinars on how to 'think like a People Scientist.' Based on your feedback, we have introduced this series to help dive deeper into key topics where a People Science perspective is valuable. In this webinar , Senior People Scientist, and , Principal People Scientist at Viva Glint will be sharing top tips on designing a meaningful survey for your organization. 

favicontechcommunity.microsoft.com

Prompt engineering 101: Create content in 3 simple steps with ASK AI

Prompt engineering 101: Create content in 3 simple steps with ASK AI

Prompt engineering is an easy-to-learn skill that can help you ask AI tools for the information you need in natural language by providing context, tone,

favicontechcommunity.microsoft.com

Registration | Microsoft Learn Challenge: Build Edition

Registration | Microsoft Learn Challenge: Build Edition

Complete the Copilot for Microsoft 365 challenge and earn a digital badge! Learn the foundations of building collaborative apps for Microsoft Teams leveraging the Microsoft Teams Toolkit, then learn how to extend Copilot for Microsoft 365.

faviconwww.microsoft.com

From Third Tier

secta
How am I subject to this zero-day? Let's use Defender

How am I subject to this zero-day? Let's use Defender

Microsoft Defender Vulnerability notifications sent an email informing about a new zero-day in Open SSL. How am I subject to this zero-day?

www.thirdtier.net

Four things to do this week
*patch up in the wild vulnerabilities*

Easily detect CVE-2024-21427 with Microsoft Defender for Identity

Easily detect CVE-2024-21427 with Microsoft Defender for Identity

The recently published CVE-2024-21427 Windows Kerberos Security Feature Bypass Vulnerability fixed the potential bypass of authentication policies configured.

favicontechcommunity.microsoft.com

Set LAN Manager authentication level to 'Send NTLMv2 response only.
Refuse LM & NTLM'

Using older/weaker authentication levels (LM & NTLM) make it potentially possible for attackers to sniff that traffic to more easily reproduce the user's password.

Option 1- Set the following Group Policy: Computer Configuration\Policies\Windows Settings\Security Settings\
Local Policies\Security Options\Network security\
LAN Manager authentication level To the following value:
Send NTLMv2 response only. Refuse LM & NTLM

Opt
ion 2 - Set the following registry value: HKLM\SYSTEM\CurrentControlSet\Control\Lsa\

LmCompatibilityLevel To the following REG_DWORD value: 5

faviconsecurity.microsoft.com

Enable Local Admin password management

Due to the difficulty in managing local Administrator passwords, many organizations choose to use the same password on all endpoints during deployment. Use LAPS management in Intune.
Option 1 - Set the following Group Policy: Computer Configuration\Policies\Administrative Templates\LAPS\Enable Local Admin Password Management To the following value: Enable

Option 2 - Set the following registry value: HKLM\SOFTWARE\Policies\Microsoft Services\AdmPwd\AdmPwdEnabledTo the following REG_DWORD value: 1

faviconsecurity.microsoft.com

Disable the local storage of passwords and credentials

Locally cached passwords or credentials can be accessed by malicious code or unauthorized users.

Option 1 - Set the following Group Policy: Computer Configuration\Policies\Windows Settings\
Security Settings\Local Policies\Security Options\
Network access: Do not allow storage of passwords
and credentials for network authentication To the following value: Enabled

Option 2 - Set the following registry value: HKLM\SYSTEM\CurrentControlSet\Control\Lsa\
DisableDomainCredsTo the following REG_DWORD value: 1

faviconsecurity.microsoft.com

Follow Us

Follow us to be the first to know about our newest products, upcoming events, and special offers.

                 

Contact Us

Third Tier 4107 Auburn Dr, Royal Oak, Mi 48073, United States amy@thirdtier.net

Sign up for this newsletter