Elizabeth Tyler

33 DaysToGo - If Basic Auth remains enabled in your tenant, your data is at risk, and so your role is to get your clients and apps off Basic Auth, move them to stronger and better options, and then secure your tenant, before we do.

NOBELIUM are at it again. Or maybe they never stopped. https://t.co/1LJKb718du

Enabled MFA? Yay! But threat actors who get past the first gate can wear down users with MFA requests. Expose it for where it’s from https://t.co/z1LVmwSaVG

Please read this one, I know folks have wanted to know what’s happening with Microsoft and lapsus$ https://t.co/U8s4OT4JQX

Just how do you get into a container? How do you troubleshoot apps running in containers? No RDP here. It's more like Server Core only it's not. You'll get the idea. https://t.co/8UQHELDhKK

Fun things to do in your spare time! This is legit from someone that doesn't know the meaning of the words "I know enough"

Actionable info released quarterly https://t.co/vhIsFTCdTc

User has access. But how long should user keep that access? What if their account is revoked/deleted, pwd changes, their location changes or their risk level increases? Continuous Access Evaluation in AAD is now enabled for all tenants https://t.co/bfTWthREiH

On prem AD needs basic checks done every so often. CE Paul Harrison came up with some great PS scripts to to monitor known problems like any forgotten computers in the Computers container: https://t.co/lTjLigL5EC

Azure AD Password Protection provides coverage for this as well as character substitution (P@ssw0rd is normalized to password) It also prevents admins from setting or resetting passwords to known bad/weak passwords If you have Azure AD P1+, check it out: https://t.co/gPdwC4SO9Q