Infrastructure + Security: Noteworthy News (September, 2018)

Hi there! Stanislav Belov here to bring you the next issue of the Infrastructure + Security: Noteworthy News series!  

As a reminder, the Noteworthy News series covers various areas, to include interesting news, announcements, links, tips and tricks from Windows, Azure, and Security worlds on a monthly basis.

Microsoft Azure
Azure AD B2B Collaboration support for Google IDs is now in public preview
The B2B Google federation allows organizations to invite Gmail users to use their Google identity to sign in to Azure AD. Google is the first third-party identity provider that Azure AD supports.
Microsoft Authenticator companion app for Apple Watch now in public preview
We heard our customers loud and clear—they want support for the Microsoft Authenticator app on Apple Watch. So, that’s why I’m thrilled to announce we are starting to roll out the public preview of the Microsoft Authenticator companion app for Apple Watch and plan to release to general availability within the next few weeks. This experience will allow you to approve sign-in notifications that require PIN or biometric on your Watch without having to use your phone. The Microsoft Authenticator app on Apple Watch supports Microsoft personal, work, and school accounts that are set up with push notifications. All supported accounts automatically sync to the Watch.
Azure subscription and service limits, quotas, and constraints
This document lists some of the most common Microsoft Azure limits, which are also sometimes called quotas. This document doesn’t currently cover all Azure services. Over time, the list will be expanded and updated to cover more of the platform. Please make sure you check against these limitations before deploying a new Azure resource to avoid potential pitfalls.
How to choose the right encryption technology for Azure SQL Database or SQL Server
Transparent Data Encryption (TDE) and Always Encrypted are two different encryption technologies offered by SQL Server and Azure SQL Database. Generally, encryption protects data from unauthorized access in different scenarios. They are complementary features, and this blog post will show a side-by-side comparison to help decide which technology to choose and how to combine them to provide a layered security approach.
Windows Server
PowerShell is open sourced and is available on Linux

Today’s customers live in a multi-platform, multi-cloud, multi-OS world – that’s just reality. This world brings new challenges and customers need tools to make everything work together. Microsoft is working company-wide to deliver management tools that empower customers to manage any platform, from anywhere, on any device, using Linux or Windows. This shift to a more open, customer-obsessed approach to deliver innovation is one of the things that makes me most excited to come to work every day.

Migrating Roles and Features in Windows Server

This article contains links to information and tools that help guide you through the process of migrating roles and features to Windows Server 2016, Windows Server 2012 R2, and Windows Server 2012. Many roles and features can be migrated by using Windows Server Migration Tools, a set of five Windows PowerShell cmdlets that was introduced in Windows Server 2008 R2 for easily migrating role and feature elements and data.

Upgrade Domain Controllers to Windows Server 2016

This topic provides background information about Active Directory Domain Services in Windows Server 2016 and explains the process for upgrading domain controllers from Windows Server 2012 or Windows Server 2012 R2.

Windows Client
Helping customers shift to a modern desktop

IT is complex. And that means it can be difficult to keep up with the day-to-day demands of your organization, let alone deliver technological innovation that drives the business forward. In desktop management, this is especially true: the process of creating standard images, deploying devices, testing updates, and providing end user support hasn’t changed much in years. It can be tedious, manual, and time consuming. We’re determined to change that with our vision for a modern desktop powered by Windows 10 and Office 365 ProPlus. A modern desktop not only offers end users the most productive, most secure computing experience—it also saves IT time and money so you can focus on driving business results.

Security
Two seconds to take a bite out of mobile bank fraud with Artificial Intelligence

The future of mobile banking is clear. People love their mobile devices and banks are making big investments to enhance their apps with digital features and capabilities. As mobile banking grows, so does the one aspect about it that can be wrenching for customers and banks, mobile device fraud.

Microsoft Threat Modeling Tool GA Release
The Threat Modeling Tool is a core element of the Microsoft Security Development Lifecycle (SDL). It allows software architects to identify and mitigate potential security issues early, when they are relatively easy and cost-effective to resolve. As a result, it greatly reduces the total cost of development. Also, we designed the tool with non-security experts in mind, making threat modeling easier for all developers by providing clear guidance on creating and analyzing threat models.
How Security Center and Log Analytics can be used for Threat Hunting
If you need to do threat hunting, there are several considerations that you should consider. You not only need a good analyst team, you need an even larger team of service engineers and administrators that worry about deploying an agent to collect the investigations related data, parsing them in a format where queries could be run, building tools that help query this data and lastly indexing the data so that your queries run faster and actually give results. ASC and Log Analytics take care of all of this and will make hunting for threats much easier. What organizations need is a change in mindset. Instead of being just alert driven, they should also incorporate active threat hunting into their overall security program.
Protecting user identities
Microsoft 365 security solutions help you protect users and corporate accounts. By making identity the control plane, Microsoft 365 offerings manage identities as the first step to providing access to corporate resources and restricting users who are high risk. Tools like single sign-on (SSO), Multi-Factor Authentication (MFA), and Windows 10 Hello for Business help you secure access. Additionally, there are actions you can take if an identity is compromised and ways to lock down or wipe devices to protect sensitive data in case of loss or theft.
Small businesses targeted by highly localized Ursnif campaign
Cyber thieves are continuously looking for new ways to get people to click on a bad link, open a malicious file, or install a poisoned update in order to steal valuable data. In the past, they cast as wide a net as possible to increase the pool of potential victims. But attacks that create a lot of noise are often easier to spot and stop. Cyber thieves are catching on that we are watching them, so they are trying something different. Now we’re seeing a growing trend of small-scale, localized attacks that use specially crafted social engineering to stay under the radar and compromise more victims.
Office VBA + AMSI: Parting the veil on malicious macro
Macro-based threats have always been a prevalent entry point for malware, but we have observed a resurgence in recent years. Continuous improvements in platform and application security have led to the decline of software exploits, and attackers have found a viable alternative infection vector in social engineering attacks that abuse functionalities like VBA macros. Microsoft, along with the rest of the industry, observed attackers transition from exploits to using malicious macros to infect endpoints. Malicious macros have since showed up in commodity malware campaigns, targeted attacks, and in red-team activities.
Vulnerabilities and Updates
Microsoft on September 11, 2018, released security updates to provide additional protections against malicious attackers. As a best practice, Microsoft encourages customers to turn on automatic updates. More information about this month’s security updates can be found in the Security Update Guide.
Support Lifecycle
The next End of Support deadline is October 9, 2018. The following products and Service Packs will NO longer be supported after this date:

  • SQL Server 2012 SP3
  • Enterprise Desktop Virtualization (MED-V) 1.0
  • Windows 10 Mobile (released in Aug. 2016)
  • Expression Studio 2
Extended Security Updates for SQL Server and Windows Server 2008/2008 R2: Frequently Asked Questions (PDF)

On January 14, 2020, support for Windows Server 2008 and 2008 R2 will end. That means the end of regular security updates. Don’t let your infrastructure and applications go unprotected. We’re here to help you migrate to current versions for greater security, performance and innovation.

Microsoft Premier Support News
Onboarding Accelerator – Implementing Visual Auditing Security Tool is a 5-Day Engagement and delivered by a Microsoft Premier Field Engineer (PFE). Visual Auditing Security Tool (VAST) is a cloud-based PowerBI dashboard solution that provides security professionals visibility about the many of the most common types of security weaknesses in an IT environment. It also provides specific, actionable KPI-based metrics to measure your organization’s effectiveness in mitigating well-established, known attack playbooks.
The Architectural Service – Microsoft Azure: Cloud Ready Datacenter service helps to assess the current state of your on-premises environment, perform a gap-analysis with focus on your architectural capabilities, and ensure that the IT environment is cloud-ready. This 4-day service includes Remediation Planning Services that provides a step-by-step roadmap to enabling your environment and teams to be cloud ready. This assessment provides you with a recommendation report and overall plan of action to correct existing network and server configurations that are incompatible with hybrid cloud architecture.
Check out Microsoft Services public blog for new Proactive Services as well as new features and capabilities of the Services Hub, On-demand Assessments, and On-demand Learning platforms.