AD ACL Scanner

<<Updated link to new GitHub location>> Just in case you haven’t seen it yet our colleagues in PFE Sweden have put together an excellent post detailing the usage of AD ACL Scanner, a CodePlex PowerShell based GUI for reporting on AD permissions. Check it out here – https://blogs.technet.microsoft.com/pfesweplat/2017/01/28/forensics-active-directory-acl-investigation/ Grab the tool here – https://github.com/canix1/ADACLScanner    


Windows Server 2016 security auditing for enhanced threat detection

Windows Server 2016 includes new audit events to help with early detection of malicious activity in your datacenter. You can find the complete list of the events from this reference paper, and new events in Windows Server 2016 here under the Security auditing section. In this blog post, I would like to highlight a few…


Forensics: Active Directory ACL investigation

A Couple of Sensitive Spots Active Directory are full of delegated rights and permissions that grant privileges to security principals (User, Group Managed Service Account, Group and Computer Objects). Some permissions are more sensitive than others and should be kept only for privileged accounts such as for Tier 0 administrators (Read about the credential tier model…

13

Phishers unleash simple but effective social engineering techniques using PDF attachments

The Gmail phishing attack is reportedly so effective that it tricks even technical users, but it may be just the tip of the iceberg. We’re seeing similarly simple but clever social engineering tactics using PDF attachments. These deceitful PDF attachments are being used in email phishing attacks that attempt to steal your email credentials. Apparently, the…

5

Home Lab Secrets: Building the Killer Home Lab Part 5 (Deploying Exchange Server 2016)(New Azure Portal)

In Part 4 of this series we deployed a Remote Desktop Gateway Server within our lab. In Part 5 we will be adding Email capabilities within our lab using Microsoft Exchange Server 2016. Our Exchange Deployment will consist of a 2 Exchange 2016 Servers.  To keep our Azure costs down we will Deploy a Small Sized (F1s) VM within…


[パートナー事例] Office 365 をもっとお客様に使いこなしてほしい ~「Coo Kai for Office 365」を展開するピーエスシーの取り組みと、その中で提供されている ASfP と連携した運用支援サービス【1/24 更新】

クラウド サービスを最大限に使いこなしてもらうことで、お客様が抱える問題を解決していきたい。このような想いから、2016 年 6 月から「Coo Kai for Office 365」の展開を進めているのが、株式会社ピーエスシー (PSC) です。また 2016 年 10 月には、国内初となる「Microsoft Advanced Support for Partners (ASfP)」と連携した運用支援サービスもスタート。Microsoft Office 365 活用を強力に支援する体制を整えています。 今回は PSC で「Coo Kai」のビジネス展開を担当する執行役員本部長の福田 勝巳 氏と、「Coo Kai 運用支援サービス」のプロジェクトマネージャーを務める神代 祐紀子 氏に、「Coo Kai for Office 365」の概要や提供開始に至った背景、運用支援サービスで ASfP を活用する意義などについて、お話をお聞きしました。 写真左より、株式会社ピーエスシー 第五事業本部 Cloud Apps事業部 執行役員本部長 福田 勝巳 氏、株式会社ピーエスシー 第五事業本部 Cloud Apps事業部 CS課 プロジェクトマネージャー 神代 祐紀子 氏…


Exploit kits remain a cybercrime staple against outdated software – 2016 threat landscape review series

Despite the disruption of Axpergle (Angler), which dominated the landscape in early 2016, exploit kits as a whole continued to be a threat to PCs running unpatched software. Some of the most prominent threats, from malvertising to ransomware, used exploit kits to infect millions of computers worldwide in 2016. The prevalence of exploit kits as an…


Changes to PowerPivot Gallery and Snapshots in SharePoint 2016

Updated 6/9/2017 The PowerPivot Gallery has had some functionality and supportability changes between SharePoint 2013/2010 and SharePoint 2016. This is due to the fact that Excel Services functionality has moved to Office Online Server. While the basic premise of the gallery remains the same and some of the same rules apply, there are some changes…

8

Office 365 Planned Service Changes for 2017 - Admin Action Required

The goal of this post is to compile all announced Office 365 service changes for 2017, that may require admin action, into a single reference. These changes are listed below in chronological order, based on the “Action Required” date. Additional information and resources related to these changes are provided where applicable. Updates will be made to this…


Типичные ошибки администраторов Configuration Manager и лучшие практики: часть 1

В одной из предыдущих статей этого блога мой коллега Андрей Борзенко рассказывал о мерах предосторожности, которые позволяют избежать очень неприятных проблем при использовании Configuration Manager (далее ConfigMgr). Однако дизайн продукта таков, что некоторые ошибки администрирования продукта приводят к менее критичным, но все еще болезненным последствиям – вплоть до остановки работы самого сервера ConfigMgr и открытия…