Faster than competitors.
Don’t follow the stream,
but go for the source!
When auditing Microsoft 365 Defender environments, I notice the service-level configuration for Microsoft Defender for Endpoint (MDE) is often overlooked. Each tenant has a specific set of parameters that can be configured to update the behavior and feature set of Microsoft Defender for Endpoint. In this article, I will walk through some of the elements that are worth enabling and shouldn’t be overlooked.
Just last week, a new vulnerability was identified in the 7-zip application with ID ‘CVE-2022-29072’. This vulnerability allows for local privilege escalation due to a misconfiguration of the 7z.dll file. By exploiting this vulnerability, a user can receive local administrator privileges on an endpoint.