#mdo — Public Fediverse posts

New 𝗨𝗽𝗹𝗶𝗳𝘁 𝗣𝗿𝗶𝘃𝗶𝗹𝗲𝗴𝗲𝘀 𝗼𝗻 𝗙𝗿𝗲𝗲𝗕𝗦𝗗 [Uplift Privileges on FreeBSD] article on vermaden.wordpress.com blog

https://vermaden.wordpress.com/2026/03/01/uplift-privileges-on-freebsd/

#verblog #freebsd #linux #illumos #solaris #sudo #doas #su #mdo

New 𝗨𝗽𝗹𝗶𝗳𝘁 𝗣𝗿𝗶𝘃𝗶𝗹𝗲𝗴𝗲𝘀 𝗼𝗻 𝗙𝗿𝗲𝗲𝗕𝗦𝗗 [Uplift Privileges on FreeBSD] article on vermaden.wordpress.com blog

https://vermaden.wordpress.com/2026/03/01/uplift-privileges-on-freebsd/

#verblog #freebsd #linux #illumos #solaris #sudo #doas #su #mdo

New 𝗨𝗽𝗹𝗶𝗳𝘁 𝗣𝗿𝗶𝘃𝗶𝗹𝗲𝗴𝗲𝘀 𝗼𝗻 𝗙𝗿𝗲𝗲𝗕𝗦𝗗 [Uplift Privileges on FreeBSD] article on vermaden.wordpress.com blog

https://vermaden.wordpress.com/2026/03/01/uplift-privileges-on-freebsd/

#verblog #freebsd #linux #illumos #solaris #sudo #doas #su #mdo

New 𝗨𝗽𝗹𝗶𝗳𝘁 𝗣𝗿𝗶𝘃𝗶𝗹𝗲𝗴𝗲𝘀 𝗼𝗻 𝗙𝗿𝗲𝗲𝗕𝗦𝗗 [Uplift Privileges on FreeBSD] article on vermaden.wordpress.com blog

https://vermaden.wordpress.com/2026/03/01/uplift-privileges-on-freebsd/

#verblog #freebsd #linux #illumos #solaris #sudo #doas #su #mdo

New 𝗨𝗽𝗹𝗶𝗳𝘁 𝗣𝗿𝗶𝘃𝗶𝗹𝗲𝗴𝗲𝘀 𝗼𝗻 𝗙𝗿𝗲𝗲𝗕𝗦𝗗 [Uplift Privileges on FreeBSD] article on vermaden.wordpress.com blog

https://vermaden.wordpress.com/2026/03/01/uplift-privileges-on-freebsd/

#verblog #freebsd #linux #illumos #solaris #sudo #doas #su #mdo

One specific change I noticed is that #Safelink capabilities are moved from add-on #MDO to E3 & Business plans, which I've been advocating for (IMHO this is basic security). As #Phishing or #BEC impact is still high according to #Microsoft Digital Defense Report 2025, this is a change that can make #security defense more in-depth.
Reread the report: https://www.microsoft.com/en-us/corporate-responsibility/cybersecurity/microsoft-digital-defense-report-2025/?wt.mc_id=M365-MVP-5000976

What do you think of these changes? Is the price increase warranted? What did you miss and wanted to see? Let me know!

𝐏𝐫𝐨𝐭𝐞𝐜𝐭 𝐲𝐨𝐮𝐫 𝐨𝐫𝐠𝐚𝐧𝐢𝐳𝐚𝐭𝐢𝐨𝐧𝐬 𝐚𝐠𝐚𝐢𝐧𝐬𝐭 𝐐𝐑 𝐜𝐨𝐝𝐞 𝐩𝐡𝐢𝐬𝐡𝐢𝐧𝐠 𝐰𝐢𝐭𝐡 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐟𝐨𝐫 𝐎𝐟𝐟𝐢𝐜𝐞 365

QR codes are used in phishing attacks for mainly two reasons:

1️⃣ They move the attack away from well-protected corporate environments and onto the victim’s personally owned mobile device, which may be less secure.

2️⃣ They leverage the most common credential theft vector which is the uniform resource locator (URL).

𝐇𝐨𝐰 𝐌𝐃𝐎 𝐝𝐞𝐭𝐞𝐜𝐭𝐬 𝐐𝐑 𝐂𝐨𝐝𝐞 𝐩𝐡𝐢𝐬𝐡𝐢𝐧𝐠

➡ Image Detection in a message inline during mail flow

➡Threat Signals

➡URL Analysis

➡Heuristics-based Rules

To further increase protection, it is recommended to use:

➡𝐄𝐱𝐭𝐞𝐧𝐝𝐞𝐝 𝐃𝐞𝐭𝐞𝐜𝐭𝐢𝐨𝐧 𝐚𝐧𝐝 𝐑𝐞𝐬𝐩𝐨𝐧𝐬𝐞 (XDR): Microsoft Defender XDR provides comprehensive defense against advanced threats like QR code phishing

➡𝐌𝐨𝐛𝐢𝐥𝐞 𝐏𝐫𝐨𝐭𝐞𝐜𝐭𝐢𝐨𝐧: Microsoft Defender for Endpoint on Android and iOS includes anti-phishing capabilities that also apply to QR code phishing attacks, blocking phishing sites from being accessed.

➡𝐄𝐧𝐝-𝐔𝐬𝐞𝐫 𝐓𝐫𝐚𝐢𝐧𝐢𝐧𝐠: Defender for Office 365 customers can use Attack Simulation Training to educate their end users by simulating real-world phishing attacks and other types of cyber threats.

https://techcommunity.microsoft.com/t5/microsoft-defender-for-office/protect-your-organizations-against-qr-code-phishing-with/ba-p/4007041

#qrcode #phishing #mdo #defenderforoffice #defender #xdr #edr #office365 #image #url #microsoft #microsoftsecurity #soc #cyber #cybersecurity #ast #usertraining #awareness #Quishing #cloudsecurity

𝗖𝗼𝗻𝗳𝗶𝗴𝘂𝗿𝗲 𝗝𝘂𝘀𝘁-𝗶𝗻-𝗧𝗶𝗺𝗲 𝗔𝗰𝗰𝗲𝘀𝘀 𝘁𝗼 𝗠𝟯𝟲𝟱 𝗗𝗲𝗳𝗲𝗻𝗱𝗲𝗿

🔵Entra ID (formerly Azure AD) offers the Privileged Identity Management (PIM) for Groups feature, enabling users to attain just-in-time membership and ownership of groups, thus governing access to a range of services.

🔵M365 Defender unified RBAC workloads offers centralized permissions management for the following services:

➡️Defender for Endpoint

➡️Defender for Identity

➡️Defender for Cloud Apps

➡️Defender for Office 365

➡️Microsoft Defender Vulnerability Management

➡️Secure score

PIM for Groups paired with M365 Defender RBAC offers a solution for just-in-time Defender access.

Find out more details: https://techcommunity.microsoft.com/t5/security-compliance-and-identity/configure-just-in-time-access-to-m365-defender/ba-p/3764564

#azure #azuread #entraid #identity #rbac #m365defender #xdr #justintime #pim #pam #mde #mdo #mdi #securescore #mdca #casb #microsoft #microsoftsecurity #soc #cloud #cloudsecurity #cloudnative

Microsoft Defender for Office 365 has been recognized as a leader in The Forrester Wave ™: Enterprise Email Security, Q2 2023 report.

For more information on this recognition, check out the full report here: https://reprints2.forrester.com/#/assets/2/108/RES178496/report

https://www.microsoft.com/en-us/security/blog/2023/06/12/forrester-names-microsoft-a-leader-in-the-2023-enterprise-email-security-wave/

#microsoft #office365 #security #leader #email #xdr #defender #microsoft365defender #mdo #emailprotection #emailsecurity #phishing #spam #SecOps #soc #analyst #bec #sandboxing #emailauthentication #collaboration #siem #ir #threatintelligence #azure #cloud #cloudsecurity #cloudnative

A quick #securitytip on how to block password-protected attachments in emails.

If you have #Microsoft #Defender for #Office365 licenses, you can use the technology called Safe Attachments. Safe Attachments do advanced scanning of attachments through so called detonations, where these attachments are run on a test environment and what the file does when it is run is monitored.

If an email contains a password-protected attachment, then these detonations cannot take place. In the Safe Attachments settings, you can set what should happen if the scan couldn't complete for some reason, which is exactly the case with the password-protected attachment. In this case, it is recommended to set the email to be blocked. #email #mdo #cybersecurity #bes