Read: 14 mins. The need for reliable and speedy WiFi throughout the entire home has become important in modern times as more and more devices connect wirelessly. Like many consumers, you very likely came across dead spots in your house where the WiFi signal was either weak or non-existent. Consumer "mesh" WiFi routers promise to solve this issue, and in this article we will explore what they are, and how the Linksys Velop AC router compared to the Amazon Eero Pro.
Read: 3 mins. The Security Operations Center (SOC) noticed logins to Azure Active Directory (AAD) from yahoo.com and gmail.com email addresses and asked the IT Security team to investigate. At the time, we did not allow many B2B Guest credentials for those domains, but alarmingly, the accounts in question successfully authenticated even though they did not exist in our AAD tenant. Who were those people? Did we have a security breach? What did they access?
Read: 4 mins. The Compare-Object cmdlet is a very useful tool to find differences between data sets. It can help with logging changes, acting only on specific sets of data, speeding up processing time, and reducing complexity. In this article, we will cover what the "SideIndicator" property means, how to pass through all Properties from the source data, create a custom property with evaluated information, and output only results that exist in both data sets.
Read: 12 mins. How do you find out who made a change to an Active Directory or Builtin Local Group? Which users were added to or removed from a group? When was a group deleted? In this post, we look at Group and Membership change Event IDs, and explore how to use Splunk to find relevant information to aid in your investigations.
Read: 6 mins. We have recently enabled Single-Sign On (SSO) for our Cisco Umbrella dashboard and had to convert the existing, non-SSO accounts to use SSO. What should have been a straight-forward process was greeted with login issues and an inexplicable association with the OpenDNS dashboard. Here is how we secured the accounts and got SSO to work for each of them.
Read: 3 mins. A sensitive, internal meeting was held within Microsoft Teams, and someone had accidentally recorded it. The organizer was extremely unhappy when nobody admitted to it, particularly since any attendee was able to download a copy of the recording. An urgent request to the Office 365 and Information Security teams was put out to investigate. How did we go about in doing so?