Pop-Up Thingie

Digital Distortion
  • Home
  • Forum
  • Files
  • Web Monitor
  • Log in

  1. Forum
  2. League10
  3. Microsoft Sec. Bulletin
  • Microsoft Security Newsletter - December 2015

    From Lord Time@TIME to All on Thu Dec 17 15:57:23 2015
    Microsoft Security Newsletter December 2015



    December 2015
    Microsoft Security Newsletter



    The last security newsletter of 2015 has arrived!

    This month weÆre talking about secure collaboration. Whenever I get the chance to talk to C-level executives about cybersecurity, one topic that inevitably comes up is Rights Management Services (RMS). This isnÆt because they ask about the technology specifically, but because they ask me how they can protect sensitive information they need to share with other organizations. Many times they need to share information with their outside attorneys or marketing firms and the risk of a leak is worrisome. Once executives get an introduction to Azure RMS; however, they quickly realize it is exactly what they have been asking their IT department for. For a closer look at the amazing features of Azure RMS, please check out the http://blogs.microsoft.com/cybertrust/2015/09/ 14/cloud-security-controls-series-rights-management/

    article in our Cloud Security Controls Series I authored a few months ago and read on for additional guidance on Azure RMS, identity and access, and other aspects of security we know you are interested in.



    Happy holidays!



    Best regards,

    Tim Rains, Chief Security Advisor

    Enterprise Cybersecurity Group, Microsoft



    Want to share this newsletter with a friend or colleague? https://technet.microsoft.com/en-us/security/cc307424.aspx
    Click here for the online edition and subscription options .


    Have feedback on how we can improve this newsletter? Email us at mailto:secnlfb@microsoft.com
    secnlfb@microsoft.com and share your ideas.




    Top Stories



    http://blogs.technet.com/b/jepayne/archive/2015/11/27/tracking-lateral-movement -part-one-special-groups-and-specific-service-accounts.aspx

    Tracking Lateral Movement Part One: Special Groups and Specific Service Accounts

    Lateral Movement is the moving of an attacker from one compromised host throughout your domain until they find what they are looking for, and is something we see many just about all attackers doing during compromise. Learn about some of the detective controls you can put in place to get greater insight into what is currently happening in your environment so you can get the protective controls in place faster.




    Security Guidance

    https://technet.microsoft.com/library/jj585024.aspx
    Azure Rights Management

    Azure Rights Management is a cloud service, and is integrated into other Microsoft cloud services and applications, such as Office 365 and Azure Active Directory. However, it can also be used with your on-premises applications and services. Learn how to use Azure RMS to help you protect your organizationÆs sensitive information from unauthorized access, and control how this information is used.


    https://technet.microsoft.com/library/jj739831.aspx
    Comparing Azure Rights Management and AD RMS

    If you know or have previously deployed Active Directory Rights Management Services (AD RMS), you might be wondering how Azure RMS compares in terms of functionality and requirements. Use this handy table for a side-by-side comparison of the features and benefits of Azure RMS and AD RMS.


    https://www.microsoft.com/en-us/download/details.aspx?id=38815
    Securing Active Directory: An Overview of Best Practices

    Find steps that your organization can take today to protect its Active Directory environment, a common target for external attacks.


    https://azure.microsoft.com/en-us/documentation/articles/active-directory-whati s/
    Azure Active Directory

    Learn about MicrosoftÆs multi-tenant cloud-based directory and identity management service, then delve into https://azure.microsoft.com/en-us/document ation/videos/index/?services=active-directory

    technical videos , https://azure.microsoft.com/en-us/documentation/services/active-directory/ step-by-step guides , and https://azure.microsoft.com/en-us/documentation/services/active-directory/ troubleshooting tips .


    https://technet.microsoft.com/library/mt631194.aspx
    Securing Privileged Access

    The security of most or all business assets in an organization depends on the integrity of the privileged accounts that administer and manage IT systems. Cyber-attackers are targeting these accounts and other elements of privileged access to rapidly gain access to targeted data and systems using credential theft attacks like Pass-the-Hash and Pass-the-Ticket. Check out this roadmap of recommendations for securing privileged access, a critical first step to establishing security assurances for business assets in a modern organization, then find recommendations on how to implement https://technet.microsoft.com/library/mt634654.aspx
    privileged access workstations and https://technet.microsoft.com/library/mt631193.aspx
    additional reference materials .


    https://msdn.microsoft.com/en-us/library/azure/hh967643.aspx
    Single Sign-On Roadmap

    Single sign-on (SSO) allows you and your users to access Microsoft cloud services with your Active Directory corporate credentials. Find a quick list of steps to help you prepare for SSO, set up your on-premises security token service, and set up directory synchronization.


    https://technet.microsoft.com/library/mt592023.aspx?ocid=wc-nl-secnews
    Control the Health of Windows 10-Based Devices

    With the increased use of BYOD, there are more unmanaged and potentially unhealthy systems accessing corporate services, internal resources, and cloud apps. This guide presents an end-to-end solution that helps you protect high-value assets by enforcing, controlling, and reporting the health of Windows 10-based devices.


    https://products.office.com/en-us/business/office-365-trust-center-top-10-trust -tenets-cloud-security-and-privacy?legRedir=true&CorrelationId=f07397e8-a15b-4b c2-bbc2-80797626a6fa

    Top Questions You Should Ask a Cloud Service Provider

    Find questions to help you choose a cloud service provider that meets your security expectations, and learn how Microsoft Office 365 answers these questions.




    This Month's Security Bulletins


    December 2015 Security Bulletins


    Critical

    -MS15-124:3116180
    https://technet.microsoft.com/library/security/ms15-124
    Cumulative Security Update for Internet Explorer

    -MS15-125:3116184
    https://technet.microsoft.com/library/security/ms15-125
    Cumulative Security Update for Microsoft Edge

    -MS15-126:3116178
    https://technet.microsoft.com/library/security/ms15-126
    Cumulative Security Update for JScript and VBScript to Address Remote Code Execution

    -MS15-127:3100465
    https://technet.microsoft.com/library/security/ms15-127
    Security Update for Microsoft Windows DNS to Address Remote Code Execution

    -MS15-128:3104503
    https://technet.microsoft.com/library/security/ms15-128
    Security Update for Microsoft Graphics Component to Address Remote Code Execution

    -MS15-129:3106614
    https://technet.microsoft.com/library/security/ms15-129
    Security Update for Silverlight to Address Remote Code Execution

    -MS15-130:3108670
    https://technet.microsoft.com/library/security/ms15-130
    Security Update for Microsoft Uniscribe to Address Remote Code Execution

    -MS15-131:3116111
    https://technet.microsoft.com/library/security/ms15-131
    Security Update for Microsoft Office to Address Remote Code Execution



    Important

    -MS15-132:3116162
    https://technet.microsoft.com/library/security/ms15-132
    Security Update for Microsoft Windows to Address Remote Code Execution

    -MS15-133:3116130
    https://technet.microsoft.com/library/security/ms15-133
    Security Update for Windows PGM to Address Elevation of Privilege

    -MS15-134:3108669
    https://technet.microsoft.com/library/security/ms15-134
    Security Update for Windows Media Center to Address Remote Code Execution

    -MS15-135:3119075
    https://technet.microsoft.com/library/security/ms15-135
    Security Update for Windows Kernel-Mode Drivers to Address Elevation of Privilege


    December 2015 Security Bulletin Resources:

    - http://blogs.technet.com/b/msrc/archive/2015/12/08/december-2015-security-upd ate-release-summary.aspx


    December 2015 Security Update Release Summary
    -
    Malicious Software Removal Tool: http://www.microsoft.com/en-us/download/malic ious-software-removal-tool-details.aspx

    December 2015 Update



    Security Events and Training



    https://mva.microsoft.com/en-US/training-courses/windows-security-forensics-143 83?l=YCKufUQsB_5105244527

    Windows Security & Forensics (Level 300)

    Learn how to investigate crimes, like fraud, insider threats, industrial espionage, employee misuse, and computer intrusion by recovering key intelligence from Windows systems.


    https://mva.microsoft.com/en-US/training-courses/azure-rights-management-servic es-core-skills-10500?l=QLoxMwuCB_1805094681

    Azure RMS Core Skills (Level 200)

    Explore reasons to use RMS for information protection, find out how to active Azure RMS, and dive deep into how to protect the files your users share, and how to track and revoke the usage of protected files.


    https://mva.microsoft.com/en-US/training-courses/add-identity-into-your-cloudba sed-apps-13989?l=DEw8AJerB_1105368485

    Add Identity into Your Cloud-Based Apps (Level 100)

    Integrating with Azure AD can save you time from coding your own sign-in logic and trying to protect your usersÆ passwords and has many security and end user experience benefits. Learn the most common scenarios for integrating with Azure AD, get an overview of the Azure AD feature set, and find out whatÆs coming next.






    Essential Tools


    -
    http://technet.microsoft.com/security/bulletin
    Microsoft Security Bulletins

    -
    http://technet.microsoft.com/security/advisory
    Microsoft Security Advisories

    -
    http://www.microsoft.com/security/sdl/adopt/starterkit.aspx
    Microsoft Security Development Lifecycle Starter Kit

    -
    http://support.microsoft.com/kb/2458544
    Enhanced Mitigation Experience Toolkit

    -
    http://www.microsoft.com/security/pc-security/malware-removal.aspx
    Malicious Software Removal Tool

    -
    http://technet.microsoft.com/security/cc184924.aspx
    Microsoft Baseline Security Analyzer


    Security Centers


    -
    http://technet.microsoft.com/security
    Security TechCenter

    -
    http://msdn.microsoft.com/security
    Security Developer Center

    -
    http://www.microsoft.com/security/msrc/default.aspx
    Microsoft Security Response Center

    -
    http://www.microsoft.com/security/portal/
    Microsoft Malware Protection Center

    -
    http://www.microsoft.com/privacy
    Microsoft Privacy

    -
    http://support.microsoft.com/select/default.aspx?target=hub&c1=10750 Microsoft Security Product Solution Centers


    Additional Resources


    -
    http://blogs.microsoft.com/cybertrust/
    Microsoft Cybertrust Blog

    -
    http://blogs.msdn.com/b/azuresecurity/
    Microsoft Azure Security Blog

    -
    http://www.microsoft.com/security/sir
    Microsoft Security Intelligence Report

    -
    http://www.microsoft.com/security/sdl
    Microsoft Security Development Lifecycle

    -
    http://technet.microsoft.com/library/cc162838.aspx
    Malware Response Guide

    -
    http://technet.microsoft.com/security/bb980617.aspx
    Security Troubleshooting and Support Resources




    technet.microsoft.com/security




    This is a monthly newsletter for IT professionals and developers–bringing security news, guidance, updates, and community resources directly to your inbox. If you would like to receive less technical security news, guidance, and updates, please subscribe to the Microsoft Security for Home Computer Users Newsletter.



    (c) 2015 Microsoft Corporation

    http://www.microsoft.com/About/Legal/EN/US/IntellectualProperty/Copyright/defau lt.aspx

    Terms of Use |

    http://www.microsoft.com/en-us/legal/intellectualproperty/trademarks/en-us.aspx Trademarks


    Microsoft respects your privacy. To learn more please read our online http://go.microsoft.com/fwlink/?LinkId=248681
    Privacy Statement .



    If you would prefer not to receive the Microsoft Security Newsletter from Microsoft and its family of companies please https://click.email.microsoftemai l.com/m_hcp.aspx?qs=0bb7f39debca1b0ad10fb2e924b6311d344a0079e5cc587f4d16330b7c3 cc8e7aa3d48879950d85d33a47e9a9586dfefd285dcac31618dc8362e5b79ae439813d7b4efc756 e16f0914f92daeb84e4f832f768745be4cc741&oneClick=newsletter

    click here . These settings will not affect any other newsletters you've requested or any mandatory service communications that are considered part of certain Microsoft services.



    To set your contact preferences for other Microsoft communications https://cli ck.email.microsoftemail.com/m_hcp.aspx?qs=0bb7f39debca1b0ad10fb2e924b6311d344a0 079e5cc587f4d16330b7c3cc8e7aa3d48879950d85d33a47e9a9586dfefd285dcac31618dc8362e 5b79ae439813d7b4efc756e16f0914f92daeb84e4f832f768745be4cc741

    click here .



    Microsoft Corporation

    One Microsoft Way

    Redmond, WA 98052 USA
    ---
    ■ Synchronet ■ Time Warp of the Future BBS - Home of League 10 IBBS Games
  • Web-based telnet client

    Other Links
    What is a BBS?
    Doors installed on this BBS
    Digital Distortion Doors & Tools
    Door stats
    Trivia scores
    Message networks
    Terminal software
    Synchronet archiver setup
    Ready.gov anti-terrorist guidelines as of 2003

    Other services
    Telnet
    RLogin
    IRC
    Email & news access

    Feel free to send me an email.

    BBS UPS stats
  • Who's Online

  • Recent Visitors

    • Merlin
      Mon Apr 14 06:31:48 2025
      from Milton, WV via HTTP
    • Merlin
      Sun Apr 6 09:19:55 2025
      from Milton, WV via HTTP
    • xbit
      Sat Feb 22 04:36:09 2025
      from Portland, Or via HTTP
    • Wilmaxs
      Wed Aug 16 04:20:48 2023
      via HTTP
  • System Info

    Sysop: Eric Oulashin
    Location: Beaverton, Oregon, USA
    Users: 100
    Nodes: 16 (0 / 16)
    Uptime: 03:14:42
    Calls: 6,170
    Calls today: 6
    Files: 8,459
    D/L today: 197 files
    (61,389K bytes)
    Messages: 349,100
    Posted today: 17

© Digital Distortion, 2025