Keith Weaver
@keithmweaver
Followers
189
Following
6K
Media
39
Statuses
1K
Christian, husband, & father. Passionate about security. #Microsoft365 #MicrosoftTeams
Central Pennsylvania
Joined July 2014
Here's an idea I've heard floated that I strongly disagree with. "Security controls need to provide a great end user experience." Meaning there is little to no friction or added complexity for users. My opinion is that this idea is a bunch of BS.
1
2
6
So, these threat actors successfully phished an author of multiple open source NPM packages with a total of 2 billion weekly downloads – including debug, chalk, and ansi-styles. Since most companies run at least one React or Angular app, they had the opportunity to execute code
1
10
104
Generate videos in just a few seconds. Try Grok Imagine, free for a limited time.
509
873
5K
Not all Azure logs are created equal. Some stick around for 90 days, some for years, and others vanish unless you export them. I broke it down in Demystifying Log Retention in Azure. https://t.co/j3JCmX08a7
#monitorallthethings #log #retention #azure #cheat #sheet
shankuehn.io
Often times I think the idea is not to confuse, but when you sort of pile on all the different services in Azure, some of the details get muddy and quickly. One of the areas that I even have hard...
0
20
77
Recently noticed that Entra application proxy is switching from client secrets to federated identity credentials on the app registrations for app proxy applications. 👍👍
@IAMERICAbooted @NathanMcNulty Yeah, Workload ID is for single tenant apps only. On the whole, it is possible to get rid of client secrets in a tenant. As part of SFI, Microsoft is completely eliminating client secrets across our 1P Microsoft tenants. Yes, a lot of Microsoft products forced you to use
0
1
13
IMHO, the loss of Twitter/X as a platform where virtually everyone in infosec who was publicly active online had a presence has really been deleterious to a lot of info sharing. It's also no doubt prevented a lot of useful discussions and interactions from happening.
32
33
540
,@Office365 Microsoft is deprecating the Graph CLI and Graph Toolkit. It's good to have some rationalization in tools, but it would even better if all the APIs used in #Microsoft365 admin centers were documented. Vote on the feedback item in the article! https://t.co/yGsjXdWiCH
office365itpros.com
Microsoft has depreciated the Microsoft Graph CLI and Graph Toolkit. It's nice to see some rationalization, but we need better quality and coverage too.
4
4
28
I used to work at a mail logistics company call center and several times I overheard agents very clearly explain to a customer they will be picked up by people with guns if they do what they're planning to do.
One of my biggest white pills with trucking is that these shady carriers thought it was a good idea to fuck with the mail. USPI aren’t fast, they’re postal workers after all. But they are thorough. And when they have you in their sights, you’re toast.
12
37
503
In security, when you do your job perfectly, nothing happens. And people don't see when nothing happens.
36
218
1K
(comic) Take care of your health… so you don’t have to take time off.
6
117
800
Myth: Service accounts need Domain Admin Reality: They rarely do, it’s just the easy, lazy way to do things
29
12
155
Imagine having to use Teams while landing on an aircraft carrier
152
458
12K
As someone working in tech, I cannot unsee how harmful mobile phones and apps are for kids. Many apps and games use dark patterns that gambling apps utilize to create addiction - maddening that they can and do. No wonder more people working in tech try to keep kids off of it all
Mark Zuckerberg's kids have, by his own admission, very limited screen time and no public social media. He sends them to a screen-free school where expert tutors teach small class sizes. Is that because he's stupid and doesn't recognize the educational value of his own creations?
22
102
1K
The IT admin turned security admin is a really great career trajectory. It sets you up nice well to expand into just about any other security role, from pentesting to DFIR. 1 experienced, thoughtful, resourceful IT admin is worth their weight in gold
46
54
553
Microsoft isn’t disclosing this so: M365 Copilot allowed users to access files without producing an audit log. All you had to do was ask Copilot to not link to the file. You don’t even have to ask; it sometimes just happens. If your org uses Copilot your audit log is likely wrong
Microsoft isn’t just not issuing a CVE, they’re actually not going to disclose this issue at all.
27
582
4K
Here’s a warning: as agents are granted more autonomy and integrated deeper into systems, security has to be a priority. In this post, @GaryMarcus and I explore the security issues of coding agents and show that fixes aren’t so easy. It’s gonna be wild.
3
20
76
While getting back to blogging I've been doing a lot of reading of other's work in order to find ways I can (try) provide value in this sea of "content". To my surprise (not really if I'm honest). A LOT of the content on medium is pure GPT speak. I implore all writers to find
4
11
64
FREE eBook Alert! 🎉 Azure for Architects - Third Edition Download your copy at the following Microsoft link: https://t.co/CWoGWbcEfo Enjoy and don’t forget to share 🙂
lnkd.in
This link will take you to a page that’s not on LinkedIn
0
11
37
The Coast Guard's report on the implosion of the Titan submersible in 2023 finally dropped this week. If you start reading it, you quickly see how OceanGate applied the "move fast and break things" tech mentality building carbon fiber submersibles. And killed 5 people.
1
6
23
Most IT teams, including mature ones, aren’t gonna adopt physical dedicated PAWs and it’s not reasonable to assert they should. What have been your most successful compromises for this?
53
30
204
I have been waiting for this, so exciting 🎉 We can now convert synced groups created on-prem into cloud managed groups via Graph API This sets a value that tells Entra Connect Sync to no longer sync the group, and Entra Cloud Sync will write membership changes back down for us
Entra Connect sync will support Group Source of Authority conversion in preview. SoA conversion = Convert on-prem managed groups to cloud managed groups. No further information is public. Also app based auth is GA and the default. Advanced logging is GA https://t.co/XLkUQHlmaz
9
20
137