Skip to content
Menu
IT-DRAFTS
  • About
  • My Statistics at Microsoft Q&A
  • Privacy policy
IT-DRAFTS

Tag: entraID

October 2, 2025September 29, 2025

Why Most Cloud Pros Still Connect to Azure VMs the Wrong Way

After reviewing more Azure setups this quarter than I care to admit, I keep spotting the same tired anti-pattern: organizations still exposing VMs with public IP addresses just to RDP in. Let’s be blunt: it’s lazy, it’s risky, and in 2025, it’s downright embarrassing. The Old RDP Model — A Security Horror Show Traditional RDP…

Read More
September 29, 2025

Are Your Cloud Configurations Putting You at Risk? (Spoiler: Probably)

Misconfigurations are the silent killers of cloud security. You can spend millions on shiny security tools, but one sloppy checkbox or default setting can hand attackers the keys to your kingdom. That’s why this webinar agenda hits hard: we’re diving into the most dangerous Azure cloud misconfigurations that keep CISOs awake at night — and…

Read More
September 23, 2025September 18, 2025

🔥 Zero Trust Architecture: No More Free Passes 🔥

Hey guys, let’s talk about Zero Trust, isn’t a product you buy, it’s a mindset you adopt. The idea: never trust, always verify. Every identity, device, app, and network packet is guilty until proven innocent. Microsoft has gone all-in, embedding Zero Trust principles into Entra, Intune, Defender, Sentinel, Purview, and the rest of the ever-growing…

Read More
September 12, 2025

Goodbye VPN !!!? Microsoft Global Secure Access and the End of the Tunnel

For decades, VPN was the sacred cow of remote access. The one-stop solution: drop a fat encrypted tunnel over the internet and boom — your remote users are “inside.” Problem solved, right? Except no. In 2025, VPN is basically giving every intern a master key to the building. They don’t just get into the room…

Read More
August 19, 2025August 19, 2025

Windows Hello PIN Disaster After Windows 11 24H2 Upgrade — When Security Becomes Your Hostage

Hey hey, if you like to test something new like update on prod that is exactly for you my seety geek :)))))))) If you thought the Windows 11 24H2 upgrade was just another boring patch Tuesday — think again. After the upgrade, users happily log in with their PIN… until the dreaded message appears: “PIN…

Read More
August 6, 2025August 6, 2025

The Technical Foundation of Multi-Agent Copilot Systems and Secure AI Infrastructure in Microsoft Azure

🧬 1. Copilot Agent Architecture: Internal Design Archetype of a Copilot Agent in Microsoft Copilot Studio: Agent: ID: uuid Permissions: [Graph.Read, SharePoint.ReadWrite, CustomAPI.SendEmail] State: Memory: long-term vector embeddings (Azure AI Search) Session Context: transient (JSON graph) Plugins: – Planner – Orchestrator – GraphExecutor LLM Endpoint: Azure OpenAI (GPT-4o) Storage: Cosmos DB / Azure Table 🗉…

Read More
July 11, 2025

🧨 SUDO, YOU HAD ONE JOB!

Hi, now any user can get root — and Microsoft told you this would happen “Don’t run as root!” — they shouted.“Use sudo, it’s secure!” — they said.Well guess what?Even a user not in sudoers can now gain full root access. All thanks to sudo‘s cozy little bug involving chroot, nsswitch.conf, and your complacency. 🧬…

Read More
July 1, 2025

Zero-Days and Zero Mercy: Inside Houken’s Multi-Tool Mayhem

hi. imagine waking up, grabbing coffee, checking logs… and seeing a kernel-mode rootkit silently hijacking your cloud edge device. welcome to Houken — a stealthy but sloppy intrusion set that smashed into French networks in late 2024, chaining zero-days, dropping reverse shells, and playing persistence like a damn violin. not some elite APT black-ops fantasy…

Read More
June 24, 2025June 20, 2025

Hackers Don’t Hack, They Hustle Humans (And They’re Winning)

hi. let’s kill the myth once and for all: hackers don’t break in. they log in. they don’t chase encrypted vaults or fight with multi-layered firewalls. they go for people. because people are the weakest, squishiest, most exploitable part of any system. Daniëlle Haneveer hit the nail on the head in her recent post: attackers…

Read More
June 22, 2025June 19, 2025

Microsoft Entra: The Identity Control Freak We Actually Needed

hi. look, let’s get this straight: the internet’s a mess. cloud, hybrid, remote work, BYOD, shadow IT, LLMs with plugins, interns with full access at 3 a.m.everything’s connected. everything’s exposed. everyone’s logging in from somewhere. so who the hell controls who gets in — and what they can do? yep. that’s what Microsoft Entra was…

Read More
  • 1
  • 2
  • Next

Categories

ActiveDirectory AI AIInfrastructure Azure AzureAI azurepolicy azuresecurity cloudarchitecture cloudnetworking CloudSecurity Copilot ctrlaltdelblog Cybersecurity DataProtection DataSecurity DevOps devsecops Entra entraID GDPRcompliance Howto hybridcloud infosec Innovation Intune ITProblems licensing Microsoft Microsoft365 Microsoft AI MicrosoftAzure microsoftcloud Microsoft Product microsoftsecurity SecureAccess Security securitycopilot SoftwareUpdate sysadminlife TechNews updates Windows Windows10 Windows11 zeroTrust

Archives

  • October 2025
  • September 2025
  • August 2025
  • July 2025
  • June 2025
  • May 2025
  • February 2025
  • October 2024
  • September 2024
  • July 2024
  • June 2024
  • May 2024
  • April 2024
  • March 2024
No comments to show.

Recent Comments

Recent Posts

  • 🛡️ Secure Medallion Architecture on Azure Databricks Or How to Stop Treating Your Lakehouse Like a Flat Share
  • Monitoring Azure OpenAI Your Way — Without Tossing Out Your Observability Stack
  • How to Push Windows 11 25H2 Using Intune (Without Losing Your Sanity) + PowerShell Script
  • Goodbye SCOM Managed Instance: The End of an Era
  • Cybersecurity Tools: Expectation vs Reality
©2025 IT-DRAFTS | Powered by WordPress and Superb Themes!