68890 – Microsoft Defender for Identity: Detection improvement – Netlogon (archived)

General Availability, Launched, Microsoft Defender for Identity, Web, Worldwide (Standard Multi-Tenant)

check before: 2021-02-28

Product:

Azure Advanced Threat Protection, Defender, Defender for Identity, Microsoft Defender for Identity

Platform:

Online, Web, World tenant

Status:

Launched

Change type:

New feature, Admin impact

Links:

Details:

An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller using the Netlogon Remote Protocol, also known as Netlogon Elevation of Privilege Vulnerability. Defender for Identity already has a detection for this, but this improvement adds capabilities to determine potential encryption and null source account logic detection to the alert, improving accuracy and potential for false positives.

Change Category:
XXXXXXX ...

Scope:
XXXXXXX ...

Release Phase:
General Availability

Created:
2020-11-24

updated:
2021-10-14

the free basic plan is required to see all details. Sign up here

A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.

Get a Plan

Last updated 12 months ago

MC722587 - (Updated) Microsoft Secure Score:… 2. March 2024 Administration check before: 2024-03-16 Product: Defender, Defender for Identity, Defender XDR Platform: World tenant, Online Status: Change type: Admin impact, Feature update, Updated message Links: Details: Microsoft is updating Secure Score actions for Defender for Identity,…
MC718264 - (Updated) Updated Alerts and Incidents… 22. February 2024 Administration check before: 2024-03-07 Product: Defender, Defender XDR Platform: US Instances, World tenant Status: Change type: Admin impact, Feature update, Updated message Links: Details: Microsoft Defender XDR services Identity page's Alerts and Incidents tab is being…
MC734236 - Power Platform - Entra Privilege Identity… 13. March 2024 Administration check before: 2024-03-26 Product: Entra, Intune, Microsoft 365 admin center, Power Automate Platform: Online, World tenant Status: Change type: New feature Links: Details: We are announcing the public preview of the Entra Privilege Identity Management…
MC711666 - Public preview announcement – support all… 1. February 2024 Administration check before: 2024-02-15 Product: Defender, Defender for Cloud Apps, Defender XDR, Microsoft 365 Defender Platform: World tenant, Online Status: Change type: User impact, Admin impact Links: Details: Microsoft Defender for Cloud Apps experience will be…
MC708505 - (Updated) Unified RBAC provides… 20. January 2024 Administration check before: 2024-02-03 Product: Defender, Defender for Office 365, Defender XDR, Entra, Exchange, Microsoft 365 Defender Platform: Online, World tenant Status: Change type: Admin impact, New feature, Updated message, User impact Links: Details: Updated April…
MC707656 - Configuration Change - Microsoft Defender… 17. January 2024 Administration check before: 2024-02-23 Product: Defender, Defender for Cloud Apps, Defender XDR Platform: World tenant, Online Status: Change type: Feature update, Admin impact Links: Details: We're making some changes to the IP lists that need to…

You must be logged in to post a comment.

Share to MS Teams

68890 – Microsoft Defender for Identity: Detection improvement – Netlogon (archived)

check before: 2021-02-28

Related Posts:

Leave a Reply

cloudscout.one

Schierding.one GmbH

become an evergreen hero

Hey there! We've got some great news - our Basic Plus plan has everything you need to succeed, and it's completely free! So, don't hesitate - take advantage of this amazing opportunity today!

Welcome Back, We Missed You!