.NET Rocks! is an Internet Audio Talk Show for Microsoft .NET Developers.
…
continue reading
תוכן מסופק על ידי Richard Campbell. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Richard Campbell או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
דומה לRunAs Radio
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
A weekly talk show taking a pragmatic look at the art and business of Software Development and the world of technology.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Developer Tea exists to help driven developers connect to their ultimate purpose and excel at their work so that they can positively impact the people they influence. With over 17 million downloads to date, Developer Tea is a short podcast hosted by Jonathan Cutrell, engineering leader with over 15 years of industry experience. We hope you'll take the topics from this podcast and continue the conversation, either online or in person with your peers. Email: developertea@gmail.com
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
))
Daily Deals
Fixing a Security Vulnerability in Active Directory with Steve Syfuhs
Manage episode 486735153 series 19264
תוכן מסופק על ידי Richard Campbell. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Richard Campbell או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
Why would a security vulnerability take more than two years to fix? Richard chats with Steve Syfuhs about the evolution of the response to KB5015754. Originally published in 2022, the issue involved vulnerabilities in the on-premises certificate authority for Active Directory. Pushing a fix to force the immediate replacement of the certificates could have left users unable to log into Active Directory entirely. Steve explains how the gradual rollout of the fix allowed folks concerned (and paying attention!) to fix it immediately. At the same time, for everyone else, the fix happened as the existing certificates expired. But not every scenario is automatic - some require sysadmin intervention. So, how do you get their attention? The story leads to the February 11, 2025 update that could knock some users off Active Directory, but had an easy and quick fix. The final phase should be September 2025; hopefully, the last stragglers will be ready!
Links
Recorded April 10, 2025
1027 פרקים
שתפוManage episode 486735153 series 19264
תוכן מסופק על ידי Richard Campbell. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Richard Campbell או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.
Why would a security vulnerability take more than two years to fix? Richard chats with Steve Syfuhs about the evolution of the response to KB5015754. Originally published in 2022, the issue involved vulnerabilities in the on-premises certificate authority for Active Directory. Pushing a fix to force the immediate replacement of the certificates could have left users unable to log into Active Directory entirely. Steve explains how the gradual rollout of the fix allowed folks concerned (and paying attention!) to fix it immediately. At the same time, for everyone else, the fix happened as the existing certificates expired. But not every scenario is automatic - some require sysadmin intervention. So, how do you get their attention? The story leads to the February 11, 2025 update that could knock some users off Active Directory, but had an easy and quick fix. The final phase should be September 2025; hopefully, the last stragglers will be ready!
Links
Recorded April 10, 2025
1027 פרקים
כל הפרקים
×
R
RunAs Radio
1 Copilot Studio with April Dunnam 35:43
35:43 
הפעל מאוחר יותר 
הפעל מאוחר יותר 
רשימות 
לייק 
אהבתי35:43
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיHow do you bring AI agents to your organization? Richard chats with April Dunnam about her experiences with Copilot Studio, Microsoft's tool for building various agents for your organization. April discusses the multiple approaches available today for utilizing generative AI and the benefits of leveraging template-driven and low-code solutions to capitalize on the latest features in agentic AI. The conversation also delves into the relationship between M365 Copilot and Copilot Studio for creating extensions and focused functionality. There's a significant amount of power here if you take the time to learn the tools! Links Microsoft Copilot Studio Build your First Copilot Studio Agent in Minutes Playright MCP Testing Copilot Studio Agents Agent Flows Dataverse MCP April's Copilot Estimator Recorded July 8, 2025…
R
RunAs Radio
What's happening with Fabric in 2025? While at Build, Richard chatted with Arun Ulag about the fantastic progress Fabric has made in the past year. Arun discusses expanding the product line beyond analytics to include real-time intelligence and hosting primary data workloads. The goal is to make it incredibly easy to get your organization's "data estate in order"... not just for security and analytics, but also for your upcoming AI-related workloads. Arun also discusses the power of conversational interfaces to access data, helping leaders get answers quickly and allowing analysts in your organization to build resources that can answer those questions quickly. Links Microsoft Fabric Recorded May 20, 2025…
R
RunAs Radio
1 Building Real Software using PowerApps with Luise Freese 38:35
38:35 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי38:35
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיHow does a PowerApp become a fully-fledged software application? Richard chats with Luise Freese about her experience of taking a PowerApp built by an individual through the "onboarding process" of becoming a complete software application, including requirements, tests, deployment pipeline, security, user training, and more. It's easy to create a prototype of an application with PowerApps, but once you move beyond the basics, there's a significant amount of work that's essential to the long-term health of the app. Luise discusses how often PowerApps utilizes "free" data sources, such as SharePoint lists, rather than the underlying datasets that require a license. This hinders performance and reliability; it's better to work with the right APIs and data sources. It's also an accomplishment, as what started as an individual's automation is now a part of the suite of applications that a company depends on! Links Power Apps and Power Automate Luise's Blog Post Microsoft Power Platform Center of Excellence Starter Kit Entra ID for Power Apps Recorded June 27, 2025…
R
RunAs Radio
1 More Azure Innovations with Mark Russinovich 30:18
30:18 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי30:18
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיHow has Azure been innovating lately? While at Build Richard chatted with Azure CTO Mark Russinovich about some of the latest innovations in Azure, including some of the new hardware available. Mark talks about working with hardware manufacturers to build servers optimized to the workloads the largest Azure customers need. The conversation also explores the new innovations in AI and how Azure is being optimized to serve those workloads - and be shaped by them! Mark also talks about how material science is evolving with generative AI technologies leading to a discussion about the coming role of quantum computing - and how that will live in the cloud as well! Links Scott and Mark Learn to... Azure F-Family VMs Hollow Core Fiber Majorana 1 Quantum Processor Recorded May 20, 2025…
R
RunAs Radio
1 Getting More from GitHub with April Yoho 33:10
33:10 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי33:10
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיHow do you get more from GitHub in your work routine? Richard chats with April Yoho about how sysadmins can take advantage of more GitHub features to make better quality scripts and more! April discusses the capabilities of GitHub Copilot to assist administrators in comprehending the intricacies of source management, including branching and merging. The conversation also delves into extracting more from Copilot itself, including custom instructions and the new agentic mode. Now you can use Copilot to describe a new script and turn it into a series of GitHub issues - and those issues can be assigned to an agentic AI to get the code written! Links SPACE Framework Custom Instructions for GitHub Copilot Resolving Merge Conflicts Agent Mode in VS Code Recorded May 20, 2025…
R
RunAs Radio
Here comes SQL Server 2025! While at Build, Richard chatted with Bob Ward about releasing a preview version of SQL Server 2025. Bob discusses SQL Server 2025 as an AI-ready enterprise database with numerous capabilities specifically tailored to your organization's AI needs, including a new vector data type. This includes making REST API calls to Azure OpenAI, Ollama, or OpenAI. This is also the version of SQL Server designed to integrate with Microsoft Fabric through mirroring. There are many more features, even a new icon! Links SQL Server 2025 Announcement JSON Data Type Ollama Recorded May 20, 2025…
R
RunAs Radio
1 The Case for Telemetry with Liz Fong-Jones 32:17
32:17 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי32:17
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיHow can modern telemetry solutions help you? While at NDC in Melbourne, Richard chatted with Liz Fong-Jones of Honeycomb about her approach to educating leadership on creating great telemetry solutions for organizations. Liz discusses the importance of being able to answer questions about reliability issues without causing problems, as opposed to relying on a dashboard for every measurement taken of the system. The conversation also delves into the culture of building reliability, where people are encouraged to fail and learn, rather than being punished when things go wrong. Links Honeycomb Recorded April 30, 2025…
R
RunAs Radio
1 Fixing a Security Vulnerability in Active Directory with Steve Syfuhs 49:33
49:33 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי49:33
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיWhy would a security vulnerability take more than two years to fix? Richard chats with Steve Syfuhs about the evolution of the response to KB5015754. Originally published in 2022, the issue involved vulnerabilities in the on-premises certificate authority for Active Directory. Pushing a fix to force the immediate replacement of the certificates could have left users unable to log into Active Directory entirely. Steve explains how the gradual rollout of the fix allowed folks concerned (and paying attention!) to fix it immediately. At the same time, for everyone else, the fix happened as the existing certificates expired. But not every scenario is automatic - some require sysadmin intervention. So, how do you get their attention? The story leads to the February 11, 2025 update that could knock some users off Active Directory, but had an easy and quick fix. The final phase should be September 2025; hopefully, the last stragglers will be ready! Links KB5014754 Microsoft Security Response Center Create and Assign SCEP Certificate Profiles in Intune Recorded April 10, 2025…
R
RunAs Radio
1 How to Talk to Security with Sarah Young 35:48
35:48 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי35:48
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיHow do you talk to security? While at NDC Melbourne, Richard chatted with Sarah Young about her approaches to helping folks work with the security team. Often seen as an impediment to business, Sarah talks about what motivates security teams, how to use language to help them understand that you are taking security seriously, and how to get more things done! Ultimately, the DevOps mantra of providing value to the customer still works - working with people to improve the processes that lead to secure systems helps everyone! Links Daniel Pink's Drive Managed Identities for Azure Tenerife Airport Disaster Recorded April 30, 2025…
R
RunAs Radio
1 PowerShell 7.5 and DSC 3.0.0 with Jason Helmick 36:47
36:47 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי36:47
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיWhat's new in PowerShell 7.5? Richard talks to Jason Helmick about the latest version of PowerShell. Jason talks about 7.5 being a version with plenty of community contributions and what that means for everyone. He also discusses 7.6, which will be released as a long-term support version of PowerShell synchronized with .NET 10. Then, on to Desired State Configuration 3.0.0, which makes DSC work effectively across platforms, with or without PowerShell itself! 7.5 is a great version - are you up to date? Links PowerShell 7.5 PowerShell on GitHub Desired State Configuration 3.0.0 WinGet Configuration System Configuration Tools in Windows Recorded April 4, 2025…
R
RunAs Radio
1 Active Directory in 2025 with Liz Tesch 34:38
34:38 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי34:38
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיActive Directory is 25 years old - are you still managing it like it's 1999? Richard talks to Liz Tesch about her excellent blog post on the subject and the challenge many sysadmins have with Active Directory today. Liz talks about how WAN bandwidth was a concern in the early 2000s, so we organized Active Directory into Organizational Units to minimize the amount of AD traffic over the WAN - today, that is irrelevant. The challenge today is ensuring AD is not a vector for blackhats to attack the organization. Raising your functional level and utilizing some great free tools (check the links in the show notes) are all you need to use Active Directory like it's 2025! Links Active Directory is 25 Years Old. Do you still manage it like it's 1999? mimikatz Windows Local Administrator Password Solution Microsoft Entra Privileged Identity Management Kara Lawson - Handle Hard Better Endpoint Detection and Response Recorded April 4, 2025…
R
RunAs Radio
1 Building a Career in Cybersecurity with Yuri Diogenes 36:29
36:29 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי36:29
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיHow do you make a career in cybersecurity? Richard talks to Yuri Diogenes about his work in cybersecurity, including his book on building a career in cybersecurity. Yuri talks about the inquisitive mindset that works well in cybersecurity - wanting to understand why things happen and get to the root cause. The conversation also explores the value of experimentation and practical experience as well as certifications and training - they all have value. However, it is also recognized that cybersecurity encompasses a vast area of work - it's not one kind of job, so you have a lot of choices to make! Links Building a Career in Cybersecurity Recorded March 14, 2025…
R
RunAs Radio
1 Modern Work in 2025 with Karoliina Kettukari 34:55
34:55 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי34:55
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיSo what does modern work look like today? Richard talks to Karoliina Kettukari about her new role as the Head of Modern Work for a financial services company in Finland, and what modern work has evolved. Karoliina talks about how the pandemic accelerated modern work, such as being able to work anywhere and collaborating with whomever you need to. Post-pandemic, there is a push for more work from the office, but remote work is still essential - and now artificial intelligence is changing the landscape again. The rapid evolution of AI technologies is a challenge for admins, but the productivity benefits are becoming obvious - you need some good governance! Links Microsoft 365 Copilot Overview The EU Artificial Intelligence Act European Collaboration Summit Recorded March 6, 2025…
R
RunAs Radio
1 Agentic AI for IT Pros with Tim Warner 34:44
34:44 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי34:44
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיWhat can agentic AI do for you? Richard talks to Tim Warner about his work utilizing next generation agentic AI technologies to help with sysadmin tasks. Tim talks about the early lead that Cursor AI took with AI agents capable of writing and executing scripts on your behalf - as opposed to just creating code you can cut-and-paste. Today, GitHub Copilot has caught up with Agent Mode in Copilot Edits, although still in preview, it speaks to a future where sysadmins use these tools to write better scripts for work - and get more done in less time! Links Cursor AI OpenAI Operator GitHub Copilot Copilot Edits Recorded February 17, 2025…
R
RunAs Radio
1 How to Not Hate PowerShell with Barbara Forbes 36:54
36:54 הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתי36:54
הפעל מאוחר יותר הפעל מאוחר יותר רשימות לייק אהבתיAre some of your team members starting to hate PowerShell? Richard talks to Barbara Forbes about her experiences with teams frustrated by PowerShell. Barbara talks about overcomplicating PowerShell scripts—the kind the most senior folks can create but no one else can maintain. Eventually, nobody will want to touch those scripts. Then there is the question of business value—does everything need to be automated? And by how much? Often, the appropriate solution solves 80% of the cases; the other 20% are best done by hand because the cost and complexity of the last 20% are too high. Focus on the return on investment for the business, and you'll keep the love of PowerShell alive! Links PowerShell Pester Testing GitHub Copilot Bicep Recorded February 24, 2025…
ברוכים הבאים אל Player FM!
Player FM סורק את האינטרנט עבור פודקאסטים באיכות גבוהה בשבילכם כדי שתהנו מהם כרגע. זה יישום הפודקאסט הטוב ביותר והוא עובד על אנדרואיד, iPhone ואינטרנט. הירשמו לסנכרון מנויים במכשירים שונים.
דומה לRunAs Radio
.NET Rocks! is an Internet Audio Talk Show for Microsoft .NET Developers.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
A weekly talk show taking a pragmatic look at the art and business of Software Development and the world of technology.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Developer Tea exists to help driven developers connect to their ultimate purpose and excel at their work so that they can positively impact the people they influence. With over 17 million downloads to date, Developer Tea is a short podcast hosted by Jonathan Cutrell, engineering leader with over 15 years of industry experience. We hope you'll take the topics from this podcast and continue the conversation, either online or in person with your peers. Email: developertea@gmail.com
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Player FM - אפליקציית פודקאסט
התחל במצב לא מקוון עם האפליקציה Player FM !
התחל במצב לא מקוון עם האפליקציה Player FM !
