Exciting News for Nonprofits: Enhanced Security with Microsoft Enterprise E5 Add-On!
What Does the E5 Security Add-On Include? The Microsoft Enterprise E5 Security add-on offers advanced security capabilities, including: Microsoft Entra ID Plan 2: Advanced identity protection and governance. Microsoft Defender for Identity: Real-time identity threat detection and response. Microsoft Defender for Endpoint Plan 2: Comprehensive endpoint security. Microsoft Defender for Office 365 Plan 2: Enhanced email and collaboration security. Microsoft Defender for Cloud Apps: Cloud application security and monitoring. * Please note, that at the time this article was written, Microsoft's nonprofit grant included Business Premium licenses. Currently they are no longer free but offered at a nonprofit discount. In-Depth Look at E5 Security Add-On Features 1. Microsoft Entra ID Plan 2 (formerly Azure AD Premium P2) What it is: An advanced identity and access management (IAM) solution with capabilities beyond standard Entra ID. Key Benefits for Nonprofits: Conditional Access & Risk-Based Policies: Detect risky sign-ins automatically and apply controls like MFA or block access. Identity Protection: Uses machine learning to detect user and sign-in risks, helping prevent account takeovers. Privileged Identity Management (PIM): Provides just-in-time access to admin roles, reducing exposure to privileged account misuse. Governance & Compliance: Automates entitlement reviews and helps ensure appropriate access to resources. 2. Microsoft Defender for Identity What it is: A cloud-based solution that monitors and secures your identity within your organization. Key Benefits for Nonprofits: Real-Time Threat Detection: Identifies lateral movement, privilege escalation, and other advanced threats within your network. Insider Threat Detection: Highlights risky behaviors from internal users, mitigating potential insider threats. Attack Surface Reduction: Detects brute force attacks, pass-the-hash, golden ticket attacks, and other identity-related threats. 3. Microsoft Defender for Endpoint Plan 2 What it is: An endpoint detection and response (EDR) solution to secure servers, desktops, and mobile devices. Key Benefits for Nonprofits: Threat & Vulnerability Management: Detects and prioritizes software vulnerabilities for remediation. Behavioral Analytics: Uses AI and threat intelligence to flag abnormal activities on endpoints. Automated Investigation & Response: Reduces the load on IT staff by automating threat investigations and remediations. Cross-Platform Protection: Protects Windows, macOS, Linux, iOS, and Android devices. 4. Microsoft Defender for Office 365 Plan 2 What it is: An advanced security solution for email, Teams, and other Microsoft 365 collaboration tools. Key Benefits for Nonprofits: Threat Investigation & Hunting: Enables proactive threat hunting across email and collaboration platforms. Attack Simulation Training: Simulates phishing and other attacks to train staff on security awareness. Automated Incident Response: Automatically responds to and remediates malicious emails and collaboration-based threats. Safe Links & Safe Attachments: Protects users from malicious links and harmful file attachments. 5. Microsoft Defender for Cloud Apps What it is: A cloud access security broker (CASB) that monitors and protects SaaS applications. Key Benefits for Nonprofits: App Discovery & Shadow IT Detection: Identifies unsanctioned or unmanaged apps used by staff. Data Loss Prevention (DLP): Helps prevent accidental or malicious leaks of sensitive data across cloud apps. Threat Protection: Detects suspicious behaviors in cloud applications, such as unusual login locations or mass file downloads. Compliance Monitoring: Helps organizations enforce compliance policies across cloud platforms. Why Is This Important? The E5 Security add-on offers nonprofits enterprise-grade security tools that enable them to detect, investigate, and respond to threats with greater speed and confidence. It allows organizations to proactively manage identity security, secure devices, and protect communications and data across cloud applications. By adopting these advanced solutions, nonprofits can build resilience against evolving threats and maintain the trust of their communities and stakeholders. Valuable Training for Nonprofits One of the most valuable features for nonprofits is access to cyber-attack simulation training. This training provides a safe and controlled environment to simulate real-world cyber-attacks, helping to train employees in recognizing and responding to threats. How to Get Started Nonprofits can easily add the E5 Security to their existing Business Premium licenses for $12 per user per month. This add-on ensures that your organization is equipped with the latest security tools to protect against evolving threats. For more information on how to access this add-on, visit Cybersecurity for small and medium business | Microsoft Security and Add Microsoft 365 E5 Security to your Microsoft 365 Business Premium subscription - Microsoft Learn. Empower your nonprofit with the best security solutions and continue making a positive impact in your community!Announcing the Firmware Analysis Public Preview
Consider an organization with thousands of smart sensors, IoT/OT and network equipment deployed on factory floors. Most of these devices are running full operating systems, but unlike traditional IT endpoints which often run security agents, IoT/OT and network devices frequently function as “black boxes”: you have little visibility into what software they’re running, which patches are applied, or what vulnerabilities might exist within them. This is the challenge many organizations face with IoT/OT and networking equipment - when a critical vulnerability is disclosed, how do you know which devices are at risk? To help address this challenge, we are excited to announce the public preview of firmware analysis, a new capability available through Azure Arc. This extends the firmware analysis feature we introduced in Microsoft Defender for IoT, making it available to a broader range of customers and scenarios through Azure. Our goal is to provide deeper visibility into IoT/OT and network devices by analyzing the foundational software (firmware) they run. Firmware analysis will also help companies that build firmware for devices better meet emerging cybersecurity regulations on their products. In this post, we’ll explain how the service works, its key features, and how it helps secure the sensors and edge devices that feed data into AI-driven industrial transformation. Securing Edge Devices to Power AI-Driven Industrial Transformation In modern industrial environments, data is king. Organizations are embracing Industry 4.0 and AI-driven solutions to optimize operations, leveraging advanced analytics and machine learning. The path to AI-driven industrial transformation is fueled by data – and much of that data comes from sensors and smart devices at the edge of the network. These edge devices measure temperature, pressure, vibration, and dozens of other parameters on the factory floor or in remote sites, feeding streams of information to cloud platforms where AI models turn data into insights. In fact, sensors are the frontline data collectors in systems like predictive maintenance, continuously monitoring equipment and generating the raw data that powers AI predictions. However, if those edge devices, sensors, and networking equipment are not secure and become compromised, the quality and reliability of the data (and thus the AI insights) cannot be guaranteed. Vulnerable devices can also be used by attackers to establish a foothold in the network, allowing them to move laterally to compromise other critical systems. In an industrial setting this could mean safety hazards, unplanned downtime, or costly inefficiencies. This is why securing the smart devices and networking equipment at the foundation of your industrial IoT data pipeline is so critical to digital transformation initiatives. By using firmware analysis on the devices’ firmware before deployment (and regularly as firmware updates roll out), the manufacturer and plant operators gain visibility into the security posture of their environment. For example, they might discover that a particular device model’s firmware contains an outdated open-source library with a known critical vulnerability. With that insight, they can work with the vendor to get a patched firmware update before any exploit occurs in the field. Or the analysis might reveal a hard-coded passwords for maintenance account in the device; the ops team can then ensure those credentials are changed or the device is isolated in a network segment with additional monitoring. In short, firmware analysis provides actionable intelligence to fortify each link in the chain of devices that your industrial systems depend on. The result is a more secure, resilient data foundation for your AI-driven transformation efforts – leading to reliable insights and safer, smarter operations on the plant floor. Firmware analysis is also a key tool used by device builders – by analyzing device firmware images before they are delivered to customers, builders can make sure that new releases and firmware updates meet their and their customers’ security standards. Firmware analysis is a key component to address emerging cybersecurity regulations such as the EU Cyber Resilience Act and the U.S. Cyber Trust Mark. How Firmware Analysis Works and Key Features Firmware analysis takes a binary firmware image (the low-level software running on an IoT/OT and network device) and conducts an automated security analysis. You can upload an unencrypted, embedded Linux-based firmware image to the firmware analysis portal. The service unpacks the image, inspects its file system, and identifies potential hidden threat vectors – all without needing any agent on the device. Here are the main capabilities of the firmware analysis service: Identifying software components and vulnerabilities: The first thing the analysis does is produce an inventory of software components found inside the firmware, generating a Software Bill of Materials (SBOM). This inventory focuses especially on open-source packages used in the firmware. Using this SBOM, the service then scans for known vulnerabilities by checking the identified components against public Common Vulnerabilities and Exposures (CVEs) databases. This surfaces any known security flaws in the device’s software stack, allowing device manufacturers and operators to prioritize patches for those issues. Analyzing binaries for security hardening: Beyond known vulnerabilities, our firmware analysis examines how the firmware’s binaries were built and whether they follow security best practices. For example, it checks for protections like stack canaries, ASLR (Address Space Layout Randomization), and other compile-time defenses. This “binary hardening” assessment indicates how resistant the device’s software might be to exploitation. If the firmware lacks certain protections, it suggests the device could be easier to exploit and highlights a need for improved secure development practices by the manufacturer. In short, this feature acts as a gauge of the device’s overall security hygiene in its compiled code. Finding weak credentials and embedded secrets: Another critical aspect of the analysis is identifying hard-coded user accounts or credentials in the firmware. Hard-coded or default passwords are a well-known weakness in IoT devices – for instance, the Mirai botnet famously leveraged a list of over 60 factory-default usernames and passwords to hijack IoT devices for DDoS attacks. Firmware analysis will flag any built-in user accounts and the password hash algorithms used, so manufacturers can remove or strengthen them, and enterprise security teams can avoid deploying devices with known default credentials. Additionally, the firmware analysis looks for cryptographic materials embedded in the image. It will detect things like expired or self-signed TLS/SSL certificates, which could jeopardize secure communications from a device. It also searches for any public or private cryptographic keys left inside the firmware – secrets that, if found by adversaries, could grant unauthorized access to the device or associated cloud services. By uncovering these hidden secrets, the service helps eliminate serious risks that might otherwise go unnoticed in the device’s software. All these insights – from software inventory and CVEs to hardening checks and secret material detection – are provided in a detailed report for each firmware image you analyze. Firmware analysis provides deep insights, clear visibility, and actionable intelligence into your devices' security posture, enabling you to confidently operate your industrial environments in the era of AI-driven industrial transformation. Getting Started and What’s Next If you have IoT/OT and network devices in your environment, use firmware analysis to test just how secure your devices are. Getting started is easy: access firmware analysis public preview by searching on “firmware analysis” in the Azure portal, or access using this link. In the future, firmware analysis will be more tightly integrated into the Azure portal. Onboard your subscription to the preview and then upload firmware images for analysis - here is a step-by-step tutorial. The service currently supports embedded Linux-based images up to 1GB in size. In this preview phase, there is no cost to analyze your firmware – our goal is to gather feedback. We are excited to share this capability with you, as it provides a powerful new tool for securing IoT/OT and network devices at scale. By shedding light on the hidden risks in device firmware, firmware analysis helps you protect the very devices that enable your AI and digital transformation initiatives. Firmware is no longer just low-level code—it’s a high-stakes surface for attack, and one that demands visibility and control. Firmware analysis equips security teams, engineers, and plant operators with the intelligence needed to act decisively—before vulnerabilities become headlines, and before attackers get a foothold. Please give the firmware analysis preview a try and let us know what you think.
Window becomes huge when edge snapping on one monitor
I recently switched from Windows 10 to 11 and have one issue. I have three monitors in a PLP configuration. The two sides are 1440X2560 in portrait and the center is 5440X1440. On WIn10, I used Display Fusion, but Windows 11 seems to have better native features for multi-monitors, so I am trying to use it. What I am trying to solve is this. When I drag a window to the outside edge of my right monitor, instead of giving me snapping options (like the monitor on the left), it essentially magnifies the window by about a factor of about 3X. It's almost like the system is set to trigger the magnifier whenever a window is moved to the far right but it's not trying to magnify the whole screen, just the window and Magnifier seems like it's turned off under Ease of Use. If I move the window to the top, I get the expected window sizing/snapping options. It is also letting me drag the window well past the edge of the screen, so I can drop it off the edge and then I have to use keystrokes to find and restore it. Has anyone ever encountered anything like this? If so, how to fix it?
What makes windows 11 system files get corrupted ?
From few days my windows 11 refused to load but I was able to use commands like DISM, chkdsk, sfc /scannow and it return to load again. But I wonder what is the most common cause to make windows 11 files get corrupted like this ?. Causes like Improper Shutdowns or Power Loss , Failing or Faulty Storage Drive, Malware or Virus Infections are not responsible for me so what is the most probably cause for this ?Trusted Signing Public Preview Update
Nearly a year ago we announced the Public Preview of Trusted Signing with availability for organizations with 3 years or more of verifiable history to onboard to the service to get a fully managed code signing experience to simplify the efforts for Windows app developers. Over the past year, we’ve announced new features including the Preview support for Individual Developers, and we highlighted how the service contributes to the Windows Security story at Microsoft BUILD 2024 in the Unleash Windows App Security & Reputation with Trusted Signing session. During the Public Preview, we have obtained valuable insights on the service features from our customers, and insights into the developer experience as well as experience for Windows users. As we incorporate this feedback and learning into our General Availability (GA) release, we are limiting new customer subscriptions as part of the public preview. This approach will allow us to focus on refining the service based on the feedback and data collected during the preview phase. The limit in new customer subscriptions for Trusted Signing will take effect Wednesday, April 2, 2025, and make the service only available to US and Canada-based organizations with 3 years or more of verifiable history. Onboarding for individual developers and all other organizations will not be directly available for the remainder of the preview, and we look forward to expanding the service availability as we approach GA. Note that this announcement does not impact any existing subscribers of Trusted Signing, and the service will continue to be available for these subscribers as it has been throughout the Public Preview. For additional information about Trusted Signing please refer to Trusted Signing documentation | Microsoft Learn and Trusted Signing FAQ | Microsoft Learn.
