Welcome back to IT Pro Tuesday!
In the latest episode of the Security Swarm Podcast: "The Danger of Malicious OAuth Apps in M365," we discuss an issue that has plagued M365 for many years. By default, end users are given great freedom to “authorize” OAuth apps and provide them access to the M365 tenant, unknowingly creating a security issue that persists even once the affected user’s password has changed!
We're also looking for your favorite tips and tools we can share with the community... those that help you do your job better and more easily. Please reply or leave a comment with your suggestions, and we'll be featuring them in the coming weeks.
As always, we’re updating the full list on our website here. Enjoy.
A Free Tool
Open Hardware Monitor tracks critical system metrics, including temperature sensors, fan speeds, voltages, load, and clock speeds. Monitored data can be displayed in the primary application window, a customizable desktop gadget, or the system tray. -SPOF recommends it for "real-time monitoring of CPU, GPU, and hard drive temperatures, as well as fan speeds and voltages."
Automate Microsoft 365 User Offboarding with PowerShell explains how to streamline the user offboarding process using a convenient script that adheres to recommended sysadmin best practices. This approach offers both enhanced security and greater efficiency by eliminating the possibility that anything will fall through the cracks when an employee departs. Kindly suggested by The_Lemmings.
Another Free Tool
WifiInfoView is a utility that scans for nearby wireless networks and displays key information. Listed data includes network name, MAC address, PHY type, router info, signal quality, and more. Appreciation for recommending this tool goes to bbqwatermelon.
Yet Another Free Tool
SignTool allows you to securely sign, verify, and timestamp files. It comes bundled with the Windows Software Development Kit to address file integrity and security needs. ThioJoe explains, "It's command line only but gives you a lot more control [vs. DigiCert]. Also easier to integrate into scripts and stuff."
One More Free Tool
gping is a souped-up version of the traditional ping utility that graphs network latency for multiple hosts as well as execution time for commands, with the option of custom colors. Our thanks for the suggestion go to fudgecakekistan.
P.S. Bonus Free Tools
SYDI-Server is a utility that uses a two-step process to quickly reveal all the servers that are present on your network. It first leverages WMI to collect comprehensive host information and then produces a report on what's found. 1fizgignz adds, "I used it to map info on servers in an environment I inherited when starting a new job. Converted what it got into Word docs for each server."
Docker Cheatsheet is a concise reference to help you locate the frequently used commands and other relevant information on Docker use. Thanks go to Extra_Discipline_644 for directing us to this handy resource.
Have a fantastic week and as usual, let us know any comments.