Author Archives: feadmin

Entra ID and Accidental Security Group Deletion

I recently had to help out a customer with a situation where someone in first level support accidentally deleted an Entra ID security group. That person (let’s call him Eric) was trying to to remove a user from the group using the Entra Portal but ended up deleting the group instead. It transpired that instead… Read More »

MDAC in Audit mode blocking .hta files

When something runs in Audit mode, you generally expect it not to block anything, right? I recently found an anomaly with Microsoft Defender Application Control runing in Audit mode causing .hta files not to open. An HTML Application (HTA) is a Microsoft Windows program whose source code consists of HTML, Dynamic HTML, and one or… Read More »

The Artist Formerly Known as ATP

You may have heard recently that Microsoft has rebranded their Advanced Threat Protection (ATP) offerings. I’m putting this up here because I keep forgetting their new names. This is what they look like: Microsoft 365 Defender (previously Microsoft Threat Protection)Microsoft Defender for Endpoint (previously Microsoft Defender Advanced Threat Protection)Microsoft Defender for Office 365 (previously Office… Read More »