Hi folks,You need to know about a new Microsoft vulnerability. I just got the notification from MS-ISAC. I'm going to paste an abbreviated version of it for you here. At the end I'll link you to where you can sign up for these advisory notifications ...
HiJust to share my recent discoveries for Sentinel and Splunk as well as mentioning Datadog - as I find it noticeable in terms of integrations efforts and pricing.Azure Sentinel A publicly available Data Connector can be found on GitHub here. It's ju...
Hello everyone, This is a repost of a question we found on Reddit and answered by the stellar @JuergenKlaassen. This answer isn't a plug and play script that's been tested but rather a starting point resource for you to configure what you need. Fir...
Flaw in OAuth implementation for Grammerly and others; allows full account takeover.https://www.darkreading.com/remote-workforce/oauth-log-in-full-account-takeover-millions iPhone MAC address randomization hasn't ever worked. Turns out that while it ...
Did anyone else get affected by the recent issue Microsoft had where admins were receiving copies of all outbound email from other users? (Incident #EX682041, for those following.)The current discussions on reddit are the HIPAA repercussions. I used ...
Whats everyone doing to evaluate and understand their device exposure on the curl and libcurl CVE? Ive got to the point where understanding if curl is present on the device only goes so far, as there are potentially 3rdparty apps that have/utilise t...
I am curious about best practice and how jumpcloud works with ubiquiti's Identity cloud solution. My organisation uses the udm se with some APs, switches, door hubs, security cameras, etc. UID seems to implement/run its own RADIUS server through UID ...
When I try to login as admin my OTP-code says; Verification code was invalid or already used.It does not work. If I try to reset my password I need also an OTP code. I'm locked out and have no clue how to solve this.
Hello All,I recently joined an organization running JumpCloud. One of the challenges I'm trying to solution in the organization is printer access and security. I don't see anything in JC and wanted to bounce this off the group.What I'd like to do is ...
HelloSharing a documentation here to configure JumpCloud and Okta in tandem to use JumpCloud as factor for Device Trust by using OIDC, Conditional Access Policies and Okta's Policy Engine. What it does: If you're using Okta for SSO (let's say via SA...
We have a Mac mini acting as a FileMaker database server, and I need to add SSO logins for database users. For some reason, the JumpCloud agent won't install, so as a workaround I added the Jumpcloud LDAP server as a native directory service per http...
Hi, Just trying out JumpCloud, working well so far. Only issue we have so far is struggling to find anything within the portal to restrict users installing software from the internet. Eg firefox, putty can run directly from Downloads. How are people ...
Configuring a Tailscale SSO connection is pretty straightforward but there are a couple of gotchas to watch out for. First, neither JumpCloud nor Tailscale consider each other a primary vendor so you have to use custom connections. Second, Tailscal...
Just wanted to jot a few notes down for integrating SSO with Redox Engine.Steps:Create the SSO app in JC and accept the defaultsCheck the "Declare Redirect Endpoint" option - Redox requires thisACS URL: https://auth.redoxengine.com/saml2/idpresponseC...
We just upgraded our Bitwarden account to allow SSO integration and I'm having a bit of a tough time with it. There are some docs for the SCIM integration with Bitwarden there is nothing for SAML. JumpCloud has a "Bitwarden" SAML template so I thou...
I create a command in jumpcloud can install sentinel one on Windows 10 it does not need admin right for it to work.Now SentinelOne tell me that in Windows 11 this no longer the case I find it hard to believe that. But I figure I reach out to ask this...
The question of how to handle DCHP and DNS without a domain controller comes up during migrations to cloud directories. The answer is there are alternatives, and the DHCP server role shouldn't installed be on a DC anyway. This brings back a few harro...
John Hammond, of Huntress fame, published a video detailing how it's possible to recover, decrypt and reveal passwords from Chrome. The attack vector will also work for Firefox. It requires access to an endpoint, so don't be too alarmed when you read...
Prerequisites JumpCloud MDMOkta MFA packageOkta identity Engine Motivation There are several ways to enhance the security level of Okta SSO access. This article presents enabling Device Trust (devices must be managed) as an additional authentication...
We use SentinelOne EDR and I just found out that we have XDR data ingestion with our plan, but are not using. We can send pretty much any types of logs (so they say ...) to the XDR. Has anyone been sending their JumpCloud logs to SentinelOne XDR? ...
Hi Community FolksYesterday I wrote about: "How to establish Device Trust for Android Devices with Okta by using JumpCloud's Android EMM?"Now you might wonder: Can I do the same for iOS-devices as well? Yes, certainly you can. Please refer to the art...
HelloRecently I posted about "How to establish Device Trust (managed devices) for Okta by using JumpCloud as factor for authentication?" - which enables you to make use of Device Trust Certificates from JumpCloud with Okta. But how about mobile devic...
Zero trust as a strategy is essentially to trust nothing, verify everything. A colleague and I had an interesting chat the other day where we examined how that concept applies to the intersection of device management and identity. I created a decisio...
If helpful to others, I have successfully configured JumpCloud RADIUS and Groups to work with a Sonicwall SMA 1000 series VPN box (SMA 6210 specifically). General config steps:1. RADIUS services configured and working for the Sonicwall SMA in both JC...
Hi Community ,Since JumpCloud does not notify on Directory Insights logs, Directory Insights can be integrated with any third-party SIEM tool as we already know.Wazuh is a free and open-source security platform that unifies XDR and SIEM protection fo...
HiThe recent (and not so recent) news about LastPass have been - at least to me - literally horrifying. I moved out of LastPass more than a decade ago (to be precise after their security incident on May 3, 2011) and started using 1password from then ...
It's been a minute since I posted about using JumpCloud Commands for security remediations. There's a particularly nasty zero day that's been actively exploited now that involves attackers obtaining an NTLM hash (Windows password) through Microsoft 3...
We didn't do news on the IT hour, but partway through, these two nuggets of joy from bleepingcomputer poped up on my phone:IceFire ransomware now encrypts both Windows and Linux: https://www.bleepingcomputer.com/news/security/icefire-ransomware-now-e...
Hey Folks, As many of you might be wondering (or already asked ) about integrating SIEM solutions with JumpCloud logs - Directory Insights to be more specific, in order to centralise security event monitoring and management, @JuergenKlaassen had a w...
Hi everyone, I've been trying to implement Crowdstrike's SSO following the documentation that can be found in Crowdstrike's portal, and it somewhat-works. Here's what I mean:After following the steps, when clicking on the app, I get re-directed to Cr...
This news cycle has a big drop: the Biden admin's national cybersecurity strategy. A friend worked on it and had this to say: "The strategy establishes an affirmative, values-driven vision for a secure cyberspace that creates opportunities to achieve...
