ifOnly Demonstration
Luke McFadden demonstrates his ifOnly Make application
Community Update Becky Scott
- Have you seen the new career spotlight series in the Career Corner? We’re sharing stories from IT admins, asking them 5 questions each about their career progression. And we’d love to feature you next! Email us to get on the list. (community@jumpcloud.com)
- JumpCloud University recently relaunched on a new platform and we’ve got details on the community for you. AND…and we have some plans to add more cool stuff from JCU, as we call it, so watch the JumpCloud products board for more details soon. I really can’t wait to tell you what we have planned here.
- RNHurt shared how they got JumpCloud SSO working with AWS Grafana, so if you’re interested in seeing how that was done, or have suggestions for improvement (which they asked for), go take a look.
- And don’t forget, you can share any of your cool “schtuff” like that, regardless of whether it’s built on JumpCloud. We love to see it. The homelabs stuff has been taking off, too, so go to town!
Meetup Update
JumpCloud Product/News Updates
- Import Additional Attributes from Google
- There are now more fields that can be mapped and imported from Google Workspaces. You can see all the new fields under the Cloud directory integrations tab for Google Workspaces
- O365 has extended fields as well
- You can map Manager, Office Location, Alternate email etc
IT Trending Updates “Rapid Fire Round” (Ben/Becky) - 5-10min
- Apple, Google, and Microsoft want to kill the password with “Passkey” standard (Ars Technica)
- The first Thursday of May is apparently "World Password Day," and to celebrate Apple, Google, and Microsoft are launching a "joint effort" to kill the password. The major OS vendors want to "expand support for a common passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium."
- The standard is being called either a "multi-device FIDO credential" or just a "passkey." Instead of a long string of characters, this new scheme would have the app or website you're logging in to push a request to your phone for authentication. From there, you'd need to unlock the phone, authenticate with some kind of pin or biometric, and then you're on your way. This sounds like a familiar system for anyone with phone-based two-factor authentication set up, but this is a replacement for the password rather than an additional factor.
- Google Assistant can now automatically change passwords (Engadget)
- Google said a year ago that Assistant would offer to change compromised passwords, and now the company is delivering on that promise in earnest. Android Police notes that Assistant warnings are now rolling out more broadly to Chrome users, including those on Android. Sign in to a site with a compromised password and you'll both get the familiar "change your password" alert and, on some sites, an option to have Assistant automatically make that change. You can take control at any point, but this will be helpful if you'd rather not spend time devising a secure replacement sign-in.
- The helper uses the AI from Google's web version of Duplex to navigate websites and apply password changes. It knows how to click, scroll and fill in forms that would typically require human intervention.
- GitHub is making 2FA mandatory for devs (TheNextWeb)
- GitHub is increasing the security of repositories by requiring all developers to enable two-factor authentication by the end of 2023.
- The company’s directive is simple: if you contribute to code, you must enable 2FA. GitHub is probably pushing this initiative because the number of people using adequate security measures is so low. The company said only 16.5% of active GitHub users and only 6.44% of NPM registry users use 2FA.
- To enable, go to your profile avatar in Github (top right) and then click on Settings. From there you will click on password and authentication and enable Two-Factor. Follow the on screen instructions from there.
- Facebook to discontinue Nearby Friends and other location-based features (9to5 Mac)
- Facebook on Thursday began informing users that Nearby Friends and other location-based features will soon be discontinued at the end of the month. While the reasons are currently unclear, the company claims that all information related to these features will be deleted from Facebook’s servers.
- Users have been getting a notification in the Facebook app for iOS and Android about the end of Nearby Friends, a feature that lets people share their current location with other Facebook friends. At the same time, Facebook also says that Time Alerts, Location History, and Background Location are also “going away soon.”
- According to the company, Nearby Friends and other location-based features will no longer be available to users after May 31, 2022.
- Microsoft to nudge more users toward Azure Active Directory (TheRegister)
- Users of Microsoft's Update Compliance service have been warned that a move to Azure Active Directory will be required if they wish to continue using the service.
- Update Compliance is a tool aimed at helping administrators keep track of security, quality, and feature updates in Windows 10 or 11 (Pro, Education, and Enterprise editions). Powered by the Windows diagnostic data processor, the service spits out a report of device and update issues related to compliance that need attention.
- The service is hosted in Azure and is an Azure Marketplace application. It looks at devices on the General Availability Channel as well as the Long-Term Servicing Channel and will need at least Required diagnostic data and ideally Optional (for Windows 11) or Enhanced levels of data for Windows 10 to perform some of the queries of Update Compliance.
- Azure Active Directory device joins have also been a prerequisite. From October 15, 2022, this will be enforced.
- Microsoft: Windows 11 KB5012643 update will break some apps (Bleeping Computer)
- Microsoft has warned Windows 11 users that they might experience issues launching and using some .NET Framework 3.5 applications.
- This known issue impacts only systems running Windows 11, version 21H2, where users have installed the KB5012643 optional preview cumulative update.
- Affected apps use optional components such as Windows Workflow (WWF) and Windows Communication Foundation (WCF).
- "After installing KB5012643, some .NET Framework 3.5 apps might have issues or might fail to open," Microsoft revealed on the Windows health dashboard.
- The company also addressed another known issue triggered after installing this Windows non-security update, leading to flickering screen problems in Safe Mode without Networking.
- The same KB5012643 issue also made some Windows apps (e.g., File Explorer, Start Menu, and Taskbar) seem unstable while running in Safe Mode.
- $43 billion stolen through Business Email Compromise since 2016, reports FBI
- The FBI’s Internet Crime Complaint Center (IC3) issued a public service announcement on May 4 2022, sharing updated statistics on Business Email Compromise (BEC) attacks which use a variety of social engineering and phishing techniques to break into accounts and trick companies into transferring large amounts of money into the hands of criminals.
- The report looked at 241,206 incidents reported to law enforcement and banking institutions between June 2016 and December 2021, and says that the combined domestic and international losses incurred amounted to US $43.31 billion.