Welcome back to IT Pro Tuesday!

In the latest episode of the Security Swarm Podcast: “The Danger of Malicious OAuth Apps in M365,” we discuss an issue that has plagued M365 for many years. By default, end users are given great freedom to “authorize” OAuth apps and provide them access to the M365 tenant, unknowingly creating a security issue that persists even once the affected user’s password has changed!

We’re also looking for your favorite tips and tools we can share with the community… those that help you do your job better and more easily. Please reply or leave a comment with your suggestions, and we’ll be featuring them in the coming weeks.

A Free Tool

Open Hardware Monitor tracks critical system metrics, including temperature sensors, fan speeds, voltages, load, and clock speeds. Monitored data can be displayed in the primary application window, a customizable desktop gadget, or the system tray. -SPOF recommends it for “real-time monitoring of CPU, GPU, and hard drive temperatures, as well as fan speeds and voltages.”

A Tutorial

Automate Microsoft 365 User Offboarding with PowerShell explains how to streamline the user offboarding process using a convenient script that adheres to recommended sysadmin best practices. This approach offers both enhanced security and greater efficiency by eliminating the possibility that anything will fall through the cracks when an employee departs. Kindly suggested by The_Lemmings.

External Attack Surface Management Attack Surface Summary

Another Free Tool

WifiInfoView is a utility that scans for nearby wireless networks and displays key information. Listed data includes network name, MAC address, PHY type, router info, signal quality, and more. Appreciation for recommending this tool goes to bbqwatermelon.

External Attack Surface Management Attack Surface Summary

Yet Another Free Tool

SignTool allows you to securely sign, verify, and timestamp files. It comes bundled with the Windows Software Development Kit to address file integrity and security needs. ThioJoe explains, “It’s command line only but gives you a lot more control [vs. DigiCert]. Also easier to integrate into scripts and stuff.”

External Attack Surface Management Attack Surface Summary

One More Free Tool

gping is a souped-up version of the traditional ping utility that graphs network latency for multiple hosts as well as execution time for commands, with the option of custom colors. Our thanks for the suggestion go to fudgecakekistan.

External Attack Surface Management Attack Surface Summary

P.S. Bonus Free Tools

SYDI-Server is a utility that uses a two-step process to quickly reveal all the servers that are present on your network. It first leverages WMI to collect comprehensive host information and then produces a report on what’s found. 1fizgignz adds, “I used it to map info on servers in an environment I inherited when starting a new job. Converted what it got into Word docs for each server.”

Docker Cheatsheet is a concise reference to help you locate the frequently used commands and other relevant information on Docker use. Thanks go to Extra_Discipline_644 for directing us to this handy resource.