Practical Protection: SharePoint and ToolShell
In this episode of Practical Protection, we discuss the recent On-premises SharePoint ToolShell exploit and what you need to know and do to protect your environment.
July 31, 2025
SharePoint On-Premises Exploited & Keeping on top of changes in M365: Practical 365 Podcast S04E42
Join Steve Goodman, Paul Robichaux, and Bastiaan Verdonk as they break down critical on-prem SharePoint vulnerabilities (ToolShell exploit) and the overwhelming task of managing Microsoft 365 changes.
July 30, 2025
Exploring the Benefits Multi-Tenant Organizations for Tenant-to-Tenant Migrations
In this article, Sean McAvinue explores how Microsoft's Multi-Tenant Organizations (MTO) can help make tenant-to-tenant migrations a smoother process for both administrators and end users.
July 29, 2025
Deleting Teams Chat Files Automatically Using Purview
Many organizations view Teams chats stored in OneDrive for Business as potential compliance risks. Without proper retention policies, this data can be lost, deleted, or retained too long. In this blog, we dive into managing Teams chat files automatically with Purview.
July 28, 2025
Practical Graph: Using Purview eDiscovery APIs in App-Only Mode
Most eDiscovery work is done interactively, but a use case exists for working with eDiscovery cases through apps, such as populating a large review set. It’s possible to configure an Entra ID app to work with the eDiscovery APIs in app-only rather than delegated mode, but only by using an Exchange service principal to add the app to the eDiscovery manager role group.
July 23, 2025
Practical Protection: Tracking Security Updates for Windows Devices
In the grand scheme of things, tracking your Office application updates may not seem of critical importance, but unpatched apps can turn into an attack surface. In this installment of Practical Protection, we highlight two free tools in the Microsoft 365 Apps admin center that help you track and manage Office updates.
July 22, 2025
Microsoft Teams Direct Routing: Phone Number Inventory
In this article, Thorsten Pickhan covers how to add Direct Routing phone numbers to the internal Teams Phone Number database, how to remove phone numbers, and the benefits of doing so.
July 21, 2025
Practical Teams: App Management In Microsoft 365
In this installment of Practical Teams, we explain what App-Centric Management is, how Integrated Apps work, and how Unified App Management differs from earlier methods.
July 16, 2025
Teams Channels Get Threaded Layout
Many Teams users love to use group chats as a way to get work done. Group chats are effective, but the information shared in chats ends up in personal OneDrive accounts. To help switch people back to channel conversations, Teams has a new threaded layout to make conversations behave much like chats. The new layout works well for some channels but not for others.
July 15, 2025
Analyzing Copilot’s Zero-Day, M365 Local & Copilot Agents: Practical 365 Podcast S4 E41
In this Episode of the Practical 365 podcast, Steve and Paul deep dive into the Microsoft 365 Copilot exploit, "Echo Leak," discussing its implications for AI safeguards and the future of agentic AI. The conversation then shifts to a recent global outage affecting Google and Cloudflare, highlighting the challenges of maintaining hyperscale services. We also examine Microsoft's new initiative to offer containerized M365 instances in Europe, addressing concerns over data sovereignty. Finally, they discuss the latest advancements in Copilot agents, emphasizing the importance of understanding AI reasoning.
July 14, 2025
Investigating Mailbox Breaches with the Graph Activity Log
In this article, we guide you through the process of using the Graph Activity Log and Kusto Query Language (KQL) to hunt for common indicators of mailbox compromise, with useful tips along the way.
July 9, 2025
Practical Graph: Tracking Critical App Actions Through Audit Events
App management audit events are captured when changes are made to Entra registered and enterprise apps. Critical app management audit events should be closely monitored to ensure that permissions are used properly and attackers haven't attempted to penetrate the tenant to extract data. This article explains how to find and analyze audit data for some critical app management audit events and run the code as an Azure Automation runbook.
July 8, 2025
- 1
- 2
- 3
- 4
- …
- 209
- Go to the next page