Storm-0558 is a China-originated attack against sensitive Exchange Online mailboxes. The attack exposed several flaws in Microsoft's processing of data. Microsoft says that the holes are now closed, but it's still a good idea to check that your tenant is not being attacked in the same way.
What would happen to your organization if your top Admin disappeared? Well, it could be catastrophic... In this blog, Paul Robichaux discusses BRT attacks and how to prepare for them.
In this blog, Paul Robichaux covers a recent TEC Talk where he discusses AD-Based Attacks in 2023 and what we've learned so far.
Five years is way too long to leave a vulnerability unpatched. Unfortunately, forgetting to patch isn't uncommon and hackers love when you do... This blog discusses how to stay on top of patching and stop easily avoidable breaches.
Are you on watch for data breaches? This Blog talks about how soft skills, trainings, and investments can be used as tools to minimize the harm from data breaches.
Most of us don’t spend much time poking around in the unified audit log, but all of us probably should. In this article, we dive into 5 things you need to know about Microsoft 365 auditing.
Recently, security researchers at JumpSec labs identified a vulnerability in Teams that allows malware delivery through Teams chat. Microsoft Acknowledged the vulnerability but didn't release any immediate remedies. In this blog, we will discuss two practical methods to avoiding malware delivery within Teams.
You can’t disrupt a chain if you can’t identify the links. In this blog, Paul Robichaux goes over some of the ways you can break a Kill Chain in your environment. And it all starts with asking yourself the right questions.
Recycling is not only good for the planet, but it's also good for the security of your organization. In this article, Paul Robichaux discusses how to properly dispose of your devices so that you stay protected.
Whether you like it or not, MFA is coming for you! You can either deploy and support MFA for your users, or Microsoft is going to do it for you. The choice is yours. Learn more about how Microsoft will be enforcing MFA in the future, and what you should do.
Because of the way the Windows security model works, it’s not currently possible to eliminate the use of passwords for local administrator accounts. Given that fact, the next best solution is to remediate the biggest problems with passwords for these local accounts, including weakness, reuse, and tenure. In this article, we discuss how the Local Administrator Password Solution (LAPS) helps with all of those!
Implementing zero trust in the world is a big hassle, often uncomfortable, and frequently dorky—plus, it can be expensive. At the same time, moving closer to a zero trust model helps harden your network significantly, and you may already have many of the tools and techniques you need available without much extra cost. In this article, we discuss how to take baby steps toward Zero Trust.
