11 unmissable Practical 365 Posts from 2021
We've had a bumper year on Practical 365. To finish up 2021 here are eleven articles that you can't miss as you break for the holiday season and get ready for 2022.
December 22, 2021
Latest Articles
Microsoft Releases November 2021 Security Updates for Exchange Server
Microsoft has issued security updates for Exchange 2013, 2016, and 2019. The updates can only be applied to servers running up-to-date cumulative updates. Organizations running Exchange 2016 or 2019 should apply the updates as a matter of urgency because of a known vulnerability circulating in the wild.
November 9, 2021
Ignite 2021 is Next Week. Here’s What I Anticipate for Microsoft 365
Microsoft Ignite 2021 happens (virtually) on Nov 2-4. There are tons of sessions scheduled and in this post we consider some important Microsoft 365 topics that we hope Microsoft will cover to help technologists plan tenant development over the coming year. Above all, we're looking forward to being able to attend conferences like Ignite in person so that we can learn from experts from inside and outside Microsoft.
October 26, 2021
Researcher Says Autodiscover Problem is Client-Side, Not in Exchange
An interesting and worthwhile interview (available on YouTube) with security researcher Amit Serper reveals a lot more detail about the Autodiscover credential leak reported by Guardicore last month. The interview (with three Office 365 MVPs) goes through the collection of leaked credentials, how Serper tried to reproduce the problem, and his interaction with Microsoft. It’s a real pity Serper didn’t include the information in his original report as it would have taken a lot of heat out of the situation.
October 12, 2021
Stop Publishing Exchange to the Internet After Migrating to Exchange Online
If you've migrated to Exchange Online, make sure you stop publishing your Exchange Servers to the internet. After a standard Hybrid migration, you still might be reliant on Exchange Server and in this article you can find out why and how to move remaining web services to Microsoft 365.
October 4, 2021
Why a Potential Autodiscover Flaw is Just the Tip of an Iceberg
It's often helpful when security researchers like Guardicore shed light on flaws in Microsoft Exchange - however, the Autodiscover protocol isn't flawed in the way they describe. Even though the issue is hard to replicate, it shouldn't distract from the work you need to do to protect your organization from the underlying reason why people want your credentials.
September 28, 2021
Hot Air and Publicity for Purported Autodiscover Security Flaw
Lots of excitement was generated when Guardicore revealed a purported vulnerability with the Exchange Autodiscover service. However, the almost total lack of detail about the configuration used for testing and to generate the reported results makes it impossible for Exchange administrators to check the theory against their own deployment. I don't think a problem exists with Exchange Online, but it's possible that poor DNS practice or flawed third-party clients could cause an issue with on-premises servers. The case remains to be proved.
September 23, 2021
Another Exchange vulnerability revealed with attempted exploits seen in the wild
A new Exchange vulnerability has been disclosed this week known as ProxyToken that allows someone who can access an Exchange 2013, 2016 or 2019 server over HTTPS to perform configuration actions against mailboxes of their choosing, such as setting forwarding rules. Find out what you need to do to protect your organization.
August 31, 2021
Why can’t you remove the last Exchange Server?
So, you've completed your migration to Exchange Online. Email flows smoothly into and out of the cloud, and all your mailboxes are now online. What's next for your Exchange Servers, now that you've made the transition? After completion you will have several tasks to perform to remove Exchange Servers from your environment, but there is one important caveat you need to know about; if you run Azure AD Connect then you can't remove every Exchange Server from your environment. You will need to keep at least one around for management purposes. In this article, I'll walk through what you can do to minimise what you keep and need to maintain, and what you can consider planning for in the future. You can also join me at TEC this week, on September 2nd.
August 30, 2021
The Practical 365 Update: Episode 25 – Microsoft 365 price increases, Exchange exploits you need to patch against, new Teams features and Ignite returns Nov 2-4 2021
In the show this week - Microsoft price increases, Ignite is back later this year, we bid IE11 farewell, cover the latest Teams new features and - discuss Exchange vulnerabilities you need to patch and protect yourself against.
August 24, 2021
Exchange hybrid migrations
Unpatched Exchange Servers Remain at Risk
It's incredible, but reports still come in to prove that thousands of unpatched Exchange on-premises servers remain connected to the internet. New reports indicate that servers continue to be attacked and that thousands of vulnerable servers remain available as hacking targets. It's time to either get patched or move to the cloud.
August 21, 2021
Exchange Vulnerabilities Still Being Exploited and Blackhat USA 2021 highlights what’s still to come. What should you do?
It has been a tiring year for Exchange on-premises and hybrid administrators and unfortunately, it's not getting any easier. The HAFNIUM exploits cast a negative light on Microsoft Exchange, re-emphasizing why email is a crucial part of any organization and that nothing and no one is exempt from an attack. Find out why and what you can do to protect your organization NOW.
August 10, 2021
- Go to the previous page
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- …
- 79
- Go to the next page