Active Directory has been around for almost 25 years. As such, one might expect that – by now – we would have figured out to keep it safe against attacks. Yet, it remains a weak point in many organizations' cybersecurity defenses. When coupled with the challenges mentioned above, this can be a recipe for disaster. Why is this the case?
At the end of March 2023, CISA released a new tool called ‘Untitled Goose.’ It is a post-incident hunting tool to help security practitioners sift through security logs in the Microsoft Cloud. In this blog, we discuss the tool, its uses, and our opinion on it.
In this edition of our series on the "Top 5 Best Practices for Exchange Online Domain Transfers," we delve deeper into the importance of validating your plan prior to implementation. Implementing a well-tested and practiced process will help prevent mistakes and encountering unknowns during the migration. Join us as we explore the key considerations for a successful validation phase.
A writeup about the MERCURY attack by the Microsoft Threat Intelligence team reveals how a nation state actor linked to the Iranian government compromised an Azure AD tenant by using the AADConnect tool. In this article, we discuss how the attack developed and what you can do to prevent the same attack techniques being used against your tenant.
Are you looking to add some extra security to your small organization? Microsoft Defender for Business may be the right fit. Learn more about the capabilities of Microsoft Defender for Business and how it compares to other Microsoft Defender Plans.
Microsoft's announcement of Security Copilot is more interesting in some respects than Microsoft 365 Copilot because it promises to help organizations defend themselves better. Of course, we don't know much yet about how Security Copilot will work in the real world, but if Microsoft delivers what it says, Security Copilot could be quite a tool in the battle against the bad guys.
Microsoft released the preview version of the Loop app on March 22. The app works well for collaboration with people from the same Microsoft 365 tenant but fails utterly once external people are involved. Some other teething problems are evident, but there's enough in the Loop app for people to make their minds up if this will make collaboration smarter within their organization.
Microsoft announced that Exchange Online will block old Exchange Servers by throttling and then rejecting their inbound email into Exchange Online. The hope is that this tactic will convince those who operate unsupported versions of Exchange Server to upgrade and use supported software that isn't vulnerable to known attack vectors.