Detecting Midnight Blizzard using Microsoft Sentinel
This blog reviews the Midnight Blizzard Attack, providing some hypothetical scenarios of what actually happened and how it could've been prevented.
February 14, 2024
Latest Articles
Practical Protection: Investigating After an Attack
Unfortunately, attacks happen... But a post-attack investigation is paramount to stopping the next attack. In this blog, Paul Robichaux reviews what to do after an attack has taken place, with practical tips along the way.
February 2, 2024
Getting Started with Windows Autopatch
Patching your systems manually can be complicated and require a lot of overhead. Luckily, Microsoft has a new solution to help with this. In this blog, Paul Robichaux reviews the new Windows Autopatch tool and what it has to offer.
January 29, 2024
Practical Protection: Hardening Against Midnight Blizzard-Style Attacks
You might be at risk for a similar attack to Microsoft's Midnight Blizzard attack. In this blog, Paul Robichaux discusses what happened and how to avoid this in your organization.
January 23, 2024
Microsoft Attacked by Russian Nation State Actor
A January 19 report from the Microsoft Security Response Center (MSRC) tells of an attack by Russian state actor Midnight Blizzard against Microsoft corporate systems. The attack resulted in the exfiltration of some email and documents from email accounts owned by senior Microsoft employees.
January 20, 2024
Practical Protection: Getting Started with Incident Response
What does your Incident Response plan look like? In this blog, Paul Robichaux reviews what to expect when building your own Incident Response Plan.
January 9, 2024
Practical Endpoint: Enhance Mobile Security in MAM with Defender for Endpoint
In this article, we discuss how to enhance mobile security in MAM, focusing on the Defender for Endpoint functionality and features related to mobile devices, specifically for BYOD scenarios.
January 3, 2024
Practical Protection: Do You Need a Cybersecurity Reference Architecture?
In this Edition of Practical Protection, Paul Robichaux dives into Microsoft's Cybersecurity Reference Architecture and discusses if you really need it.
December 21, 2023
2023 Microsoft Security Wrap-Up
With the end of the year in sight, we wanted to look back and see how Microsoft performed with security products in 2023, reviewing some of Microsoft’s biggest announcements and discussing if Microsoft's focus is leaning in the right direction.
December 20, 2023
Practical Protection: Top Ten Cybersecurity Mistakes the NSA Thinks You’re Making
The NSA and CISA released a joint bulletin titled “Top Ten Cybersecurity Misconfigurations.” In this blog, Paul Robichaux reviews a few of the most significant suggested mitigations from this bulletin.
December 7, 2023
Practical Protection: Shall We Play a Game?
This edition of Practical Protection is all about theory and playing games. In this blog, Paul Robichaux explains how to improve your security posture by setting up hypothetical scenarios in your environment.
November 9, 2023
An Insider’s Look into Storm-0558
The Storm-0558 incident serves as a stark reminder of the potential threats that organizations face in today's digital landscape. In this blog, Rich Dean recaps the insider conversation around Storm-0558 that the Practical 365 Podcast team had with Alex Weinert, Microsoft's VP for Identity Security.
November 6, 2023