It's that time of the year again! Microsoft is releasing their annual Microsoft Digital Defense Report (MDDR), and you may want to give it a read. In this blog, we talk about the highlights from the MDDR and offer some advice to better protect your organization.
Apart from being annoying, advertisements can actually be used to deliver malware. This blog explains what "Malvertising" is and how to secure your network from these attacks.
Recycling is not only good for the planet, but it's also good for the security of your organization. In this article, Paul Robichaux discusses how to properly dispose of your devices so that you stay protected.
At the end of March, Practical 365 traveled with the TEC European roadshow, traveling between three cities in Europe over a week, listening to experts talking primarily about security-focused topics aimed at improving your Microsoft 365, Azure AD and Active Directory. Read our whistle-stop tour of the most important points made by expert speakers.
Hybrid work is really a mixed blessing—while it offers a lot of fantastic benefits for people who are able to take advantage of it, it can introduce some new and unpleasant security issues that you need to be prepared to deal with. This article dives into these new risks and how you can avoid them.
With an increase in ads being used to deliver malware, there is now a practical reason to consider blocking ads on your corporate network. Paul Robichaux offers 4 solutions to protecting your org from these pesty attacks.
Learn some of the main group policy attack pathways, why they are easily exploited, and how to mitigate them in this article by Darryl Baker.
Although we live and work in a cloud-first world, on-premises Active Directory (AD) remains a vital component of many companies' IT infrastructure. This article goes over five ways to keep Active Directory secure.
This week on Practical Protection, Paul discusses the history of passwords and the many problems they pose in the modern cloud-based world.
Welcome to the first installment of Practical Protection with Paul Robichaux. Paul illustrates four general security principles and talks about how you can practically apply them to your Exchange environment.
It's often helpful when security researchers like Guardicore shed light on flaws in Microsoft Exchange - however, the Autodiscover protocol isn't flawed in the way they describe. Even though the issue is hard to replicate, it shouldn't distract from the work you need to do to protect your organization from the underlying reason why people want your credentials.
Lots of excitement was generated when Guardicore revealed a purported vulnerability with the Exchange Autodiscover service. However, the almost total lack of detail about the configuration used for testing and to generate the reported results makes it impossible for Exchange administrators to check the theory against their own deployment. I don't think a problem exists with Exchange Online, but it's possible that poor DNS practice or flawed third-party clients could cause an issue with on-premises servers. The case remains to be proved.
