14 matches found
US Department of Labor’s journey to Zero Trust security with Microsoft Entra ID
For several years, Microsoft has been helping United States federal and state government groups, including military departments and civilian agencies, transition to a Zero Trust security model. Advanced features in Microsoft Entra ID have helped these organizations meet requirements to employ...
BEC-ware the Phish (part 2): Respond and Remediate Incidents in M365
TL;DR Ensure you can reliably take initial containment actions such as disabling accounts, resetting passwords, and revoking tokens. Token binding ensures that a token only works on the specific device the token was issued and is currently the best protection against token theft. As a minimum...
Foreign Threat Actor Conducting Large-Scale Spearphishing Campaign with RDP Attachments
CISA has received multiple reports of a large-scale spearphishing campaign targeting organizations in several sectors, including government and information technology IT. The foreign threat actor, often posing as a trusted entity, is sending spearphishing emails containing malicious remote deskto...
Cyber Signals: Inside the growing risk of gift card fraud
In the ever-evolving landscape of cyberthreats, staying ahead of malicious actors is a constant challenge. Microsoft Threat Intelligence has observed that gift cards are attractive targets for fraud and social engineering practices. Unlike credit or debit cards, there’s no customer name or bank...
Microsoft Teams used in phishing campaign to bypass multi-factor authentication
Attackers believed to have ties to Russia's Foreign Intelligence Service SVR are using Microsoft Teams chats as credential theft phishing lures. Microsoft Threat Intelligence has posted details about the perceived attacks targeted at fewer than 40 unique global organizations. The targeted...
Microsoft recognized as a Leader in UEM Software 2022 IDC MarketScape reports
Competition for talent has increased pressure to lead in the digital space, and business decisions now weigh user experience for employees heavily among costs and benefits. Workers insist on experiences that mirror their personal experiences, often on their own devices. As enterprise computing ha...
Spray365 - Makes Spraying Microsoft Accounts (Office 365 / Azure AD) Easy Through Its Customizable Two-Step Password Spraying Approach
Spray365 is a password spraying tool that identifies valid credentials for Microsoft accounts Office 365 / Azure AD. How is Spray365 different from the many other password spraying tools that are already available? Spray365 enables passwords to be sprayed from an "execution plan". While having a...
New insights on cybersecurity in the age of hybrid work
As we approach the last week of Cybersecurity Awareness Month, I think about what is top of mind for myself and my peers in security. The past year has continued the 2020s major shift in the way organizations operate. Recent data shows that 81 percent of enterprise organizations have begun the mo...
New insights on cybersecurity in the age of hybrid work
As we approach the last week of Cybersecurity Awareness Month, I think about what is top of mind for myself and my peers in security. The past year has continued the 2020s major shift in the way organizations operate. Recent data shows that 81 percent of enterprise organizations have begun the mo...
Azure AD. Attack of the Default Config
Uncloaking dangerous and default configurations within Azure. TL; DR There are several default configurations within the admin portal of Azure. The main affected area is Azure Active Directory Azure AD which is the primary area that controls user authentication, group memberships and privileges...
Microsoft and Zscaler help organizations implement the Zero Trust model
While digital transformation is critical to business innovation, delivering security to cloud-first, mobile-first architectures requires rethinking traditional network security solutions. Some businesses have been successful in doing so, while others still remain at risk of very costly breaches...
Mobile threat defense and intelligence are a core part of cyber defense
The modern workplace is a mobile workplace. Today’s organizations rely on mobility to increase productivity and improve the customer experience. But the proliferation of smartphones and other mobile devices has also expanded the attack surface of roughly 5 billion mobile devices in the world, man...
Veeam Backup for Office 365 Complete Permissions
This KB is being phased out The content of this article is being transitioned to the Veeam Backup for Microsoft 365 User Guide. An up-to-date list of Required Permission is available in the Veeam Backup for Microsoft 365 User Guide. Authentication Modes Summary Depending on the Microsoft 365...
How to Configure NetScaler Gateway and Microsoft Intune (MDM) for Single Factor Authentication
Background The integration of Microsoft Intune with NetScaler Gateway provides best-of-class application access and data protection solution offered by Citrix NetScaler Gateway and Intune. You get the most complete suite of secure productivity apps, including: email calendar contacts note-taking...