28May2019
20May2019
New Baseline Conditional Access Policies in Azure AD
Remember over a year ago when the first Baseline Conditional Access policy dropped? It was simple enough and most definitely a good move, but of course, most people still aren't using it. I have heard some nightmarish...
14May2019
Introducing the Microsoft Office 365 Email Security Checklist
Update March 2023: This project morphed into the Microsoft 365 Best Practices Checklists, which includes a checklist and guide for each of the major services in Microsoft 365. You can get the product here. Okay. I think I have had enough. Enough of what? Enough of reports like this...
09May2019
Three ways to disable basic authentication and legacy protocols in Exchange Online
One of the most common (and often successful) attacks we see in the wild is a simple brute force / password spray against weak accounts. Especially against shared mailboxes. From that foothold, the most common next step attackers will take is to send out spam/phishing emails from the compromised account,...
08May2019