How To Attack Office 365 and MFA
Demo video. Trick a user into entering creds into our fake O365 login page with MFA.
Fake Email and Deepfakes
SPF, DKIM, and DMARC: Essential Explanations Everyone wants a magic bullet to mitigate the risk of email spoofing, as well as advice from security professionals on how to configure systems to prevent their domains being used as the source of fake emails. Security professionals know you can never remove all risk, but you can reduce […]
PCI DSS 4.0 Release Date: Late 2020
Six specific areas that may change with the credit card data security standards. The areas will focus on security, customized implementation, authentication, encryption, monitoring, and critical control testing methods. PCI DSS 4.0 release date is projected for November 2020 or moved back into 2021. The standards from version 3 have remained fundamentally unchanged over 10 […]
Features of Office365 Advanced Threat Protection
Microsoft 365 cloud platform provides special protection solutions within the Microsoft 365 suite that can be used to protect your data against threats. Today’s cybersecurity landscape is changing to remote and threats are changing daily. It’s important to know what tools are out there to protect your organization. In recent months, organizations have been forced […]
How Phishing Emails Bypass Office 365 Security
Analysis of over 55.5 Million Emails by Enterprise Cloud-Native Security Firm Avanan Provides a Stark Picture of Threat Landscape PHILADELPHIA and NEW YORK, April 10, 2019 (GLOBE NEWSWIRE) — SECUREWORLD – Avanan, an enterprise cloud-native security firm, released its “Global Phish Report,” the product of extensive research today at the SecureWorld Conference. The report analyzed 55.5 million emails […]
Office 365 How Malicious actors are using your account to scam others
The problem is certainly getting worse and some security awareness training can help, but individuals feel safe within Office 365. But Microsoft doesn’t protect everything. They operate under a model of “shared responsibility” – this means they’re responsible for securing some things, and the customer is responsible for securing some things. Office 365 is a […]
The Employee Awareness iPhone attacks
There are more than 2 billion smartphones around the globe, making mobile devices a rich target I was at the Hacker Halted Conference in Atlanta, GA this year. One touch point sounded in every event fromthe keynote to session speakers “social engineering”. The topic socialengineering is one of the main attack vectors into a company […]
GDPR in the Cloud can CASB work for you
Everyone is looking at GDPR compliance, but what if you process data through cloud services. Companies using cloud services such as Salesforce and Dropbox have to ensure that the data practices at each of them are compliant with GDPR. GDPR data subjects need to be well-informed about the use of their data and trust that […]
The Biggest Obstacles to Multicloud Deployments
As cloud adoption rates have increased and cloud models for enterprise IT mature, multicloud deployments have become more and more popular. They happen for a variety of reasons: some cloud platforms are better suited for specific applications, others may have security or compliance measures that are necessary. They might be located in different physical sites, […]
8 Security Practices You Need in Your Employee Training
This might be hard to believe, but it is true: 59 percent of data breaches are happening not because of some smart hacker who wants to do harm to your company but because of your own employees. In order to stop these incidents, you have to focus on two things (other than investing in new technology): set […]