Blog

Last week, Uber confirmed a major cybersecurity attack that compromised its internal communications and engineering systems. The company believes that someone affiliated with the hacking group Lapsus$ leveraged the MFA fatigue attack technique to compromise an Uber employee account. According to the New York Times, the hackers social engineered the company’s worker after discovering his…

MC268191 – Updated October 14, 2021: Microsoft has updated the rollout timeline below. Thank you for your patience. Additionally, this feature will be available as a preview until December 31, 2021. After that, an Advanced Communications license is required to continue using this feature, as noted below. This new release of meeting Join Custom Branding will…

In this episode of Petri Dish, I speak to Jay Gundotra (CEO and Technical Founder of ENow Software) and Sander Berkouwer (Security Specialist and 15x Microsoft Valuable Professional) about why it is critical to establish an application governance policy for Microsoft Entra ID (formerly Azure Active Directory). Links and resources 🔗 Check out ENow’s App…

Many Office 365 applications (Teams, Groups, Planner, SharePoint, etc.) now support external guest access. you might end up with a lot of guests, and like any good accommodation, some management is needed. In this article, we look at how to manage the guests created by Office 365.

Daniel Petri shows us how this free and helpful PowerShell script can reduce the time needed to document your Active Directory environment.

Now that Microsoft has shipped external access for Teams, it is obvious that they have some work to do to smoothen access and increase functionality. Although access works as long as guest users have accounts in other Office 365 tenants, areas like switching, auditing what external users do, compliance, and blocking deserve some consideration. Here’s what we know from the last week.

This is a part 3 of my MCSE and System Administrator job interview sample questions. See previous parts at: Part 1 – Networking Part 2 – Windows Server 2003 Active Directory This article set is targeted at both the interviewer (who needs a pool of valid questions they can ask) and to the candidate (who…

MC650420 – Updated September 18, 2023: Deployment will begin September 25th and will run to October 20th. These dates replace the dates mentioned in the email “We’re enabling a stronger form of multifactor authentication beginning September 15, 2023” that you might have received. We apologize for the inconvenience. Publicly switched telephone networks (PSTN) such as…

Cybersecurity company Mandiant has discovered that hackers are using a new technique to target enterprise networks. The researchers warned that threat actors exploit multifactor authentication (MFA) to gain unauthorized access to dormant Microsoft accounts. According to cybersecurity researchers at Mandiant, the exploit is being used in hacking campaigns by APT29 to bypass authentication. APT29 is…

No one likes looking at a stream of audit events flowing by, especially when an Office 365 tenant generates so many events. Alert policies allow tenants to define patterns of activity that indicate suspicious or harmful behavior. There’s goodness here, as long as you have Office 365 E5 subscriptions.