Despite criminal masterminds and “security researchers” always coming up with the next greatest tool for causing financial damage to our businesses and economy, there are patterns.
M365
25 posts
Defense implies a reactionary approach. Prevention set the scene where ransomware can’t get you in the first place.
Fortunately, Defender protects against this when configured correctly. In addition to the Defender for Endpoint sensor installation, Attack Surface Reduction rules and certain anti-virus configurations should also be deployed
Once these two items have been set the ability of PlugX to take advantage of innocent people should be thwarted.
let’s say that you’ve come across a situation, and you want to remove a device from the network – remotely, while you investigate. Interestingly this device, need not be enrolled in Defender for Business. It can an unmanaged device to
There are a number of basic settings in Defender that should be configured before you start using Defender.
Finally, there is an easy way to deploy a base set of conditional access policies to users, devices and apps in a tenant. Microsoft calls it Conditional Access Templates and you will find them in Azure AD – Security – Conditional Access – Conditional Access Templates.
There’s mandatory migration underway from SSPR and MFA settings to policy and you have until later this month to get them into place voluntarily or Microsoft will do it for you
It’s an Attack Surface Reduction rule and it is exploited in the wild, so it’s import to close up this vulnerability to fileless attacks.
If we’d like to make more money from the cloud than we ever did from infrastructure, then I think we shouldn’t be worried. There’s more money to be made than there ever was in infrastructure