Forum Discussion

RobOK's avatar
RobOK
Bronze Contributor
Jul 19, 2018
Solved

O365 cyber security information

Where are good sources of information about cyber security for O365 and Azure? Blogs or others that talk about any alerts, recommended changes, known hacks or hack attempts, etc.    i think O365 is...
Azure AD
office 365
  • Cian Allner's avatar
    Cian Allner
    Jul 19, 2018

    Microsoft has a lot of documentation, white papers and such on how secure Office 365 is and the methods plus processes around this.  You'll find a lot of information in the https://servicetrust.microsoft.com/ and https://www.microsoft.com/en-us/trustcenter/cloudservices/office365. Also, I have put together some of these related white papers in this https://gallery.technet.microsoft.com/exchange/Office-365-Security-and-555f4d81. 

     

    There is also the official blog of the https://blogs.technet.microsoft.com/office365security/ but it's infrequently updated. Also, the Security, Privacy and Compliance Blog and https://cloudblogs.microsoft.com/microsoftsecure/ are available. 

     

    What you don't always see is an acknowledgement of particular vulnerabilities, that I have noticed anyway.  A recent example is baseStriker if there was an official public response, I can't find it.  https://www.avanan.com/resources/basestriker-vulnerability-office-365 bypassed email checks on malicious links by splitting the base domain and path separately.  While this got fixed, taking a couple of weeks, it was only the researcher who discovered the issue that disclosed this resolution.

Cian Allner's avatar
Cian Allner
Silver Contributor
Jul 19, 2018

Microsoft has a lot of documentation, white papers and such on how secure Office 365 is and the methods plus processes around this.  You'll find a lot of information in the https://servicetrust.microsoft.com/ and https://www.microsoft.com/en-us/trustcenter/cloudservices/office365. Also, I have put together some of these related white papers in this https://gallery.technet.microsoft.com/exchange/Office-365-Security-and-555f4d81. 

 

There is also the official blog of the https://blogs.technet.microsoft.com/office365security/ but it's infrequently updated. Also, the Security, Privacy and Compliance Blog and https://cloudblogs.microsoft.com/microsoftsecure/ are available. 

 

What you don't always see is an acknowledgement of particular vulnerabilities, that I have noticed anyway.  A recent example is baseStriker if there was an official public response, I can't find it.  https://www.avanan.com/resources/basestriker-vulnerability-office-365 bypassed email checks on malicious links by splitting the base domain and path separately.  While this got fixed, taking a couple of weeks, it was only the researcher who discovered the issue that disclosed this resolution.

RobOK's avatar
RobOK
Bronze Contributor
Jul 19, 2018

Thanks Cian Allner those are good links. A few of those I have seen and could have listed them originally. I think your last paragraph is on point for me. How do we find out more about those scenarios? 

 

Also, is anyone aware of any Ransomware that has worked on O365?

 

In the last article you linked, it says "we always recommend adding a layer of email security for malware, phishing, and account take-over to protect from the sophisticated attacks that the default security does not block." 

I assume that means client-side security software?

 

EDIT: ...and should we be doing an independent data backup of our tenant? Can someone point to a link about whether it is possible to do a restore with MSFT if something happens? How big of a risk is that?

 

Thanks,
Rob.