Oct 05 2017 09:04 AM - edited Oct 05 2017 09:55 AM
It's been reported there is an ongoing cyber attack against Office 365 Exchange Online mailboxes called KnockKnock.
Not to sensationalize any reports but I think it's worth reviewing some of the outcomes to highlight the methods involved, which I have tried to summarize below along with a few best practices that can disrupt much of this.
Here are a few tips, from my perspective that makes some sense:
As Tony Redmond revealed via an Ignite stat "only 0.73% of Office 365 administrative accounts are protected by multi-factor authentication", which is disappointingly low and make attacks like this, that bit easier to pull off.
Oct 05 2017 10:08 AM - edited Oct 05 2017 10:08 AM
As Tony Redmond revealed via an Ignite stat "only 0.73% of Office 365 administrative accounts are protected by multi-factor authentication", which is disappointingly low and make attacks like this, that bit easier to pull off.
Until Microsoft makes it so that MFA is usable throughout ALL its services I won't be using it. So they only have themselves to blame.