User Profile
Sruthyy
Copper Contributor
Joined 3 years ago
User Widgets
Recent Discussions
Re: Report suspicious activity (Preview)
Hi, In addition to this, Microsoft recently announced the new enhancements on reporting suspicious emails. Now, users can report phish or junk emails from any mailbox, irrespective of their type. It's a great news for security admins and cybersecurity experts to improve security in M365 environments. Know more about the new enhancements and how it will be useful in the below blog. https://blog.admindroid.com/reporting-suspicious-messages-in-m365-shared-and-delegated-mailboxes/7KViews0likes0CommentsStrengthen your Security with the New Reporting Suspicious Messages feature in Microsoft Defender
Yay! The long wait is over! Recently, Microsoft announced the enhancements in reporting message feature in Outlook Web App. Now, Microsoft 365 users can report messages from any Exchange Online mailbox, irrespective of their type. This is absolutely great and it helps security admins and cybersecurity experts to defend against crucial phishing and spoofing attacks. Check out the blog below to know more about the new enhancements and how it works. https://blog.admindroid.com/reporting-suspicious-messages-in-m365-shared-and-delegated-mailboxes/Re: Suspected brute-force attack and None of the passwords attempted where previously used passwords
Hi, For better clarity, you need to investigate more on various possible indicators of impacted user account. In a recent update, Microsoft is rolling out a new alert for detecting password spray attacks. Utilize the below blog to identify what indicators should be monitored and how to defend against such attacks. https://blog.admindroid.com/password-spray-attack-detection-with-new-microsoft-365-defender-alert/50KViews0likes0CommentsRe: Password Spray Alert Policy
Hi Tom Somerville, Your long awaited requirement comes into action now. Microsoft is rolling out a new 'Password spray attack originating from single ISP' alert in Defender portal. This alert policy is enabled by default. Refer the below blog to know more on identifying crucial indicators and remediate actions. https://blog.admindroid.com/password-spray-attack-detection-with-new-microsoft-365-defender-alert/1.3KViews0likes0CommentsBoost your Security Posture with a New Password Spray Detection Alert in Microsoft 365 Defender
Microsoft Defender alert policies are crucial for organizations to monitor and detect suspicious activities that may lead to cyber-attacks and data loss. These prebuilt policies help forensic investigators, security teams, and IT admins to detect and respond to potential threats promptly in their organization. What’s new? Microsoft has introduced a new alert to detect ‘Password spray attack originating from single ISP’. This new alert is absolutely a game-changer in cybersecurity, providing an additional layer of security to defend against such attacks. By identifying possible indicators of password spray attacks, organizations can take proactive measures to prevent potential breaches. Check out the blog to know more about how to identify the possible indicators of password spray attacks and the remediation actions. https://blog.admindroid.com/password-spray-attack-detection-with-new-microsoft-365-defender-alert/Re: Controlling access to SPO sites from unmanaged devices
Hi Stromnessian! I have experienced the same issue when I tested this. Even though, we disable the respective CA policy, the restriction will apply. Try creating a CA policy on your own without modifying the policy created when the unmanaged device restriction was applied. Check out the blog below to know how to create CA policy on your own. https://blog.admindroid.com/prohibit-unmanaged-devices-accessing-sharepoint-and-onedrive-to-prevent-data-exposure/2.6KViews0likes0CommentsRe: DMARC, DKIM, SPF none but Composite authentication pass
If you haven't configured SPF, DKIM, and DMARC for your domain, Microsoft will handle it by applying the composite authentication or compauth for your domain. But, they recommend us to configure these authentication methods manually for each custom domains. Check out what to implement for your domain below. https://blog.admindroid.com/a-guide-to-spf-dkim-and-dmarc-to-prevent-spoofing/13KViews0likes0Comments
Groups
Recent Blog Articles
No content to show