all InfoSec news
Odd Recent M365 Compromises
Nov. 14, 2023, 9:24 p.m. | /u/reencrypt
cybersecurity www.reddit.com
We've had a few clients with M365 account compromises recently. Most, if not all have decent controls in place (MFA/Number Matching, Authenticator, GeoIp blocking, Legacy Auth disabled, etc).
Couple things to note:
First obvious suspicious sign-in are coming from within the United States. I tracked a few of the IPs to multiple VPN and/or proxy services, but a lot of them were Microsoft data centers.
The one compromise had …
account auth authenticator blocking clients coming controls cybersecurity disabled etc geoip guidance legacy m365 mfa running sign states things united united states
More from www.reddit.com / cybersecurity
How does hiring in APT groups work?
11 hours ago |
www.reddit.com
State of WiFi Security in 2024
12 hours ago |
www.reddit.com
Prioritize Blue Team for Cybersecurity Success
14 hours ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
CyberSOC Technical Lead
@ Integrity360 | Sandyford, Dublin, Ireland
Cyber Security Strategy Consultant
@ Capco | New York City
Cyber Security Senior Consultant
@ Capco | Chicago, IL
Sr. Product Manager
@ MixMode | Remote, US
Corporate Intern - Information Security (Year Round)
@ Associated Bank | US WI Remote
Senior Offensive Security Engineer
@ CoStar Group | US-DC Washington, DC