Author: Frank McGovern

Microsoft

Purchased Microsoft 365 E5, Now What?

The Microsoft 365 E5 suite is essentially a large amount of the products Microsoft offers for the Enterprise environment, more so focused towards the security and compliance areas. The purchasing of E5 licensing means an organization now has unlocked a lot of Microsoft products and the common question seen afterwards is, “where do I start?” …

Office 365

Indicators of Compromise: O365 Mailbox Forwarding and Rules

NOTE: This blog refers to several Microsoft products that require special licensing. Be sure to check your individual licensing to fully comprehend which features are available to you. Office 365 (O365) has become a recurring favorite and at times the main focus of common threat actors. Once credentials are compromised through tactics like phishing, it …

Azure Active Directory

Password Changed, but Account Still Compromised?

NOTE: This article only relates to organizations with an on-premise Active Directory that sync passwords to Azure Active Directory. Have you ever come across an account where there was an indicator of compromise (IOC) and the account’s password was changed, but the compromise still continued? If not, you may have just been getting lucky in …