Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Microsoft 365


CISA publishes SCuBA's security configuration baseline tool for Microsoft 365

It is a no brainer that cloud adoption has surged exponentially in the last couple of years. The rise of digitization and DevOps combined with the aftermath of the pandemic has made cloud computing a critical ingredient for any organization’s growth. Gartner® predicts that by 2025, more than 95% of digital workloads will be deployed on cloud-native platforms.


Office 365 and Azure Exploited in Massive U.S Government Hack

The central issue behind the latest headline-grabbing security breach – an incident that directly impacted several major US government agencies – highlights pervasive issues related to many organizations’ use of the popular Office 365 and Azure Microsoft cloud platforms.

MSPs! The Power of Octiga Office 365 Baselines Templates

Octiga makes it possible to redeploy your MSP’s best-practice security posture consistently, across multiple clients. Set a template posture for your clients and easily manage them in a single click whenever a baseline update is required. Apply & maintain continually and cohesively in a few seconds.

Encryption Key Management in Microsoft 365

Encryption is an essential means of protecting sensitive information and is required for certain types of data under many regulations. As more companies move to the Cloud and introduce Microsoft 365 (M365) applications like Teams and SharePoint Online to their communication and collaboration channels, the potential for data getting into the wrong hands grows exponentially making encryption strategies essential.


Leveraging Microsoft Teams webhooks to create a Tines chatbot

Microsoft requires users to leverage the Microsoft Developer Portal to create new Teams applications, such as chatbots. At Tines, we thought it might be helpful to provide instructions for alternative options if you don't want to create a chatbot in the portal. For those who would prefer to send messages directly to a Teams channel instead of configuring a chatbot, Microsoft Teams can receive messages in a channel via a webhook.


ProxyNotShell-Microsoft Exchange Vulnerabilities

On September 29, Microsoft Security Threat Intelligence reported two significant zero-day vulnerabilities being exploited in the wild. The two vulnerabilities, named “ProxyNotShell”, affect Microsoft Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019.


Trustwave Action Response: Zero Day Vulnerabilities in Microsoft Exchange Server 2013, 2016, and 2019

Trustwave security teams are aware of two zero-day vulnerabilities (CVE-2022-41040 and CVE-2022-41082) impacting Microsoft Exchange Server 2013, 2016, and 2019 and organizations with Outlook Web Access facing the Internet. If exploited, the vulnerabilities can allow an attacker to elevate privilege and remote code execution capability. We immediately investigated the vulnerabilities and potential exploits and continue to monitor the situation.