Chris Southerland Jr’s Post

Microsoft Defender for Identity: "Passwords Exposed in Cleartext" Report 🔒 Why Focus on Cleartext Passwords? ◾ Many services still use LDAP in a non-secure mode, sending account credentials plainly visible to anyone with network access. ◾ This exposure is especially concerning for sensitive accounts, as attackers can easily intercept these credentials and use them for unauthorized access or further malicious activities. 🛠️ My Insight: Using Microsoft Defender for Identity, I’ve explored its reporting feature that specifically targets this vulnerability. ◾ Frequency and Detail: You can set up these reports to be generated on a monthly or weekly basis, ensuring you have up-to-date information. ◾ Source Identification: Each report pinpoints the exact source computer and the accounts involved, making it easier to take corrective actions.

Why you all need 2FA! If you ever wondered if you should change that old password or activate that annoying 2 factor check on your account, scare yourself and have a look at your security sign-in activity page. 32 attempts to log into my private email account in less than 24 hours You probably thinking, Yeah that's great but probably a one off or isolated incident? Nope! Based on the amount of data I was able to collect from Microsoft I have averaged around 27 attempted logins on my account per day over the last 6 months. If you need some help getting your security up to scratch, lets have a coffee!

Don’t Let Google Manage Your Passwords - this is not me saying this but Medium Find out more here https://lnkd.in/dxzPBVDz. The main argument is that even dedicated build-in password managers can leak your passwords. Therefore it is wise to choose a provider that applies a #zero #knowledge #architecture like LastPass. Watch out for certificates like  ISO 27001, SOC 2 Typ II, SOC 3, BSI C5 und TRUSTe. When they were hacked they could not find anything no names, no passwords, as even LastPass does not know them. They found just some public keys. Certified or not, watch out for a zero knowledge architecture. This is what is hard to give you as a build in password manager embedded into browser,

⚠️ Lots of people were affected by the CrowdStrike outage, and now that the dust has settled, here's what we can learn. On July 19th, a null pointer bug in CrowdStrike's Falcon system brought 8.5 million computers crashing down worldwide. The software, designed to protect systems from malicious attacks, ironically became the very thing it was supposed to stop—malware. 🐞 The issue? CrowdStrike bypassed Microsoft's safeguards to push unverified code quickly, leading to a catastrophic system-wide failure. 🚨 Perhaps CrowdStrike could take a page from industry leader, CrowdStrike. 📖 According to their own website, their software development life cycle emphasizes thorough unit testing, integration testing, performance testing, stress testing, and a final phase of dogfooding before release. These mechanisms should have caught this error. ❓ So, was it tested or not? If it was, the tests clearly weren’t good enough. Maybe next time, CrowdStrike should listen to CrowdStrike’s advice. 🔁

Secure your Microsoft 365 with MFA! It's simple, quick, and blocks 99.9% of breaches. Choose your authentication method and enhance your security today. Don't wait, act now! #SecureIT #MFAEssentials #Microsoft365 #CyberSafety #DataProtection #AuthenticatorApp #CyberSecurityTips #BusinessSafety #TechSecurity #AccountSecurity #PreventCyberAttacks #ITSecuritySolutions #DigitalDefense #SecureLogin #InformationSecurity #TechSafety #OnlineSecurity

In 2023, there was a dramatic spike in the number of attacks on account passwords, meaning it’s more important than ever to enable MFA. In fact, Microsoft found that with MFA enabled, you can prevent 99.9% of attacks on your accounts. Don’t wait – visit the link below to protect your data with MFA! 🔗 https://ow.ly/Y0fp50RUgLa

Allegedly 750GB from a Critical National Infrastructure organisation. How is this possible? Public-facing web servers running out-of-date software? Hmmm... Remote Desktop open to the world? Surely not. All eggs in the Microsoft basket? 🤦♂️ It's "only" 160 DVDs' worth of data, surely not much? Based on an average document size of 26KB that's nearly 29 MILLION Word documents. "Only" 750GB of UK citizens' data is a problem, no matter how you cut it. The more UK organisations get hit and data breached, the more UK citizens' data gets exposed and the weaker we become as a nation. Each piece of data is a piece of YOUR personal jigsaw. Yes, it is possible to search the internet for pieces of YOUR jigsaw in order to exploit YOU. It's high time that Board Members, CEOs, Directors and Business Owners were subject to personal liability for data breaches because few are taking it seriously enough. Maybe we need to make this happen. Data is the most valuable commodity that your organisation or business has and it needs to be protected as such.

"Assurance and control considerations for a mass password reset, ... there are several different scenarios that necessitate a mass password reset. This means that there are different levels of control or assurance an organization might require while performing a mass password reset. When SSPR mechanisms can be reliably used to provide assurance, organizations can use that feature to accelerate a mass password reset. However, there are situations where an organization may not want to use the existing SSPR solution. For example, when an advanced threat actor has abused the organization’s SSPR system, or where there is actual evidence of AD DS database exfiltration. In such a scenario the organization would likely not choose to use that mechanism to enforce the mass password reset because the threat actor could re-establish initial access or persistence via SSPR. Where an organization seeks a high degree of control and assurance for a mass password reset there will, unfortunately, be an element of manual intervention. However, with preparedness ahead of time, Microsoft Entra ID features such as a Temporary Access Pass, when combined with Conditional Access policies, can be used to automate some aspects of assurance and control. In any event where a high degree of assurance and control is desired, some level of manual intervention to verify users’ physical identities and the issuance of such temporary access passes is inevitable. In a subsequent post we will examine different Microsoft Entra ID features that can be used to accomplish this." https://msft.it/6046YhXQ6

Secure your Microsoft 365 with MFA! It's simple, quick, and blocks 99.9% of breaches. Choose your authentication method and enhance your security today. Don't wait, act now! #SecureIT #MFAEssentials #Microsoft365 #CyberSafety #DataProtection #AuthenticatorApp #CyberSecurityTips #BusinessSafety #TechSecurity #AccountSecurity #PreventCyberAttacks #ITSecuritySolutions #DigitalDefense #SecureLogin #InformationSecurity #TechSafety #OnlineSecurity

Have you ever reused a password? Maybe even one that ended up getting compromised in a data breach? Credential stuffing is when bad guys use those passwords they bought off the Dark Web as a shortcut into your system. You can foil credential stuffers by using good password habits and by enabling MFA wherever possible. https://lnkd.in/eEthPf4z #FrontlineMSP #SecureOurWorld