Detecting BEC Attacks and Compromise - Part 5

Posted by Gary Napotnik on Nov 22, 2019

1.0 Introduction

Welcome back to SecureSky’s series on Business Email Compromise (BEC) Attack and Detection!

In Part 1 of this blog series, we introduced BEC attacks, and discussed why BEC attacks are increasing. In Part 2, we used recent BEC investigations to discuss how BEC attacks work against O365 environments. In Part 3, we discussed key Office 365 (O365) configuration settings that organizations can implement to protect against BEC attacks. In Part 4, we discussed key logging and auditing capabilities in O365 that can help organizations detect BEC attacks against their environment.

Read More
Detecting BEC Attacks and Compromise - Part 5

Azure Security Best Practices

Posted by Michael Born on Nov 12, 2019

Using Application Security Groups

Setting up infrastructure in Azure can, at times, seem quite daunting with all of the available options one can configure within each service. In this blog, we will give you some tips for applying traditional security best practices into your Azure environment using Application Security Groups to help make managing network security groups less cumbersome.

Read More
Azure Security Best Practices

Configuration of Office 365 to Detect BEC Attacks - Part 4

Posted by Gary Napotnik on Sep 25, 2019

1.0 Introduction

In Part 1 of this blog series, we introduced Business E-mail Compromise (BEC) attacks, and discussed why BEC attacks are increasing. In Part 2, we used recent BEC investigations to discuss how BEC attacks work against O365 environments. In Part 3, we discussed key Office 365 (O365) configuration settings that organizations can implement to protect against BEC attacks. Here in Part 4, we will discuss the logging and auditing capabilities in O365 that can help organizations detect BEC attacks against their environment.

Read More
Configuration of Office 365 to Detect BEC Attacks - Part 4

Configuration of Office 365 to Protect Against BEC Attacks - Part 3

Posted by Gary Napotnik on Sep 4, 2019

In Part 1 of this blog series, we introduced Business E-mail Compromise (BEC) attacks, and discussed why BEC attacks are increasing. In Part 2, we used recent BEC investigations to discuss how BEC attacks work against O365 environments. In this third entry, we will discuss a number of key Office 365 configuration settings that organizations can implement to protect against BEC attacks. 

Read More
Configuration of Office 365 to Protect Against BEC Attacks - Part 3

Threat Investigation: Anatomy of A Business E-Mail Compromise Attack - Part 2

Posted by Gary Napotnik on Aug 5, 2019

The Unassuming Threat: Business E-Mail Compromise & Office 365 Vulnerabilities

Business e-mail compromise (BEC) is a class of cyber-crime that is growing rapidly. Over the past five years, BEC attacks have resulted in billions of dollars in losses from companies of all sizes across numerous industries.

This post is Part 2 of SecureSky’s multi-part blog series about BEC. In Part 1, we provided an introduction to BEC and discussed why this cyber security threat is increasing. In this post, we’ll take you through a recent SecureSky BEC investigation and explore an example of how BEC is executed against O365 environments.

Read More
Threat Investigation: Anatomy of A Business E-Mail Compromise Attack - Part 2

The Unassuming Threat: Business E-Mail Compromise - Part 1

Posted by Gary Napotnik on Aug 4, 2019

Across the globe, companies and organizations of all sizes have faced an increasing onslaught of the cyber-crime known as business e-mail compromise (BEC). Perpetrated by organized crime groups, BEC attacks have resulted in losses of billions of dollars over the last decade. So how do you prepare and protect your organization from BEC? 

Read More
The Unassuming Threat: Business E-Mail Compromise - Part 1

SecureSky's NEW Dynamic Cloud Security Blog

Posted by Mike Hrabik, SecureSky CEO on Jun 24, 2019

It is with great pleasure that I introduce you to the new blog from SecureSky.

The SecureSky mission is to assist our clients in utilizing cloud-native and third-party technologies to accelerate their ability to operate securely in today’s cloud environments.

Our clients are dealing with rapid cloud adoption and the dissolving of traditional network boundaries.  They have growing concerns about the cyber security skills shortage and how technology and business are driving them to deploy more of their infrastructure and applications in cloud environments.  The shared responsibility model defines areas of security ownership between clients and cloud providers, but where and how to implement security controls in cloud environments can be confusing and very different from how many organizations have operated in the past.   

 The new cloud-based reality requires organizations to handle infrastructure and applications differently, requiring a more proactive and dynamic approach to security. 

Read More
SecureSky's NEW Dynamic Cloud Security Blog
All posts

©2019 SecureSky, Inc. All rights reserved. SafetyNET, SecureSky, AdaptiveDefender and the SecureSky logo are marks of SecureSky, Inc. SecureSky U.S. Patent Nos. 8,347,391; 8,856,324; 9,021,574; 9,350,707; 9,787,713; 9,888,018; 10,015,239. Additional patents pending. Privacy Policy