The Dynamic Cloud Security Blog

Detecting BEC Attacks and Compromise - Part 5

1.0 Introduction

In Part 1 of this blog series, we introduced BEC attacks, and discussed why BEC attacks are increasing. In Part 2, we used recent BEC investigations to discuss how BEC attacks work against O365 environments. In Part 3, we discussed key Office 365 (O365) configuration settings that organizations can implement to protect against BEC attacks. In Part 4, we discussed key logging and auditing capabilities in O365 that can help organizations detect BEC attacks against their environment.

In this post, Part 5 of the series, we discuss how employees can detect BEC attacks against their environment, as well as to identify situations where a BEC attack has already been successful and an attacker may be accessing the user’s account.

Azure Security Best Practices

Using Application Security Groups

Setting up infrastructure in Azure can, at times, seem quite daunting with all of the available options one can configure within each service. In this blog, we will give you some tips for applying traditional security best practices into your Azure environment using Application Security Groups to help make managing network security groups less cumbersome.

Configuration of Office 365 to Detect BEC Attacks - Part 4

1.0 Introduction

In Part 1 of this blog series, we introduced Business E-mail Compromise (BEC) attacks, and discussed why BEC attacks are increasing. In Part 2, we used recent BEC investigations to discuss how BEC attacks work against O365 environments. In Part 3, we discussed key Office 365 (O365) configuration settings that organizations can implement to protect against BEC attacks. Here in Part 4, we will discuss the logging and auditing capabilities in O365 that can help organizations detect BEC attacks against their environment.

Configuration of Office 365 to Protect Against BEC Attacks - Part 3

In Part 1 of this blog series, we introduced Business E-mail Compromise (BEC) attacks, and discussed why BEC attacks are increasing. In Part 2, we used recent BEC investigations to discuss how BEC attacks work against O365 environments. In this third entry, we will discuss a number of key Office 365 configuration settings that organizations can implement to protect against BEC attacks. 

Threat Investigation: Anatomy of A Business E-Mail Compromise Attack - Part 2

The Unassuming Threat: Business E-Mail Compromise & Office 365 Vulnerabilities

The Unassuming Threat: Business E-Mail Compromise - Part 1

Across the globe, companies and organizations of all sizes have faced an increasing onslaught of the cyber-crime known as business e-mail compromise (BEC). Perpetrated by organized crime groups, BEC attacks have resulted in losses of billions of dollars over the last decade. So how do you prepare and protect your organization from BEC? 

SecureSky's NEW Dynamic Cloud Security Blog

It is with great pleasure that I introduce you to the new blog from SecureSky.

The SecureSky mission is to assist our clients in utilizing cloud-native and third-party technologies to accelerate their ability to operate securely in today’s cloud environments.

Our clients are dealing with rapid cloud adoption and the dissolving of traditional network boundaries.  They have growing concerns about the cyber security skills shortage and how technology and business are driving them to deploy more of their infrastructure and applications in cloud environments.  The shared responsibility model defines areas of security ownership between clients and cloud providers, but where and how to implement security controls in cloud environments can be confusing and very different from how many organizations have operated in the past.   

 The new cloud-based reality requires organizations to handle infrastructure and applications differently, requiring a more proactive and dynamic approach to security.