<img src="https://ws.zoominfo.com/pixel/JV60JGR5LG4sEWlH3Xte" width="1" height="1" style="display: none;">

Brian Greidanus

Brian Greidanus
Brian Greidanus has worked in the Information Security industry for almost 20 years in consulting, managed services, and enterprise environments.
Find me on:

Recent Posts

Implementing Foundational Security Controls for Every Office 365 Environment

Posted by Brian Greidanus on Aug 4, 2020

In our previous post, we provided an overview of each of the 12 Foundational Security Controls that should be implemented for every Office 365 environment to deter business email compromise (BEC), account takeover (ATO) attacks, and unauthorized data access.

Read More

Foundational Security Controls for Every Office 365 Environment

Posted by Brian Greidanus on Jun 10, 2020

As many organizations continue to adjust to an extended and potentially permanent remote workforce, dependency on cloud services has increased rapidly – as Microsoft CEO Satya Nadella stated in a recent earnings release – “We’ve seen two years worth of digital transformation in two months. The following post is intended to help organizations that may have recently begun using or have increased their usage of Office 365. 

Please note Microsoft continues to evolve their platform and these recommendations are current as of this posting.

Read More

Attackers Exploit Gap in Office 365 Best Practice Guidelines

Posted by Brian Greidanus on Apr 30, 2020

July 28, 2020 Update: Due to the complexities documented in this blog post, Microsoft is rolling out changes to e-mail forwarding configuration in Office 365. SecureSky is testing the changes that are documented at the following Microsoft URL, and will update this blog post after completion of testing to address these changes: https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/external-email-forwarding?view=o365-worldwide.

With a six times increase in COVID-19 themed incidents, security professionals need to take advantage of every possible configuration and security control to protect against this growing amount of attacks.  Today we will discuss how attackers are leveraging a gap in Office 365 best practices that allows undetected eavesdropping on victim’s emails.

When attackers gain control of an account in Office 365, one of the first steps they often take is to configure email forwarding in the compromised environment. Attackers configure email forwarding in order to see new emails that arrive in the victim’s inbox – which can be responses to attacker phishing attempts sent to the victim contacts. In order to disguise their presence, the attacker does not want the victim to see those emails. 

Read More

Microsoft Security Defaults – A Step in the Right Direction, but Customers Should Do More

Posted by Brian Greidanus on Apr 21, 2020

We understand that managing security for Office 365 can be difficult and complex. As we continue to see common identity-related attacks against authentication like password spray, replay, phishing and malware-based increasing into today’s uncertain world it's imperative that we understand Microsoft’s “Security Defaults”.   

Read More