Gary Napotnik

Recent Posts

Detecting BEC Attacks and Compromise - Part 5

Posted by Gary Napotnik on Nov 22, 2019

1.0 Introduction

Welcome back to SecureSky’s series on Business Email Compromise (BEC) Attack and Detection!

In Part 1 of this blog series, we introduced BEC attacks, and discussed why BEC attacks are increasing. In Part 2, we used recent BEC investigations to discuss how BEC attacks work against O365 environments. In Part 3, we discussed key Office 365 (O365) configuration settings that organizations can implement to protect against BEC attacks. In Part 4, we discussed key logging and auditing capabilities in O365 that can help organizations detect BEC attacks against their environment.

Read More

Configuration of Office 365 to Detect BEC Attacks - Part 4

Posted by Gary Napotnik on Sep 25, 2019

1.0 Introduction

In Part 1 of this blog series, we introduced Business E-mail Compromise (BEC) attacks, and discussed why BEC attacks are increasing. In Part 2, we used recent BEC investigations to discuss how BEC attacks work against O365 environments. In Part 3, we discussed key Office 365 (O365) configuration settings that organizations can implement to protect against BEC attacks. Here in Part 4, we will discuss the logging and auditing capabilities in O365 that can help organizations detect BEC attacks against their environment.

Read More

Configuration of Office 365 to Protect Against BEC Attacks - Part 3

Posted by Gary Napotnik on Sep 4, 2019

In Part 1 of this blog series, we introduced Business E-mail Compromise (BEC) attacks, and discussed why BEC attacks are increasing. In Part 2, we used recent BEC investigations to discuss how BEC attacks work against O365 environments. In this third entry, we will discuss a number of key Office 365 configuration settings that organizations can implement to protect against BEC attacks. 

Read More

Threat Investigation: Anatomy of A Business E-Mail Compromise Attack - Part 2

Posted by Gary Napotnik on Aug 5, 2019

The Unassuming Threat: Business E-Mail Compromise & Office 365 Vulnerabilities

Business e-mail compromise (BEC) is a class of cyber-crime that is growing rapidly. Over the past five years, BEC attacks have resulted in billions of dollars in losses from companies of all sizes across numerous industries.

This post is Part 2 of SecureSky’s multi-part blog series about BEC. In Part 1, we provided an introduction to BEC and discussed why this cyber security threat is increasing. In this post, we’ll take you through a recent SecureSky BEC investigation and explore an example of how BEC is executed against O365 environments.

Read More

The Unassuming Threat: Business E-Mail Compromise - Part 1

Posted by Gary Napotnik on Aug 4, 2019

Across the globe, companies and organizations of all sizes have faced an increasing onslaught of the cyber-crime known as business e-mail compromise (BEC). Perpetrated by organized crime groups, BEC attacks have resulted in losses of billions of dollars over the last decade. So how do you prepare and protect your organization from BEC? 

Read More