Gary Napotnik

Recent Posts

Configuration of Office 365 to Detect BEC Attacks - Part 4

Posted by Gary Napotnik on Sep 25, 2019

1.0 Introduction

In Part 1 of this blog series, we introduced Business E-mail Compromise (BEC) attacks, and discussed why BEC attacks are increasing. In Part 2, we used recent BEC investigations to discuss how BEC attacks work against O365 environments. In Part 3, we discussed key Office 365 (O365) configuration settings that organizations can implement to protect against BEC attacks. Here in Part 4, we will discuss the logging and auditing capabilities in O365 that can help organizations detect BEC attacks against their environment.

Read More

Configuration of Office 365 to Protect Against BEC Attacks - Part 3

Posted by Gary Napotnik on Sep 4, 2019

In Part 1 of this blog series, we introduced Business E-mail Compromise (BEC) attacks, and discussed why BEC attacks are increasing. In Part 2, we used recent BEC investigations to discuss how BEC attacks work against O365 environments. In this third entry, we will discuss a number of key Office 365 configuration settings that organizations can implement to protect against BEC attacks. 

Read More

Threat Investigation: Anatomy of A Business E-Mail Compromise Attack - Part 2

Posted by Gary Napotnik on Aug 5, 2019

The Unassuming Threat: Business E-Mail Compromise & Office 365 Vulnerabilities

Read More

The Unassuming Threat: Business E-Mail Compromise - Part 1

Posted by Gary Napotnik on Aug 4, 2019

Across the globe, companies and organizations of all sizes have faced an increasing onslaught of the cyber-crime known as business e-mail compromise (BEC). Perpetrated by organized crime groups, BEC attacks have resulted in losses of billions of dollars over the last decade. So how do you prepare and protect your organization from BEC? 

Read More