Attackers Exploit Gap in Office 365 Best Practice Guidelines

Posted by Brian Greidanus on Apr 30, 2020

With a six times increase in COVID-19 themed incidents, security professionals need to take advantage of every possible configuration and security control to protect against this growing amount of attacks.  Today we will discuss how attackers are leveraging a gap in Office 365 best practices that allows undetected eavesdropping on victim’s emails.

When attackers gain control of an account in Office 365, one of the first steps they often take is to configure email forwarding in the compromised environment. Attackers configure email forwarding in order to see new emails that arrive in the victim’s inbox – which can be responses to attacker phishing attempts sent to the victim contacts. In order to disguise their presence, the attacker does not want the victim to see those emails. 

Read More

Top 10 Audio/Video Conferencing Security Best Practices

Posted by Michael Born on Apr 8, 2020

With the recent shift of much of the global workforce to home office work environments, it’s a good time to revisit Audio/Video conferencing security best practices. In this blog we will highlight what we consider the Top 10 ways you can train your employees to practice good, risk-reducing security hygiene when scheduling, creating and running online meetings using one of many popular audio/video conferencing platforms. We will also highlight ways to implement detection and alerting controls for audio/video conferencing platforms that offer such robust security features.

Read More

SecureSky Cyber Threat Center Sees Greater Than 6 Times Increase In Attacks

Posted by Mike Hrabik, SecureSky CEO on Apr 2, 2020

But There’s Still a Lot of Good Things Happening In These Trying Times! One of the most staggering statistics reported recently from the SecureSky Cyber Threat Center is seeing a 6x-7x increase in fraudulent scams and BEC cases in the last 30 days, with COVID-19 themes – phishing, fake investment, charities, prevention or treatment offers and testing scams. We have seen similar trending of overall phishing volumes from multiple clients and email gateway providers, which correlates to the sharp uptick in case volume, as well as click rates.

Read More

The Cloud Balancing Act: Improving Business Outcomes without Degrading Your Security Posture

Posted by Corey Meyer on Feb 24, 2020

Who knew that way back in 1964 Bob Dylan would predict the challenges we’re facing with the cloud in 2020. Times they are a-changin’. We’re in the midst of an evolution in IT, led by the rapid adoption of cloud computing, which promises to produce better business outcomes. While most of us have our security posture top-of-mind in the face of these changes, it’s easy to become complacent, think that we have it covered and rely a little too heavily on the out-of-the-box security offered by our cloud providers. In Dylan’s prophetic words, “It’s time to start swimming or sink like a stone.”

Read More

SecureSky’s Top 5 2020 Cloud Security Predictions

Posted by Corey Meyer on Dec 18, 2019

Cloud Computing Adoption Will Accelerate

We’re not going out on a limb in predicting cloud services will continue to grow. The information technology world is experiencing a tectonic shift, led by the rapid adoption of cloud computing. *Gartner predicts that the market size of the cloud services industry will grow three times faster than overall IT services growth, reaching $331.2 billion by 2022, with SaaS applications accounting for $143.7 billion, or 43% of this market.

Read More

Azure Security Best Practices

Posted by Michael Born on Nov 12, 2019

Using Application Security Groups

Setting up infrastructure in Azure can, at times, seem quite daunting with all of the available options one can configure within each service. In this blog, we will give you some tips for applying traditional security best practices into your Azure environment using Application Security Groups to help make managing network security groups less cumbersome.

Read More