Tag

microsoft 365

11 articles

  1. Require approved client app is retired on June 30: migrate now

    Require approved client app is deprecated June 30. After that date, existing policies stop enforcing. Here is what to configure before the deadline.

  2. Conditional Access enforcement changes June 15: check your exceptions now

    Apps could bypass Conditional Access by requesting minimal sign-in scopes. Non-excluded apps slipped through silently for years. Starting June 15, that stops.

  3. AiTM Phishing Exposed (2/2): Stop Session Hijacking

    Stop AiTM session hijacking with FIDO2, CAE, and token protection. Microsoft 365 configuration guide with 2 Sentinel queries and 7-step incident response.

  4. AiTM Phishing Exposed (1/2): How Session Hijacking Works

    AiTM phishing doesn't bypass MFA. It waits for MFA to succeed, then takes what comes next. This is how the attack works and why standard MFA provides no protection against it.

  5. Shadow AI Exposed (2/2): Building a Governance Program That Actually Works

    Technical controls catch the visible surface. This part covers what a shadow AI governance program looks like in practice: approved AI catalog, the personal account problem, and a maintenance cycle that doesn't erode.

  6. Social Engineering Exposed (3/3): Defence That Works

    MFA alone won't stop a helpdesk attack. Here's what actually does: the process changes, Entra ID settings, and monitoring that holds up under pressure.

  7. Shadow AI Exposed (1/2): What organizations don't know about the AI tools their employees use

    Most shadow AI incidents start with a legitimate task. What actually ends up in those tools, why security controls miss it, and what the NSW government breach tells us.

  8. Intune compliance policies: what they actually change in your organization

    Most organizations running Microsoft 365 have devices connecting without any enforced security requirements. Intune compliance policies close that gap, and the impact goes further than the security team.

  9. Social Engineering Exposed (2/3): The Helpdesk Attack

    Attackers don't break MFA. They call your helpdesk and get it reset. Here's what that looks like in Entra ID, and why most tenants aren't built to catch it.

  10. Intune MDM vs MAM: When to use which approach

    MDM controls the device, MAM controls the data. A decision matrix for IT admins, including the June 30 Conditional Access deadline you can't miss.

  11. Social Engineering Exposed (1/3): How attackers get in without breaking anything

    MGM lost $100M. Odido lost 6.2M records. Uber's systems went dark. None required a technical exploit. Just a phone call. Here's how it works.
← All articles