cloudcoffee.ch

Freshly brewed with Microsoft Azure and Microsoft 365

Month: February 2022

Phishing protection for app registration

By

On 26. February 2022

In Microsoft Azure

Phishing attacks on users are rising. There are countless possibilities for phishing attacks. One of them attempts to gain unauthorized access to the data via the app registration. If the attack is successful, no password change will lock the attacker out again. Auch die Multi-Faktor-Authentifizierung bietet keinen Schutz, da die App des Angreifers bereits zum Zugriff auf die Daten berechtigt ist. It’s time to restrict app registration and thus increase security against phishing.

Read More

Enable Microsoft Entra self-service password reset (SSPR)

By

On 19. February 2022

In Microsoft 365, Microsoft Azure

Last Updated on 28. December 2023

Microsoft Entra self-service password reset (SSPR) allows users to change or reset the password on their own. It does not require support from the helpdesk.

To allow the user to change or reset the password, the following authentication methods are available for Microsoft Entra self-service password reset (SSPR):

Read More

Block Legacy Authentication with Azure AD Conditional Access

By

On 12. February 2022

In Microsoft 365, Microsoft Azure

Widely used legacy authentication protocols such as POP, SMTP, IMAP or MAPI are now a serious security vulnerability and thus very popular with attackers.

The numbers on legacy authentication from one analysis are stark:
(Source: https://techcommunity.microsoft.com/t5/azure-active-directory-identity/new-tools-to-block-legacy-authentication-in-your-organization/ba-p/1225302#)

  • More than 99 percent of password spray attacks use legacy authentication protocols
  • More than 97 percent of credential stuffing attacks use legacy authentication
  • Azure AD accounts in organizations that have disabled legacy authentication experience 67 percent fewer compromises than those where legacy authentication is enabled

Read More

Multi-factor authentication method analysis

By

On 5. February 2022

In Microsoft 365, Microsoft Azure

For a security audit, it is necessary to check which multi-factor authentication method is enabled for each individual user in the Microsoft tenant.

The guide can also be used to make users aware of a multi-factor authentication method that may be more convenient for them than they currently have enabled.

The following are possible multi-factor authentication methods.:

  • Mobile App (Microsoft Authenticator)
  • Text message
  • Phone call

Read More

Powered by WordPress & Theme by Anders Norén