In this episode, Andy and Paul Schnackenburg, Microsoft Certified Trainer, investigate the burning question on everyone’s mind: Is Microsoft 365 a secure platform? As we discuss the intricate details and inner workings of Microsoft 365 security, we leave no stone unturned.

Tune in to learn valuable insights and expert analysis on the subject, as well as how Microsoft 365 holds up in today’s ever-changing threat landscape.

Timestamps:

2:30 – Is Microsoft 365 secure?

6:32 – Management portal and configuration creep in M365

13:28 – Does file sharing in M365 create a security problem?

20:07 – Lack of transparency in regards to internal cloud infrastructure CVEs

25:36 – The mentality of security – just because it’s in “the cloud”

29:38 – Ultimately it’s the “customer’s” responsibility to stay safe

Episode Resources:

365 Total Protection Compliance & Awareness – Free Trial

Microsoft 365 Security Checklist

Azure Blunder left Bing Results Editable

365 Permission Manager Free Trial

Find Andy on LinkedIn, Twitter or Mastadon

Find Paul on LinkedIn or Twitter

Organizations increasingly depend on cloud-based productivity suites such as Microsoft 365 to enhance workforce productivity and streamline operations in the current digital era. Understanding Microsoft 365’s security landscape reveals a holistic and dynamic approach to safeguarding data. Nonetheless, ensuring complete protection remains imperative.

Hence, it is vital to prioritize comprehensive protection for your Microsoft 365 environment to uphold the security of your system. Fortunately, luck is on your side as Hornetsecurity has developed an exceptional security solution explicitly tailored for Microsoft 365. Seamlessly integrated, our cutting-edge protection services offer comprehensive security for Microsoft’s cloud services. Setting up is a breeze, and the intuitive interface makes it easy to manage your IT security right from the beginning.

To elevate your compliance for Microsoft 365, use Hornetsecurity Microsoft 365 Permission Manager, as our service offers Microsoft 365 administrators numerous benefits such as easy-to-use, timesaving, compliance monitoring, govern compliance, and more.

In today’s episode, we welcome Philip Galea, an esteemed expert in immutability and backups at Hornetscurity. With ransomware being one of the most pervasive issues in the industry today, immutability emerges as a powerful weapon against ransomware gangs.

The term immutability is thrown around a lot in the cybersecurity community, but what does it mean, and why do ransomware gangs hate it? This episode provides a fascinating insight into immutability and its vital role in the fight against ransomware.

Timestamps:

4:25 – What is immutability?

9:34 – How ransomware drove the need for immutability

12:30 – Ransomware creation via ChatGPT

18:12 – Are there benefits and use cases for immutability outside of backup?

21:30 – How does immutability really work?

24:57 – What’s to stop a rogue admin from “Tinkering” with immutable storage?

Episode resources:

EP01: We used ChatGPT to Create Ransomware

MITRE ATT&CK DK

Hornetsecurity VM Backup

Immutability refers to the quality of being unchanging or unable to be modified. In the context of data backups, immutable backups are copies of data that cannot be altered or deleted by anyone, including the individuals who created them. This feature makes them highly resistant to manipulation or tampering.

Now, why do ransomware gangs harbor such disdain for immutable backups? The answer lies in their malicious intent and the disruptive nature of ransomware attacks. Ransomware is malicious software that infiltrates computer systems and encrypts valuable data, holding it hostage until a ransom is paid. It thrives on the ability to control and manipulate data, leaving victims with few options.

Immutable backups, however, pose a significant obstacle to these cyber criminals. By preserving data in a state that cannot be changed, even by the most sophisticated ransomware, immutable backups provide a failsafe against data loss. When a system is compromised, organizations can restore their data from these secure, unalterable backups, rendering the ransomware attack futile.

We strongly advise utilizing Hornetsecurity’s VM backup service, especially now with the introduction of the V9 feature. Employing VM Backup V9 significantly enhances data security, effectively shielding your data from deletion and unauthorized alterations.

Welcome back to the Security Swarm Podcast! In this episode, our host Andy Syrewicze talks with Umut Alemdar, Head of Security Lab here at Hornetsecurity, about the reemergence of Emotet and the pervasiveness of botnets. Why does Emotet malware returns, i.e., why do they keep coming back?

Emotet is the well-known botnet that returns for spreading malware and stealing personal information. it had been dormant since December before reappearing in March 2023 with new tactics and capabilities. The Botnet has a modular architecture that allows threat actors to include any kind of payload that gets executed on the victim’s device.

Tune in to hear Andy and Umut discuss the attack chain of Emotet, how it has evolved and the risks it may pose to your organization. They also explore why botnets such as Emotet persist despite efforts to shut them down.

Timestamps:

1:58 – What is Emotet?

6:25 – Emotet’s Attack Chain

12:20 – How do Botnets continue to return?

14:44 – How can organizations guard against botnets like Emotet?

Episode resources:

Hornetsecurity Article Regarding Emotet

Hornetsecurity CyberSecurity Roundtable Discussion

Advanced Threat Protection

Security Awareness Services

Andy on LinkedIn, Twitter, Mastadon

Umut on LinkedIn

Welcome back for another episode of the Security Swarm Podcast, the podcast that brings you the insights and expertise straight from the Security Lab here at Hornetsecurity. In this episode, we’ll be diving into recent security disclosures with Eric Siron, Microsoft MVP, and discussing how organizations should respond when vulnerabilities are discovered.

We’ll focus on two major incidents as examples throughout this episode; the Outlook Vulnerability CVE-2023-23397, and the re-emergence of Emotet.

In today’s digital landscape, threats are constantly evolving and becoming more sophisticated, making it critical to respond quickly and efficiently minimize the impact of such incidents. Whether you’re a SysAdmin working in a small organization or the CISO of a large business, you have to be more vigilant, and have a plan.

Tune in to learn valuable insights into how tech professionals should handle security news.

Timestamps:

3:16 – A baseline example of a busy security news-cycle

8:00 – Keeping an eye on the security news-cycle and has it always been this way?

17:45 – What should organizations be doing to keep tabs on the security news-cycle?

23:21 – What can vendors be doing better to help SysAdmins handle security news?

Episode resources:

CVE-2023-23397

The Re-Emergence of Emotet

Hornetsecurity July 2022 Threat Review with Talk of Qakbot

White House to Shift Cybersecurity Burden

Andy on LinkedIn, Twitter, Mastadon

Eric on Twitter