Month: February 2024

Teams Nation 2024: Phishing attack using Microsoft Teams

Cyber threats are always evolving. In the past couple of months, there has been a large increase in phishing messages sent using Microsoft Teams. Louis and Thijs work in a Security Operations Center and handle these types of attacks daily. During this session we will cover the following: – Some real-world example of an attack– […]

Impersonation protected user upload script

Impersonation is when the sender of an email message looks similar to a real or expected sender’s email address. Attackers often use impersonated sender email addresses in phishing or other types of attacks to gain the trust of the recipient. User impersonation: Contains subtle differences in the email alias. For example, louiis@gmail.com impersonates louis@gmail.com. Anti-phishing Microsoft […]

To expire a password or not to expire?

Let’s discuss one of my more “unpopular” opinions. Microsoft states in its documentation the following: Password expiration requirements do more harm than good because these requirements make users select predictable passwords, composed of sequential words and numbers that are closely related to each other. In these cases, the next password can be predicted based on […]