Display Name Spoofing / Impersonation is a simple but effective way hackers will try and obtain information, divert funds, and defraud you and your staff.
The hackers will look for executives within your company and then create valid email addresses with their display names on common mailing platforms, and then send requests through requesting funds transferred, bank details etc.
In a busy workplace with only a glance at the display name it would be easy to action these requests without further thought.
The problem is this type of spoofing uses valid email addresses from valid domains, but with the same display name as executives, so mechanisms like SPF, DKIM and DMARC won’t pick them up.
However, by implementing a simple mail-flow rule, you can easily add a warning to this type of message which should prompt the end use to proceed with caution.
In this post we’ll look at how to enable SharePoint auditing. Recently I’ve been investigating some mysterious folder moves which the end users couldn’t explain, but folders were disappearing and reappearing elsewhere.
My first thought was that they have been dragged and dropped by mistake with a touchpad, it’s so easy to do if you aren’t careful.
My second thought was to check the SharePoint audit logs. Read on to learn how to enable SharePoint Auditing and view the available reports.
By default SharePoint Auditing isn’t enabled in Office 365.
This is a very quick post on how to move Windows 10 Sticky Notes from on user profile to another. This will be useful if you are moving from a local to a domain account, changing computers. Or just want to give someone else a copy of your Sticky Notes.
If you use Multi Factor Authentication in an Office 365 environment then you will need to use App Passwords for some applications that don’t support Multi Factor Authentication like Outlook, or other email clients on mobile devices.
If you’ve forgotton your App Password or need to delete or create a new one, here is where to find them and how to create a new one.
I’ve been using OneNote extensively now for a couple of years, but there is one bug bear I have, each time I edit an embedded Excel spreadsheet and save it, the spreadsheet increases in size, so after several separate edits its nearly doubled in size!
I’ve yet to find a solution to stop this from happening, but i have found an easy work around.
Accurate time in a domain environment is essential for authentication between clients and servers to work correctly. Kerberos v5 protocol requires a tolerance of less than 5 minutes, anything more than this and you will get authentication errors.
I’ve recently been investigating a a server who’s time leaped 28 days into the future! So wanted to start auditing the Windows Time service to see what made the change.
So in this blog post I’ll show you how to enable Windows Time service auditing.
For the next couple of posts I’ll be looking into AD security and auditing. In this article we’ll look at how to use Get-ADUser to list all recently created accounts.
With the increasing number of cyber attacks, security is at the top of most IT departments agenda. There are many checks you can perform to make sure AD is safe and secure, and that only valid or approved modifications have been made to user accounts. I’ll look at AD auditing in a future post, but this will be a handy snippet of PowerShell to help you identify recently created AD accounts, and a bonus bit of code to identify recently modified accounts!