The Blog

We publish useful content for our clients here including helpful how to’s, reviews, and some of our thoughts.

If you find these useful, you can subscribe to them. 

 

(It’s hard to type with these tiny arms…)

Mitigating Consent Phishing in Microsoft 365

r

Summary

Push Security recently published an article on July 6, 2021 [read here] discussing a novel way for a malicious actor to bypass Multi Factor Authentication (MFA) and Passwordless sign-on for Microsoft 365 users.

Consent phishing is an emerging technique attackers are using to compromise user accounts, even if they have Multi-factor Authentication (MFA or 2FA) enabled. Consent phishing is particularly effective because it doesn’t exhibit many of the indicators that traditionally expose phishing attacks…

In blog post Microsoft warns that these attacks are on the rise. One notable example of this comes from the SANS Institute. They reported in August of 2020 that they had fallen victim to one of these attacks. As part of the investigation they produced a report with details on how the attackers managed to convince an employee to install a malicious Microsoft 365 add-in to gain access.

…The only fool proof method of preventing this kind of attack is to prevent users from granting access to third party apps. This is terrible for users though, and you’ll be missing out on all the productivity benefits these apps can bring.

Alex Triaca

pushsecurity.com

Z

How are we responding?

We have not seen attacks that utilize this technique against our customers so far. However, we always prefer to take a cautious approach to security and will be pre-emptively mitigating against this particular vector by changing the “3rd party apps and publishers” setting in our managed Microsoft 365 tenants to “require admin consent”. This will be integrated into our Standards and Operations Policy going forward for all clients. For our end clients, this means there may be a short delay when adding 3rd party apps to your Microsoft 365 account while we review and whitelist them. Once they’ve been approved they will be available for everyone in your organization to add.

2FA

2FA

Security is always excessive until it's not enoughTwo Factor Authentication (2FA) Two Factor Authentication is an extra layer of security that makes sure a person trying to access an account is who they say they are. A password is 'something that you know', but also...

read more
StratIS PC recommendations – 2021 Edition

StratIS PC recommendations – 2021 Edition

StratIS standard PC recommendations - 2021 Edition I'm writing this handy guide for business owners looking at upgrading their Business Computers in 2021. Everything below is based on what we would be recommending for general office use cases. If you have a Line of...

read more
Starlink – First impressions and thoughts #Starlink

Starlink – First impressions and thoughts #Starlink

Freaking Space Lasers!!! Of course I bought a Starlink kit. Here's a video unboxing it, setting it up, and talking about my experiences with it over the first few days. Is it going to replace Shaw or Telus right now? Probably not. Is it going to be a GAMECHANGER for...

read more