New Microsoft Report Suggests Basic Authentication as Source of Business Email Compromise (BEC) Attacks

Basic Authentication pointed to by Microsoft as cause of BEC attacks

Microsoft Examines Basic Authentication’s Role in BEC Attacks In late 2019, Microsoft announced their intent to remove basic authentication from Exchange Online protocols. Though for many organizations using Microsoft 365, a combination of basic authentication and connection protocols, like POP3 and IMAP4, is still standard practice for accessing Exchange Online mailboxes. A recent report released […]

What’s the Difference Between Enabling and Enforcing MFA?

Enabled vs Enforced MFA

Multi-Factor Authentication (MFA) Enabled vs. Enforced Enabled Azure Multi-Factor Authentication by Changing User States This is the traditional approach for requiring two-step verification. All users that you enable perform two-step verification every time they sign in. Enabling a user overrides any conditional access policies that might affect that user. The user has been enrolled in […]