Email addresses are what malicious parties collect because the more they have, the more they can Phish/target. Having the ability to enumerate these without generating logging attempts would be a dream for them. Sure they could use other OSINT techniques and steal them, but guessing may be quicker and less work....
The second part to checking how exposed you are online.
Protecting shared service accounts is always a hard task, especially when they have admin privileges. Here is a few things you can do to help you protect them using MFA.
If you're a large organization, hiring a Cyber security firm to audit your security posture is a no brainer. Everything is exploitable and thinking that you are 100% secure nowadays is naive. You can purchase the best of the best security stack but no matter what, there will always be a weak chain somewhere. This is why these services exist. So that they help identify the gaps and help re-mediate them before someone malicious exploits them.
With these cloud solutions comes fancy new toys and potential money saving opportunities. All this seems like a no brainer but what do you lose?
With cloud services becoming the norm, more and more users are starting to have the expectation of accessing their application/services from anywhere......
Phishing isn't something new. In fact, today, it's one of the most common forms of cybercrime. Although we are all aware of it and even have services/software to help detect it, Phisherman still have great success. Even with all these security controls in place, Phishing emails still get through using simple spoofing techniques and open … Continue reading How Company Branding Could Help Protect Your Microsoft Credentials.