Comments for Computer Services & Solutions, INC. https://cssi.us/ 431 S. Broadway Ave. Suite 222, Lexington, KY. (859) 226-9222 Mon, 13 Jul 2020 17:02:15 +0000 hourly 1 https://wordpress.org/?v=6.9.4 Comment on Office 365 Vulnerable to Brute Force Attack via Powershell by Tyler https://cssi.us/office-365-brute-force-powershell/#comment-34 Mon, 20 Aug 2018 18:00:35 +0000 https://cssi.us/?p=456#comment-34 In reply to Kieren Johnstone.

I informed support. Do you know a security email for office 365?

]]> Comment on Office 365 Vulnerable to Brute Force Attack via Powershell by Dustin https://cssi.us/office-365-brute-force-powershell/#comment-33 Sat, 18 Aug 2018 10:52:06 +0000 https://cssi.us/?p=456#comment-33 It is the smart lockout feature: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-smart-lockout

Why lock out the user when they can lockout the malicious actor?

Of course, MFA is the real solution and should be implemented, because they will just use a Password Spray attack which would be unlikely to raise any alarms.

]]> Comment on Office 365 Vulnerable to Brute Force Attack via Powershell by Kieren Johnstone https://cssi.us/office-365-brute-force-powershell/#comment-32 Sat, 18 Aug 2018 07:50:16 +0000 https://cssi.us/?p=456#comment-32 Didya do the whole responsible disclosure thing – contacted the appropriate security address for O365?

]]>