Teams External User Phishing
Blue Security
English - April 02, 2024 12:00 - 36 minutes - 29 MB - ★★★★★ - 3 ratingsTechnology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
This episode of the Blue Security Podcast discusses the issue of finding logs for chats between external and internal users in Microsoft Teams. The hosts explore various methods for detecting and alerting on suspicious chats, including using KQL queries, creating workbooks, and leveraging communication compliance features. They also highlight the connection between Teams, Exchange Online, and SharePoint, and the importance of protecting against malicious links and educating users about phishing threats. The episode concludes with a discussion on the significance of single sign-on configuration and the need for a holistic approach to security.
Takeaways
-Implementing KQL queries and workbooks can help detect and analyze logs for chats in Teams
-Communication compliance features can be used to detect insider risks and inappropriate behavior in chats.
-Protecting against malicious links and educating users about phishing threats are crucial for maintaining security in Teams.
-Configuring single sign-on and requiring managed machines can enhance security and prevent credential theft.
-----------------------------------------------------------
YouTube Video Link: https://youtu.be/y4EEhkw7EpA
-----------------------------------------------------------
Documentation:
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/mdo-support-teams-about?view=o365-worldwide
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/safe-links-about?view=o365-worldwide#safe-links-settings-for-microsoft-teams
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/safe-attachments-for-spo-odfb-teams-about?view=o365-worldwide
https://learn.microsoft.com/en-us/microsoft-365/security/office-365-security/attack-simulation-training-teams?view=o365-worldwide
-----------------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Twitter: https://twitter.com/bluesecuritypod
Linkedin: https://www.linkedin.com/company/bluesecpod
Youtube: https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Twitter: https://twitter.com/ajawzero
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: [email protected]
-----------------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: [email protected]