Zure Cliant
Hackers Bypassing Multi-Factor Authentication Using IMAP???
The most widely abused protocol in the attacks is the legacy IMAP protocol. The current version of the IMAP protocol, IMAP4, was defined by RFC 3501 in March 2003. By using this protocol, attackers are able to avoid account lockout and appear as isolated failed logins.
To combat these threats, organizations need to implement a layered security approach which includes monitoring of logs, user education, and best practice review. Part of a response is to disable the legacy protocols where possible. Implementing this in Office 365 can be done in two parts:
> Disabling POP and IMAP for current mailboxes
> Disabling POP and IMAP for future mailboxes
Both of these tasks can be accomplished using Powershell with a connection to Exchange Online.
> To disable POP and IMAP for all current mailboxes
Get-CASMailbox -Filter {ImapEnabled -eq “true” -or PopEnabled -eq “true” } | Select-Object @{n = “Identity”; e = {$_.primarysmtpaddress}} | Set-CASMailbox -ImapEnabled $false -PopEnabled $false
> To disable POP and IMAP for all future mailboxes
Get-CASMailboxPlan -Filter {ImapEnabled -eq “true” -or PopEnabled -eq “true” } | set-CASMailboxPlan -ImapEnabled $false -PopEnabled $false
14/03/2022
Thinking of becoming a Microsoft 365 Administrator / Messaging Administrator? First, consider this Basic Training.
Online Training Courses
ZC01 - Microsoft Exchange Online Basic Administration (new)
ZC02 - Microsoft Teams Basic Administration (new)
ZC03 - Message Trace / Mail Flow (soon)
ZC04 - Microsoft Exchange Online Advance Administration (soon)
ZC05 - Microsoft Teams Advance Administration (soon)
Inclusions
- Certificate of Attendance
- PDF / Training Materials
Basic Training
Training Fee: P 2,000
Group of 3: P 5,000
Time: 1pm to 5pm | via Teams Meeting
(Weekend Online Training)
Click here to claim your Sponsored Listing.
Category
Telephone
Website
Address
Manila
1300