What Are You Doing Right Now
-
@scottalanmiller I need coffee. Didn't have time to get it this morning though. Every driver close to Whitmey, TX drives 5-15 under the speed limit. Drives me crazy!
-
Time for nomz! :smiling_face_with_open_mouth:
-
Just got done interviewing a guy for a position here... got another interview at in an hour, and then another one tomorrow.
-
Getting a new machine ready I just imaged, working on powershell script, getting new image ready to deploy to others, and updating fedora. Oh and here on ML. I need a couple more monitors i think
-
@jmoore said in What Are You Doing Right Now:
@scottalanmiller I need coffee. Didn't have time to get it this morning though. Every driver close to Whitmey, TX drives 5-15 under the speed limit. Drives me crazy!
That's all of Texas. As a NYer, we are used to the standard being "Speed Limit +9", but in Texas it is "Speed Limit -5" which drives us nuts. At least Texans tend to drive in the right lane, while NYers just chill out in the left.
-
@scottalanmiller I'm normally a +2-+5 guy as police are bad around here.
-
Look at these new pcie ssd from WD
3GB/sec, 200kIOPS
Thinking about new computer that supports nvme boot, then i look at ddr4 prices and realize my 12T i7 is still overkill and all i need is new video card. -
@momurda said in What Are You Doing Right Now:
Look at these new pcie ssd from WD
3GB/sec, 200kIOPS
Thinking about new computer that supports nvme boot, then i look at ddr4 prices and realize my 12T i7 is still overkill and all i need is new video card.holy poop those are cheap.
-
Downloading terraform. Wait. Just got done.
-
-
@dbeato said in What Are You Doing Right Now:
Dealing with this...
https://github.com/OfficeDev/O365-InvestigationTooling/blob/master/RemediateBreachedAccount.ps1Oh no! How did you find out about the breach? Also, that is an interesting tool.
-
I see scripts like that and realize how bad i am at scripting.
That is really nice -
Feeling tired, ready for the day to be over.
-
@wrx7m said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
Dealing with this...
https://github.com/OfficeDev/O365-InvestigationTooling/blob/master/RemediateBreachedAccount.ps1Oh no! How did you find out about the breach? Also, that is an interesting tool.
a customer called and stated he was getting emails from clients that were from him. We noticed it was sent from the Office 365 account and they had a delete rule for all the incoming and sent email.
-
@dbeato said in What Are You Doing Right Now:
@wrx7m said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
Dealing with this...
https://github.com/OfficeDev/O365-InvestigationTooling/blob/master/RemediateBreachedAccount.ps1Oh no! How did you find out about the breach? Also, that is an interesting tool.
a customer called and stated he was getting emails from clients that were from him. We noticed it was sent from the Office 365 account and they had a delete rule for all the incoming and sent email.
Yikes!
-
@dbeato said in What Are You Doing Right Now:
Dealing with this...
https://github.com/OfficeDev/O365-InvestigationTooling/blob/master/RemediateBreachedAccount.ps1Yeah we went through this a couple months back. Office 365 tools to help detect/prevent these types of things aren't strong unless you're willing to pay for Azure AD Premium. Thankfully minimal damage done.
-
@zachary715 said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
Dealing with this...
https://github.com/OfficeDev/O365-InvestigationTooling/blob/master/RemediateBreachedAccount.ps1Yeah we went through this a couple months back. Office 365 tools to help detect/prevent these types of things aren't strong unless you're willing to pay for Azure AD Premium. Thankfully minimal damage done.
Did you enable MFA after that on the accounts?
-
@dbeato said in What Are You Doing Right Now:
@zachary715 said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
Dealing with this...
https://github.com/OfficeDev/O365-InvestigationTooling/blob/master/RemediateBreachedAccount.ps1Yeah we went through this a couple months back. Office 365 tools to help detect/prevent these types of things aren't strong unless you're willing to pay for Azure AD Premium. Thankfully minimal damage done.
Did you enable MFA after that on the accounts?
We looked into MFA before this ever happened, but it doesn't seem to work well since we have Office 365 through GoDaddy. The authentication seems to run through GoDaddy first so it makes it act fairly wonky. I'm now testing a "pure" Office 365 account and going to enable MFA there to confirm my suspicions that GoDaddy is where my issues lie.
-
@zachary715 said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
@zachary715 said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
Dealing with this...
https://github.com/OfficeDev/O365-InvestigationTooling/blob/master/RemediateBreachedAccount.ps1Yeah we went through this a couple months back. Office 365 tools to help detect/prevent these types of things aren't strong unless you're willing to pay for Azure AD Premium. Thankfully minimal damage done.
Did you enable MFA after that on the accounts?
We looked into MFA before this ever happened, but it doesn't seem to work well since we have Office 365 through GoDaddy. The authentication seems to run through GoDaddy first so it makes it act fairly wonky. I'm now testing a "pure" Office 365 account and going to enable MFA there to confirm my suspicions that GoDaddy is where my issues lie.
Oh okay, this account is fully Office 365.
-
@dbeato said in What Are You Doing Right Now:
@zachary715 said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
@zachary715 said in What Are You Doing Right Now:
@dbeato said in What Are You Doing Right Now:
Dealing with this...
https://github.com/OfficeDev/O365-InvestigationTooling/blob/master/RemediateBreachedAccount.ps1Yeah we went through this a couple months back. Office 365 tools to help detect/prevent these types of things aren't strong unless you're willing to pay for Azure AD Premium. Thankfully minimal damage done.
Did you enable MFA after that on the accounts?
We looked into MFA before this ever happened, but it doesn't seem to work well since we have Office 365 through GoDaddy. The authentication seems to run through GoDaddy first so it makes it act fairly wonky. I'm now testing a "pure" Office 365 account and going to enable MFA there to confirm my suspicions that GoDaddy is where my issues lie.
Oh okay, this account is fully Office 365.
Yeah we ended up creating some new rules as a result and learned a whole lot about all the different Office 365 relevant portals to capture logs, etc that we weren't fully aware of prior. It's really quite scattered at the moment and the ability to setup alerting is pretty weak, especially on the Azure side. Now we're having to manually check the "Users Flagged for Risk" and "Risky Sign Ins" weekly to help identify any fishy (phishy?) business.
