this post was submitted on 20 Jul 2023
20 points (95.5% liked)

Cybersecurity

5650 readers
132 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Community Rules

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities [email protected] [email protected] [email protected] [email protected] [email protected] [email protected] [email protected]

Notable mention to [email protected]

founded 1 year ago
MODERATORS
top 6 comments
sorted by: hot top controversial new old
[–] [email protected] 4 points 1 year ago (1 children)

What's the bigger opinion on this. Is MS pushing onPrem Exchange as rotten apple to encourage the shift to 365 or are they genuinely pushing this info out for Administration awareness?

I would assume at this point any Orgs using onPrem are needing the services and thus assume it's for awareness?

[–] [email protected] 1 points 1 year ago

They don’t give a shit about on prem anymore. Which while disappointing is fine with me. Some companies really need it for various reasons and that means the dwindling number of good admins will have good jobs until retirement.

[–] [email protected] 3 points 1 year ago

Holy hell interesting read

[–] [email protected] 3 points 1 year ago (1 children)

Please, help me to understand something about MS Office.

Why the hell you can run a macro in a spreadsheet that can execute arbitrary PowerShell scripts? Why is that feature needed for MS Office users? Is it too hard that it just do stuff inside the spreadsheet and nothing else?

[–] [email protected] 1 points 1 year ago

That is why .xlsm files are blocked company wide with any decent admin

[–] [email protected] 1 points 1 year ago

This doesn’t make a lot of sense to me. No on prem Exchange admin worth a damn is reading emails on the server, or reading their email and opening excel files and enabling macros in them using their admin account for that matter. The bare minimum of security practices will stop this thing before it ever gets started.