Mark Minasi's Tech Forum
Register Calendar Latest Topics
 
 
 


Reply
  Author   Comment  
donoli

Senior Member
Registered:
Posts: 598
Reply with quote  #1 
In another forum, someone posted a link but it was preceded by that safelinks thing. A google search showed that it was part of Microsoft Advanced Threat Protection feature/bug. Search results showed that everyone wants it to go away. Does it help & do we really need it?
0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 887
Reply with quote  #2 
Its a feature of O365 Exchange Online Protection Advanced Threat Protection.
The link is re-written by Exchange to go through the link checker to make sure that its not malware/ bad link etc.
The technology behind it is kinda cool and the check occurs when you make the click, not when the mail was sent.

Other security services offer different re-writes, Trustwave is another.
It stops most malware/ pawned sites.

Yes something that helps and unfortunately something we need.


__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
BtilEntrails

Avatar / Picture

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 23
Reply with quote  #3 
Ever go to an arcade and play a game called, Whack-A-Mole? Now imaging you are in the same arcade and every time you go into the arcade, you know you will be playing the game Whack-A-Mole all day long and it is all you get to do. I know, a rather long post, but keep reading and I promise living the never ending game of Whack-A-Mole or safelinks will be a welcomed product.

I write this from the standpoint of the IT person that fights the battles when the network is being hit or attacked. I am a little opinionated on what and how attacks are working today and how moving to the cloud just opened the flood gates. The cloud and moving to it, read all of them contacts and you will find that the company you shifted all your trust to, they put it in writing that you have little to no recourse if something goes bad.

Donoli, ignore the messages you are reading that lead you to post about safelinks and said, "Search results showed that everyone wants it to go away?" Having this in place today has made the IT battle better and not a losing battle when you domain is being hit with a targeted phishing attack.

But on the part of and downsides of all the moving to the cloud across all platforms, IT has moved many things that an internal server used to do for storage and or an application server and put those things into the cloud with 3rd party vendors or host applications. We have now placed all trust to a 3rd party, of which how many times in a month do you hear about "breaches" or "leaks" happening?

Or better yet, in our case we moved to these 3rd party trusted the cloud products and our users wanted all of this to be a single sign-on technology. So far all is okay, when we could control network routes by point-to-point connections.

But it all went one step to far, our users wanted to be able to do all things from a web browser and from any device they can use. This opened up a craptastic can to damn stupid and pain for IT.

Made everything into a game of "Whack-A-Mole", cleanup one dumb user and another is hit with an email that came from the first user whom shared their account details. Yep, the first users account was opened up and the attackers created email rules to start blasting out emails to all the users in the email directory.

No amount of telling users not to click on email links stopped a new person to becoming a new "Whack-A-Mole" game of fun.

I could go on and get into all sorts of how this is such a pain, but am very thankful that one of the phishing emails used against us, it used our top dog in leadership as the sender of one of the phishing attacks. When his picture and name was the sender of emails, that triggered the purchase of Microsoft Advanced Threat Protection. Personally, I am extremely happy to have the safelinks system in place.

__________________
Deep Thoughts by Jack Handey - "It takes a big man to cry, but it takes a bigger man to laugh at that man."
0
donoli

Senior Member
Registered:
Posts: 598
Reply with quote  #4 
I couldn't relate to Whack-A_Mole analogy but the rest of the explanation was well put. You're right about no matter how much you tell a user not to do something, it won't help & you're right about everyone wants safelinks, to go away. I didn't trust the link that had safelinks.outlook.com in it which is why I posted.

Here's another ANALogy. How do you keep a rabbit out of a cabbage patch?
Get rid of the cabbage.
If safelinks is need to protect us from the vulnerabilities of the cloud, get rid of the cloud.
0
BtilEntrails

Avatar / Picture

New Friend (or an Old Friend who Built a New Account)
Registered:
Posts: 23
Reply with quote  #5 
Wanted to provide an update. The battle is much better and the noise level from leadership has gotten better. Still have phishing efforts happening, but from external email that we can identify as it comes at us. Much better than some automated email rule created by a compromised user account, which made it tough to prevent or to stop users from clicking on.

Rabbits, Cabbage and the Cloud. Two of the three make a good soup when put together. [biggrin]



__________________
Deep Thoughts by Jack Handey - "It takes a big man to cry, but it takes a bigger man to laugh at that man."
0
donoli

Senior Member
Registered:
Posts: 598
Reply with quote  #6 
Quote:
Rabbits, Cabbage and the Cloud. Two of the three make a good soup when put together. [biggrin]


Who knows? Maybe someday, we'll have cloud soup.
0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 887
Reply with quote  #7 
Quote:
Originally Posted by donoli


Who knows? Maybe someday, we'll have cloud soup.

Cloud Soup

__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
donoli

Senior Member
Registered:
Posts: 598
Reply with quote  #8 
Ah, so it exists. I might try it if Campbell's has it. I won't follow a recipe.
0
wobble_wobble

Avatar / Picture

Associate Troublemaker Apprentice
Registered:
Posts: 887
Reply with quote  #9 
Jameson do a great Whiskey Soup.

You can server it cold (prefered) or warm.

Requirements
- Bowl
- Bottle of Jameson
- Ice cubes
- Spoon

Fill bowl to required level with the Jameson
Add ice cubes to require temp
Eat the soup until bottle is empty, sleep arrives or you feel full.

Jameson


__________________
Have you tried turning it off and walking away? The next person can fix it!

New to the forum? Read this
0
Previous Topic | Next Topic
Print
Reply

Quick Navigation:

Easily create a Forum Website with Website Toolbox.