Lethal Forensics Logo
Lethal Forensics Logo

Our Services

M365 Investigations

We specialize in conducting forensic and compliance investigations in Microsoft 365 (M365) cloud environments with a big focus on investigating and responding to phishing attacks and Business Email Compromise (BEC), one of the most common and costly threat to organizations of all sizes.

You can rely on our cumulative and ever-expanding security knowledge to help you to respond quickly and in an effective manner to any kind of security incident in M365 (or to support your legal investigation). We are able to quickly identify, investigate, and respond to such threats, to deal with the immediate attack to get you back to business faster, but also to strengthen your cyber security posture and prevent further incidents.

The Role of Forensics / Investigation Questions:

Has unauthorized access to mailboxes or critical data occurred?
What was the initial attack vector / initial access?
When did the attack occur?
Which accounts have been compromised?
What follow on activities has the threat actor taken?
Has sensitive data been accessed?
Has data exfiltration occurred?
Have end user devices been compromised?
Does the threat actor still have access to the compromised account or environment?
Was the attack opportunistic or targeted against your organization?
Has any internal or external spreading via spam occurred and are business partners impacted?

Looking for M365 forensic tools? Check out our Microsoft-Analyzer-Suite (Community Edition) which is used by forensic investigators and incident responders worldwide:

https://github.com/LETHAL-FORENSICS/Microsoft-Analyzer-Suite

Lethal Forensics is your ultimate Microsoft 365 Incident Response partner.

Book a Consultation

M365 Investigations

We specialize in conducting forensic and compliance investigations in Microsoft 365 (M365) cloud environments with a big focus on investigating and responding to phishing attacks and Business Email Compromise (BEC), one of the most common and costly threat to organizations of all sizes.

You can rely on our cumulative and ever-expanding security knowledge to help you to respond quickly and in an effective manner to any kind of security incident in M365 (or to support your legal investigation). We are able to quickly identify, investigate, and respond to such threats, to deal with the immediate attack to get you back to business faster, but also to strengthen your cyber security posture and prevent further incidents.

The Role of Forensics / Investigation Questions:

Has unauthorized access to mailboxes or critical data occurred?
What was the initial attack vector / initial access?
When did the attack occur?
Which accounts have been compromised?
What follow on activities has the threat actor taken?
Has sensitive data been accessed?
Has data exfiltration occurred?
Have end user devices been compromised?
Does the threat actor still have access to the compromised account or environment?
Was the attack opportunistic or targeted against your organization?
Has any internal or external spreading via spam occurred and are business partners impacted?

Looking for M365 forensic tools? Check out our Microsoft-Analyzer-Suite (Community Edition) which is used by forensic investigators and incident responders worldwide:

https://github.com/LETHAL-FORENSICS/Microsoft-Analyzer-Suite

Lethal Forensics is your ultimate Microsoft 365 Incident Response partner.

Book a Consultation

 

Microsoft 365M365EntraBECBusiness Email CompromisePayment Diversion FraudPayment Redirection FraudEmail FraudOffice 365PhishingMicrosoft-Analyzer-SuiteMicrosoft 365 Incident ResponseEmail AnalysisCloud Incident ResponseAzure