This would be helpful for Microsoft 365 as well. While 365 does still support Basic Authentication for SMTP Auth, they recommend switching to OAUTH if possible. Authenticate an IMAP, POP or SMTP connection using OAuth | Microsoft Learn

I would recommend enabling several security event triggers. This is what I have set up:

You should shut down your server immediately and begin incident response procedures. The attackers likely have full admin access to your screenconnect instance and could deploy ransomware to any devices in your instance. The symptoms you described are consistent with the recent compromises in the news. There's an advisory here with some information on how to upgrade from older versions ConnectWise | Trust Center | Advisories

See the security advisory here connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8

It sounds like your server may have been hacked. Did you install the patch?

How are you running a report on duplicate serial numbers? Can it be done with ScreenConnect alone or are you using other tools?

Ah, I was thinking of something else. I meant the old format here:

I preferred the old "last updated 10 minutes ago" format.

Receive can be disabled using the "Advanced Configuration Editor" extension

Automatic client update can be enabled by installing the "Advanced Configuration Editor" extension, then going to Admin -> Advanced -> Web Configuration -> Settings -> "Automatically Update Agent Version"