Security News > 2020 > October > Cybercriminals are using legitimate Office 365 services to launch attacks

Cybercriminals are using legitimate Office 365 services to launch attacks
2020-10-14 04:30

Vectra released its report on Microsoft Office 365, which highlights the use of Office 365 in enterprise cyberattacks.

The report explains how cybercriminals use built-in Office 365 services in their attacks.

"Within the new work-from-home paradigm, user account takeover in Office 365 is the most effective way for an attacker to move laterally inside an organization's network." said Chris Morales, head of security analytics at Vectra.

Even with the increasing adoption of security postures to protect user accounts such as multifactor authentication, 40 percent of organizations still suffer from Office 365 breaches, leading to massive financial and reputational losses.

71 percent of customers sampled exhibited suspicious Office 365 Power Automate behaviours.


News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/PQB905K2ASI/