Security News > 2024 > February > Ongoing Microsoft Azure account hijacking campaign targets executives

Ongoing Microsoft Azure account hijacking campaign targets executives
2024-02-12 19:16

A phishing campaign detected in late November 2023 has compromised hundreds of user accounts in dozens of Microsoft Azure environments, including those of senior executives.

The attacks employ documents sent to targets that embed links masqueraded as "View document" buttons that take victims to phishing pages.

"The affected user base encompasses a wide spectrum of positions, with frequent targets including Sales Directors, Account Managers, and Finance Managers. Individuals holding executive positions such as"Vice President, Operations", "Chief Financial Officer & Treasurer" and "President & CEO" were also among those targeted," explains Proofpoint.

Proxies are selected to be near the targets to reduce the likelihood of attacks being blocked by MFA or other geo-fencing policies.

Proofpoint proposes several defense measures to protect against the ongoing campaign, which can help enhance organizational security within Microsoft Azure and Office 365 environments.

Criminal IP ASM: A new cybersecurity listing on Microsoft Azure.

News URL

Related vendor

Microsoft 670 800 4414 4062 3692 12968