Security News > 2024 > February > Ongoing Microsoft Azure account hijacking campaign targets executives
![Ongoing Microsoft Azure account hijacking campaign targets executives](/static/build/img/news/ongoing-microsoft-azure-account-hijacking-campaign-targets-executives-medium.jpg)
A phishing campaign detected in late November 2023 has compromised hundreds of user accounts in dozens of Microsoft Azure environments, including those of senior executives.
The attacks employ documents sent to targets that embed links masqueraded as "View document" buttons that take victims to phishing pages.
"The affected user base encompasses a wide spectrum of positions, with frequent targets including Sales Directors, Account Managers, and Finance Managers. Individuals holding executive positions such as"Vice President, Operations", "Chief Financial Officer & Treasurer" and "President & CEO" were also among those targeted," explains Proofpoint.
Proxies are selected to be near the targets to reduce the likelihood of attacks being blocked by MFA or other geo-fencing policies.
Proofpoint proposes several defense measures to protect against the ongoing campaign, which can help enhance organizational security within Microsoft Azure and Office 365 environments.
Criminal IP ASM: A new cybersecurity listing on Microsoft Azure.
News URL
Related news
- Azure Service Tags tagged as security risk, Microsoft disagrees (source)
- Microsoft paid Tenable a bug bounty for an Azure flaw it says doesn't need a fix, just better documentation (source)
- Azure Service Tags Vulnerability: Microsoft Warns of Potential Abuse by Hackers (source)
- Major Microsoft 365 outage caused by Azure configuration change (source)