Security News > 2024 > September > Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts
Storm-0501, an affiliate of several high-profile ransomware-as-a-service outfits, has been spotted compromising targets’ cloud environments and on-premises systems. “Storm-0501 is the latest threat actor observed to exploit weak credentials and over-privileged accounts to move from organizations’ on-premises environment to cloud environments. They stole credentials and used them to gain control of the network, eventually creating persistent backdoor access to the cloud environment and deploying ransomware to the on-premises,” Microsoft shared last week. Common tactics and … More → The post Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/09/30/ransomware-cloud-compromise/
Related news
- Microsoft fixes Office 365 apps crashing on Windows Server systems (source)
- TRIPLESTRENGTH Hits Cloud for Cryptojacking, On-Premises Systems for Ransomware (source)
- Severe Security Flaws Patched in Microsoft Dynamics 365 and Power Apps Web API (source)
- Microsoft MFA outage blocking access to Microsoft 365 apps (source)
- Azure, Microsoft 365 MFA outage locks out users across regions (source)
- Microsoft 365 apps crash on Windows Server after Office update (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass (source)
- Ransomware attackers are “vishing” organizations via Microsoft Teams (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)