Security News > 2024 > September > Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts
Storm-0501, an affiliate of several high-profile ransomware-as-a-service outfits, has been spotted compromising targets’ cloud environments and on-premises systems. “Storm-0501 is the latest threat actor observed to exploit weak credentials and over-privileged accounts to move from organizations’ on-premises environment to cloud environments. They stole credentials and used them to gain control of the network, eventually creating persistent backdoor access to the cloud environment and deploying ransomware to the on-premises,” Microsoft shared last week. Common tactics and … More → The post Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/09/30/ransomware-cloud-compromise/
Related news
- Microsoft Identifies Storm-0501 as Major Threat in Hybrid Cloud Ransomware Attacks (source)
- Ransomware gang using stolen Microsoft Entra ID creds to bust into the cloud (source)
- Microsoft 365 anti-phishing feature can be bypassed with CSS (source)
- Cloud storage lockers from Microsoft and Google used to store and spread state-sponsored malware (source)
- Microsoft 365 anti-phishing alert “erased” with one simple trick (source)
- Windows Server August updates fix Microsoft 365 Defender issue (source)
- Microsoft confirms August updates break Linux boot in dual-boot systems (source)
- Microsoft shares temp fix for Linux boot issues on dual-boot systems (source)
- Microsoft Fixes ASCII Smuggling Flaw That Enabled Data Theft from Microsoft 365 Copilot (source)
- Cicada3301 ransomware’s Linux encryptor targets VMware ESXi systems (source)