Security News > 2024 > September > Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts

Storm-0501, an affiliate of several high-profile ransomware-as-a-service outfits, has been spotted compromising targets’ cloud environments and on-premises systems. “Storm-0501 is the latest threat actor observed to exploit weak credentials and over-privileged accounts to move from organizations’ on-premises environment to cloud environments. They stole credentials and used them to gain control of the network, eventually creating persistent backdoor access to the cloud environment and deploying ransomware to the on-premises,” Microsoft shared last week. Common tactics and … More → The post Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2024/09/30/ransomware-cloud-compromise/
Related news
- Triplestrength hits victims with triple trouble: Ransomware, cloud hijacks, crypto-mining (source)
- Threat actors are using legitimate Microsoft feature to compromise M365 accounts (source)
- Massive botnet hits Microsoft 365 accounts (source)
- Botnet targets Basic Auth in Microsoft 365 password spray attacks (source)
- Microsoft links recent Microsoft 365 outage to buggy update (source)
- New Microsoft 365 outage impacts Teams, causes call failures (source)
- Microsoft Teams tactics, malware connect Black Basta, Cactus ransomware (source)
- Microsoft 365 apps will prompt users to back up files in OneDrive (source)
- Microsoft: North Korean hackers join Qilin ransomware gang (source)
- Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts (source)