Security News

Microsoft Office 365 Phishing Attack Uses Multiple CAPTCHAs
2020-10-01 18:27

Researchers are warning of an ongoing Office 365 credential-phishing attack that's targeting the hospitality industry - and using visual CAPTCHAs to avoid detection and appear legitimate. Though the use of CAPTCHAS in phishing attacks is nothing groundbreaking, this attack shows that the technique works - so much so that the attackers in this campaign used three different CAPTCHA checks on targets, before finally bringing them to the phishing landing page, which poses as a Microsoft Office 365 log-in page.

OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks
2020-09-30 21:29

According to researchers from Proofpoint, targets receive a well-crafted lures asking them to click a link which carries them to the legitimate Microsoft third-party apps consent page. "The ability to perform reconnaissance on an O365 account supplies an actor with valuable information that can later be weaponized in business email compromise attacks or account takeoversThe minimal [read-only] permissions requested by these apps also likely help them appear inconspicuous if an organization's O365 administrator audits connected apps for their users' accounts."

APT28 Mounts Rapid, Large-Scale Theft of Office 365 Logins
2020-09-11 20:28

The Russia-linked threat group known as APT28 has changed up its tactics to include Office 365 password-cracking and credential-harvesting. The attacks utilized a daily average of 1,294 IPs associated with 536 netblocks and 273 ASNs; and, organizations typically see more than 300 authentication attempts per hour per targeted account over the course of several hours or days.

Office 365 Phishing Attack Leverages Real-Time Active Directory Validation
2020-09-11 20:28

Researchers have uncovered a phishing attack using a new technique: Attackers are making use of authentication APIs to validate victims' Office 365 credentials - in real time - as they enter them into the landing page. Office 365 requires app registrations to use APIs - but registrations require only an email address, making them seamless for attackers to leverage.

eBook: Planning for Office 365 Gaps
2020-08-04 02:30

Many organizations are trading on-premises systems for cloud-based solutions, a move that brings virtually limitless scalability, storage and accessibility - usually at a lower cost and with reduced complexity. Ignoring the gaps that come with relying on a single vendor dramatically increases your risk profile and potential for a negative business impact due to an attack or unintended breach.

Microsoft to Retire TLS 1.0/1.1 in Office 365 Starting October 15
2020-07-21 14:03

Decades old, these protocol versions are considered obsolete, especially since the newer, safer TLS 1.2 and TLS 1.3 have been available for years. In October 2018, Microsoft confirmed plans to remove support for the older protocols from its browsers, and also moved to deprecate TLS 1.0 and 1.1 for the Office 365 service.

Is your Office 365 locked down in lockdown?
2020-07-20 11:00

Full Office 365 security compliance is one of those things most enterprises will have on the to-do list somewhere, but it's surprising how few actually get around to it. It's more surprising still when considering Office 365 is used by a huge number of companies across the world in some fashion, if only for the basics of email and file storage.

Microsoft Seizes Malicious Domains Used in Mass Office 365 Attacks
2020-07-08 14:58

Microsoft has seized several domains associated with a massive hacking campaign, which has targeted Office 365 accounts with phishing and business email compromise emails. A recent court order issued by U.S. District Court for the Eastern District of Virginia allowed the tech company to disable the domains associated with the email attacks and disband the campaign: "Our civil case has resulted in a court order allowing Microsoft to seize control of key domains in the criminals' infrastructure so that it can no longer be used to execute cyberattacks," according to Tom Burt, corporate vice president, Customer Security and Trust, in a Tuesday post.

Office 365 Users Targeted By ‘Coronavirus Employee Training’ Phish
2020-06-25 13:09

Researchers are warning of a new phishing attack that purports to send coronavirus training resources to employees who are returning to the workplace, as COVID-19 lockdowns lift. The recent phishing campaign leverages novel training programs that are required for employees in the workplace to comply with coronavirus regulations.

Phishing Campaign Targeting Office 365, Exploits Brand Names
2020-06-18 12:55

Researchers have discovered a sophisticated new phishing campaign that uses recognized brand names to bypass security filters as well as to trick victims into giving up Microsoft Office 365 credentials to gain access to corporate networks. A new report from Check Point Software first observed the attacks-the majority of which targeted European companies, with others seen in Asia and the Middle East-in April, when they discovered emails sent to victims titled "Office 365 Voice Mail.".