Security News

Phishers using Zix to “legitimize” emails in the eyes of Office 365 users
2021-05-12 10:30

Abnormal Security removed the blog post after receiving legal notice from Zix. Through their PR agency, Zix contacted us to say that the blog post was removed because they believe it contained multiple false and misleading statements, and they asked us to remove our article or issue a retraction.

Microsoft: Office 365 is blocking emails from Google, LinkedIn domains
2021-05-10 17:48

Microsoft is working on addressing an Office 365 issue that has resulted in legitimate emails sent from multiple domains getting tagged as malicious and quarantined. "Users having multiple issues related to email flow, links within email messages and the Microsoft Defender portal," Microsoft says in the Microsoft 365 admin center.

Malicious Office 365 Apps Are the Ultimate Insiders
2021-05-05 12:27

Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization's own email login page. The apps will persist in a user's Office 365 account indefinitely until removed, and will survive even after an account password reset.

Office 365 security baseline adds macro signing, JScript protection
2021-05-01 14:00

Microsoft has updated the security baseline for Microsoft 365 Apps for enterprise to include protection from JScript code execution attacks and unsigned macros. Security baselines enable security admins to use Microsoft-recommended Group Policy Object baselines to reduce the attack surface of Microsoft 365 Apps and boost the security posture of enterprise endpoints they run on.

Office 365 phishing campaign uses publicly hosted JavaScript code
2021-04-08 13:16

A new phishing campaign targeting Office 365 users cleverly tries to bypass email security protections by combining chunks of HTML code delivered via publicly hosted JavaScript code. The subject of the phishing email says "Price revision" and it contains no body - just an attachment that, at first glance, looks like an Excel document, but is actually an HTML document that contains encoded text pointing to two URLs located yourjavascript.com, a free service for hosting JavaScript, and a separate chunk of HTML code.

Microsoft Office 365 phishing evades detection with HTML Lego pieces
2021-04-08 13:12

A recent phishing campaign used a clever trick to deliver the fraudulent web page that collects Microsoft Office 365 credentials by building it from chunks of HTML code stored locally and remotely. The method consists of gluing together multiple pieces of HTML hidden in JavaScript files to obtain the fake login interface and prompt the potential victim to type in the sensitive information.

Microsoft Office 365 still the top target among phishing attacks
2021-03-31 13:43

Most of the recent credential phishing attacks seen by Menlo Security served phony Outlook and Office 365 login pages. In its report, the Menlo Tabs team said it discovered a rise in credential phishing attacks over the past month.

Resentful employee deletes 1,200 Microsoft Office 365 accounts, gets prison
2021-03-24 07:23

A former IT consultant hacked a company in Carlsbad, California, and deleted almost all its Microsoft Office 365 accounts in an act of revenge that has brought him two years of prison time. More than 1,200 user accounts were removed in this act of sabotage, causing a complete shutdown of the company's operations for two days.

Office 365 Cyberattack Lands Disgruntled IT Contractor in Jail
2021-03-23 20:05

A former IT contractor has been sentenced to two years in prison after hacking into a company's server and deleting the majority of its employees' Microsoft Office 365 accounts. On Aug. 8, 2018, Kher then hacked into the company's server and deleted over 1,200 of its 1,500 O365 user accounts.

Outsourced techie gets 2-year sentence after trashing system of former client: 1,200 Office 365 accounts zapped
2021-03-23 16:33

A California federal court has sentenced a "Vengeful" techie to two years in the clink after he deleted 1,200 Microsoft user accounts belonging to a client. Deepanshu Kher, a Delhi-based employee of an unnamed IT outsourcing firm, was tasked with helping a company in the coastal city of Carlsbad, California, migrate its Office 365 environment.