Security News

Sneaky Office 365 phishing inverts images to evade detection
2020-11-04 09:00

A creative Office 365 phishing campaign has been inverting images used as backgrounds for landing pages to avoid getting flagged as malicious by crawlers designed to spot phishing sites. This tactic has been used by several Office 365 credential phishing sites according to WMC Global analysts who spotted while being deployed as part of the same phishing kit created and sold by a single threat actor to multiple users.

Attackers finding new ways to exploit and bypass Office 365 defenses
2020-10-26 06:15

Over the six-month period from March to August 2020, over 925,000 malicious emails managed to bypass Office 365 defenses and well-known secure email gateways, an Area 1 Security study reveals. Attackers increasingly use highly sophisticated, targeted campaigns like business email compromise​ to evade traditional email defenses, which are based on already-known threats.

Microsoft adds protection for critical accounts in Office 365
2020-10-23 15:22

Microsoft is working on improving Microsoft Defender for Office 365 with priority protection features for accounts of high-profile employees like executive-level managers that threat actors target most often. Microsoft Defender for Office 365 provides Office 365 enterprise accounts with email threat protection from advanced threats including credential phishing and business email compromise, automatically remediating detected attacks.

Microsoft Teams Phishing Attack Targets Office 365 Users
2020-10-22 17:48

Researchers are warning of a phishing campaign that pretends to be an automated message from Microsoft Teams. The initial phishing email displays the name "There's new activity in Teams," making it appear like an automated notification from Microsoft Teams.

Office 365 OAuth Attack Targets Coinbase Users
2020-10-20 14:33

Office 365 users are receiving emails purporting to come from cryptocurrency platform Coinbase, which ask them to download updated Terms of Service via an OAuth consent app. Here, attackers are betting that they are targeting Office 365 users who are also Coinbase users, researchers said.

Week in review: Criminals leveraging Office 365, endpoint attack anatomy, medical devices cybersec
2020-10-18 08:12

The anatomy of an endpoint attackA lot has changed across the cybersecurity threat landscape in the last decade, but one thing has remained the same: the endpoint is under siege. Cybercriminals are using legitimate Office 365 services to launch attacksVectra released its report on Microsoft Office 365, which highlights the use of Office 365 in enterprise cyberattacks.

Office 365 adds protection against downgrade and MITM attacks
2020-10-16 03:30

Microsoft is working on adding SMTP MTA Strict Transport Security support to Exchange Online to ensure Office 365 customers' email communication security and integrity. Once MTA-STS is available in Office 365 Exchange Online, emails sent by users via Exchange Online will only one delivered using connections with both authentication and encryption, protecting against both email interception and attacks.

Cybercriminals are using legitimate Office 365 services to launch attacks
2020-10-14 04:30

Vectra released its report on Microsoft Office 365, which highlights the use of Office 365 in enterprise cyberattacks. The report explains how cybercriminals use built-in Office 365 services in their attacks.

Office 365: A Favorite for Cyberattack Persistence
2020-10-13 13:20

Threat actors are consistently leveraging legitimate services and tools from within Microsoft Office 365 to pilfer sensitive data and launch phishing, ransomware, and other attacks across corporate networks from a persistent position inside the cloud-based suite, new research has found. Office 365 user account takeover - particularly during the COVID-19 pandemic with so many working from home - is one of the most effective ways for an attacker to gain a foothold in an organization's network, said Chris Morales, head of security analytics at Vectra AI. From there, attackers can move laterally to launch attacks, something that researchers observed in 96 percent of the 4 million Office 365 customers sampled between June to August 2020.

Microsoft adds consent phishing protection to Office 365
2020-10-07 16:10

Microsoft announced that consent phishing protections including OAuth app publisher verification and app consent policies are now generally available in Office 365. These protections are designed to defend Office 365 users from an application-based phishing attack variant known as consent phishing.