Category Archives: News

Microsoft warns of increasing OAuth Office 365 phishing attacks

Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, Bleeping Computer has learned. These attacks were part of two campaigns that ran between September and December 2020, targeting victims in multiple recurring waves. One of the two attack campaigns specifically targeted Spanish speaking victims […]

SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach

The perpetrators behind the SolarWinds supplychain attack were observed leveraging four separate, techniques to bypass identity and access management protections and laterally move from victims’ on-premises networks to their cloud-based Microsoft 365 accounts. Companies that use M365 may therefore wish to heed three key recommendations: harden your hybrid environments, conduct thorough audits of your cloud […]

Microsoft: SolarWinds hackers’ goal was the victims’ cloud data

Microsoft says that the end goal of the SolarWinds supply chain compromise was to pivot to the victims’ cloud assets after deploying the Sunburst/Solorigate backdoor on their local networks. No new tactics, techniques, and procedures (TTPs) were shared in a blog post published on Monday to provide Microsoft 365 Defender users with threat hunting techniques […]

6 easy steps you can take to keep your mobile devices safe

Pairing these tips with your common sense means increased security for your devices Our phones have become an extension of our bodies, storing everything from our most personal memories to our banking information to which restaurants we love. They’re essential, personal— and highly steal-able. They’re also at risk of cyberattacks, which means that even if […]