Category Archives: News

Locked Shields 2021 largest cyber defense exercise worldwide

This year’s high-level cyber security Exercise Locked Shields is the largest of its kind, organizers, the Tallinn-based NATO Cooperative Cyber Defense Center of Excellence (CCDCOE), have announced. Under a new format for 2021, this year’s event will be the largest global live-fire cyber defense exercise worldwide, the CCDCOE says, and will aim to highlight the […]

Microsoft Releases Queries for SolarWinds Attack Detection

Microsoft is making available the CodeQL queries it used to detect malicious implants in the massive supply chain attack that affected SolarWinds, tech firms and government agencies. The CodeQL queries, written in C# language, are now available in the GitHub repository. They help in ruling out the presence of the code-level indicators of compromise. “There […]

Microsoft warns of increasing OAuth Office 365 phishing attacks

Microsoft has warned of an increasing number of consent phishing (aka OAuth phishing) attacks targeting remote workers during recent months, Bleeping Computer has learned. These attacks were part of two campaigns that ran between September and December 2020, targeting victims in multiple recurring waves. One of the two attack campaigns specifically targeted Spanish speaking victims […]

SolarWinds attack opened up 4 separate paths to a Microsoft 365 cloud breach

The perpetrators behind the SolarWinds supplychain attack were observed leveraging four separate, techniques to bypass identity and access management protections and laterally move from victims’ on-premises networks to their cloud-based Microsoft 365 accounts. Companies that use M365 may therefore wish to heed three key recommendations: harden your hybrid environments, conduct thorough audits of your cloud […]