Microsoft 365 - Security Ticks

Attackers target retailers’ gift card systems using cloud-only techniques

cloud security, Don't miss, Hot stuff, Microsoft 365, News, Palo Alto Networks, Retail, spear-phishing / SecurityTicks

Attackers target retailers’ gift card systems using cloud-only techniques 2025-10-22 at 17:12 By Zeljka Zorz A newly uncovered attack campaign mounted by suspected Morocco-based attackers has been hitting global retailers and other businesses issuing gift cards. What makes this campaign stand out is how the threat actors avoid typical malware techniques and endpoint hacking and […]

React to this headline:

Attackers target retailers’ gift card systems using cloud-only techniques Read More »

Inside the messy reality of Microsoft 365 management

access control, cybersecurity, identity management, Microsoft 365, MSP, News, report, Syncro / SecurityTicks

Inside the messy reality of Microsoft 365 management 2025-10-20 at 07:00 By Anamarija Pogorelec Most MSPs agree that Microsoft 365 is now the backbone of business operations, but a Syncro survey shows that complexity, incomplete backups, and reactive security continue to slow their progress in managing it. About 60% of MSPs said Microsoft 365 powers

React to this headline:

Inside the messy reality of Microsoft 365 management Read More »

Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader

Cloudflare, Don't miss, Hot stuff, lawsuit, Microsoft, Microsoft 365, News, phishing / SecurityTicks

Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader 2025-09-17 at 15:23 By Zeljka Zorz Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation selling the RaccoonO365 kit for stealing Microsoft 365 account credentials. “Using a court order granted by the Southern District of New York, [we] seized 338 websites associated with the popular service, disrupting

React to this headline:

Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader Read More »

Why your Microsoft 365 setup might be more vulnerable than you think

backup, CoreView, cybersecurity, Microsoft 365, News, report, survey / SecurityTicks

Why your Microsoft 365 setup might be more vulnerable than you think 2025-07-14 at 08:15 By Help Net Security 60% of organizations rate their Microsoft 365 security as “established” or “advanced”, according to CoreView. Yet, 60% of those same organizations have experienced account compromise attacks. The Microsoft 365 attack surface is wide and unpredictable. Risks

React to this headline:

Why your Microsoft 365 setup might be more vulnerable than you think Read More »

Microsoft 365 Direct Send Abused for Phishing

Direct Send, email security, Microsoft 365, phishing / SecurityTicks

Microsoft 365 Direct Send Abused for Phishing 2025-06-27 at 11:08 By Ionut Arghire Hackers are abusing the Microsoft 365 Direct Send feature to deliver phishing emails that bypass email security controls. The post Microsoft 365 Direct Send Abused for Phishing appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React

React to this headline:

Microsoft 365 Direct Send Abused for Phishing Read More »

Microsoft boosts default security of Windows 365 Cloud PCs

cloud computing, Don't miss, Hot stuff, hybrid workforce, Microsoft 365, News, remote working, virtualization, Windows / SecurityTicks

Microsoft boosts default security of Windows 365 Cloud PCs 2025-06-20 at 15:05 By Zeljka Zorz Windows 365 Cloud PCs now come with new default settings aimed at preventing / minimizing data exfiltration and malicious exploits, Microsoft has announced. Windows 365 Cloud PCs are Azure (i.e., Windows 365 service)-hosted virtual Windows PCs the company offers as

React to this headline:

Microsoft boosts default security of Windows 365 Cloud PCs Read More »

‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot

AI, Artificial Intelligence, Copilot, EchoLeak, Microsoft 365 / SecurityTicks

‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot 2025-06-12 at 14:21 By Eduard Kovacs Microsoft recently patched CVE-2025-32711, a vulnerability that could have been used for zero-click attacks to steal data from Copilot. The post ‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot appeared first on SecurityWeek.

React to this headline:

‘EchoLeak’ AI Attack Enabled Theft of Sensitive Data via Microsoft 365 Copilot Read More »

Proofpoint to Acquire Hornetsecurity in Reported $1 Billion Deal

acquires, email security, Hornetsecurity, M&A, M&A Tracker, Microsoft 365, Proofpoint / SecurityTicks

Proofpoint to Acquire Hornetsecurity in Reported $1 Billion Deal 2025-05-15 at 15:24 By Eduard Kovacs Enterprise cybersecurity giant Proofpoint is buying Germany-based Microsoft 365 security solutions provider Hornetsecurity. The post Proofpoint to Acquire Hornetsecurity in Reported $1 Billion Deal appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to

React to this headline:

Proofpoint to Acquire Hornetsecurity in Reported $1 Billion Deal Read More »

Attackers phish OAuth codes, take over Microsoft 365 accounts

account hijacking, APT, Don't miss, government-backed attacks, Hot stuff, Microsoft 365, News, OAuth, phishing, Volexity / SecurityTicks

Attackers phish OAuth codes, take over Microsoft 365 accounts 2025-04-23 at 13:36 By Zeljka Zorz Suspected Russian threat actors are using OAuth-based phishing attacks to get targets to grant them access to their Microsoft 365 (M365) accounts. “The primary tactics observed involve the attacker requesting victim’s supply Microsoft Authorization codes, which grant the attacker with

React to this headline:

Attackers phish OAuth codes, take over Microsoft 365 accounts Read More »

Microsoft 365 Targeted in New Phishing, Account Takeover Attacks

Account Takeover, Microsoft 365, phishing / SecurityTicks

Microsoft 365 Targeted in New Phishing, Account Takeover Attacks 2025-03-17 at 15:02 By Ionut Arghire Threat actors are abusing Microsoft 365 infrastructure in a BEC campaign, and target its users in two brand impersonation campaigns. The post Microsoft 365 Targeted in New Phishing, Account Takeover Attacks appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Microsoft 365 Targeted in New Phishing, Account Takeover Attacks Read More »

Knostic Secures $11 Million to Rein in Enterprise AI Data Leakage, Oversharing

Artificial Intelligence, Co-Pilot, DLP, Funding/M&A, Knostic, LLMs, Microsoft 365, seed-stage / SecurityTicks

Knostic Secures $11 Million to Rein in Enterprise AI Data Leakage, Oversharing 2025-03-05 at 13:02 By Ryan Naraine Knostic provides a “need-to-know” filter on the answers generated by enterprise large language models (LLM) tools. The post Knostic Secures $11 Million to Rein in Enterprise AI Data Leakage, Oversharing appeared first on SecurityWeek. This article is

React to this headline:

Knostic Secures $11 Million to Rein in Enterprise AI Data Leakage, Oversharing Read More »

Chinese Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts

botnet, China, Malware & Threats, Microsoft 365, password spray / SecurityTicks

Chinese Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts 2025-02-25 at 19:11 By Eduard Kovacs A China-linked botnet powered by 130,000 hacked devices has targeted Microsoft 365 accounts with password spraying attacks. The post Chinese Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Chinese Botnet Powered by 130,000 Devices Targets Microsoft 365 Accounts Read More »

Massive botnet hits Microsoft 365 accounts

attacks, cybersecurity, Microsoft, Microsoft 365, News, passwords, SecurityScorecard / SecurityTicks

Massive botnet hits Microsoft 365 accounts 2025-02-24 at 15:16 By Help Net Security A recently discovered botnet of over 130,000 compromised devices is launching coordinated password-spraying attacks against Microsoft 365 (M365) accounts. Security researchers at SecurityScorecard are examining possible connections to China-affiliated threat actors, citing evidence of infrastructure linked to CDS Global Cloud and UCLOUD

React to this headline:

Massive botnet hits Microsoft 365 accounts Read More »

Threat actors are using legitimate Microsoft feature to compromise M365 accounts

account hijacking, cyber espionage, Don't miss, Government, government-backed attacks, Hot stuff, Microsoft, Microsoft 365, News, social engineering, spear-phishing, Volexity / SecurityTicks

Threat actors are using legitimate Microsoft feature to compromise M365 accounts 2025-02-14 at 16:23 By Zeljka Zorz Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) accounts. “While Device Code Authentication attacks are not new, they appear to have

React to this headline:

Threat actors are using legitimate Microsoft feature to compromise M365 accounts Read More »

Ransomware attackers are “vishing” organizations via Microsoft Teams

Don't miss, enterprise, Hot stuff, Microsoft 365, Microsoft Teams, News, Ransomware, remote access, SMBs, social engineering, Sophos / SecurityTicks

Ransomware attackers are “vishing” organizations via Microsoft Teams 2025-01-21 at 14:10 By Zeljka Zorz The “email bombing + posing as tech support via Microsoft Teams” combination is proving fruitful for two threat actors looking to deliver ransomware to organizations, and they seem to be ramping up their efforts. “Sophos MDR has observed more than 15

React to this headline:

Ransomware attackers are “vishing” organizations via Microsoft Teams Read More »

CISA orders federal agencies to secure their Microsoft cloud environments

CISA, cloud security, Don't miss, Government, Hot stuff, Microsoft 365, News, Sectigo / SecurityTicks

CISA orders federal agencies to secure their Microsoft cloud environments 2024-12-19 at 15:04 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD 25-01) requiring federal civilian agencies to secure their (Microsoft) cloud environments. About the CISA BOD 25-01 directive The Implementing Secure Practices for Cloud Services

React to this headline:

CISA orders federal agencies to secure their Microsoft cloud environments Read More »

CISA Orders Federal Agencies to Secure Microsoft 365 Environments

cyber news, Microsoft 365 / SecurityTicks

CISA Orders Federal Agencies to Secure Microsoft 365 Environments 2024-12-18 at 15:24 By daksh sharma Overview The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has directed the Federal Civilian Executive Branch to implement more than 50 policies to secure Microsoft 365 environments. The new policies, Binding Operational Directive (BOD) 25-01: Implementing Secure Practices for Cloud

React to this headline:

CISA Orders Federal Agencies to Secure Microsoft 365 Environments Read More »

European companies hit with effective DocuSign-themed phishing emails

account hijacking, Don't miss, Europe, Germany, Hot stuff, Microsoft 365, Microsoft Azure, News, phishing, UK / SecurityTicks

European companies hit with effective DocuSign-themed phishing emails 2024-12-18 at 14:07 By Zeljka Zorz A threat actor looking to take over the Microsoft Azure cloud infrastructure of European companies has successfully compromised accounts of multiple victims in different firms, according to Palo Alto Networks’ Unit 42 researchers. The phishing campaign The attack started earlier this

React to this headline:

European companies hit with effective DocuSign-themed phishing emails Read More »

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)

0-day, authentication, Don't miss, Hot stuff, Microsoft 365, MS Office, News, PrivSec / SecurityTicks

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) 2024-08-12 at 13:31 By Zeljka Zorz A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability is exploitable remotely and requires no special privileges or user interaction to be

React to this headline:

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) Read More »

Microsoft 365 anti-phishing alert “erased” with one simple trick

Certitude, Don't miss, email security, Microsoft 365, News, Outlook, phishing / SecurityTicks

Microsoft 365 anti-phishing alert “erased” with one simple trick 2024-08-08 at 16:01 By Zeljka Zorz Attackers looking for a way into organizations using Microsoft 365 can make an alert identifying unsolicited (and thus potential phishing) emails “disappear”. “When an Outlook user receives an e-mail from an address they don’t typically communicate with, Outlook shows an

React to this headline:

Microsoft 365 anti-phishing alert “erased” with one simple trick Read More »