Microsoft 365 - Security Ticks

Threat actors are using legitimate Microsoft feature to compromise M365 accounts

account hijacking, cyber espionage, Don't miss, Government, government-backed attacks, Hot stuff, Microsoft, Microsoft 365, News, social engineering, spear-phishing, Volexity / SecurityTicks

Threat actors are using legitimate Microsoft feature to compromise M365 accounts 2025-02-14 at 16:23 By Zeljka Zorz Suspected Russian threat actors have been taking advantage of Microsoft Device Code Authentication to trick targets into granting them access to their Microsoft 365 (M365) accounts. “While Device Code Authentication attacks are not new, they appear to have […]

React to this headline:

Threat actors are using legitimate Microsoft feature to compromise M365 accounts Read More »

Ransomware attackers are “vishing” organizations via Microsoft Teams

Don't miss, enterprise, Hot stuff, Microsoft 365, Microsoft Teams, News, Ransomware, remote access, SMBs, social engineering, Sophos / SecurityTicks

Ransomware attackers are “vishing” organizations via Microsoft Teams 2025-01-21 at 14:10 By Zeljka Zorz The “email bombing + posing as tech support via Microsoft Teams” combination is proving fruitful for two threat actors looking to deliver ransomware to organizations, and they seem to be ramping up their efforts. “Sophos MDR has observed more than 15

React to this headline:

Ransomware attackers are “vishing” organizations via Microsoft Teams Read More »

CISA orders federal agencies to secure their Microsoft cloud environments

CISA, cloud security, Don't miss, Government, Hot stuff, Microsoft 365, News, Sectigo / SecurityTicks

CISA orders federal agencies to secure their Microsoft cloud environments 2024-12-19 at 15:04 By Zeljka Zorz The US Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD 25-01) requiring federal civilian agencies to secure their (Microsoft) cloud environments. About the CISA BOD 25-01 directive The Implementing Secure Practices for Cloud Services

React to this headline:

CISA orders federal agencies to secure their Microsoft cloud environments Read More »

CISA Orders Federal Agencies to Secure Microsoft 365 Environments

cyber news, Microsoft 365 / SecurityTicks

CISA Orders Federal Agencies to Secure Microsoft 365 Environments 2024-12-18 at 15:24 By daksh sharma Overview The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has directed the Federal Civilian Executive Branch to implement more than 50 policies to secure Microsoft 365 environments. The new policies, Binding Operational Directive (BOD) 25-01: Implementing Secure Practices for Cloud

React to this headline:

CISA Orders Federal Agencies to Secure Microsoft 365 Environments Read More »

European companies hit with effective DocuSign-themed phishing emails

account hijacking, Don't miss, Europe, Germany, Hot stuff, Microsoft 365, Microsoft Azure, News, phishing, UK / SecurityTicks

European companies hit with effective DocuSign-themed phishing emails 2024-12-18 at 14:07 By Zeljka Zorz A threat actor looking to take over the Microsoft Azure cloud infrastructure of European companies has successfully compromised accounts of multiple victims in different firms, according to Palo Alto Networks’ Unit 42 researchers. The phishing campaign The attack started earlier this

React to this headline:

European companies hit with effective DocuSign-themed phishing emails Read More »

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)

0-day, authentication, Don't miss, Hot stuff, Microsoft 365, MS Office, News, PrivSec / SecurityTicks

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) 2024-08-12 at 13:31 By Zeljka Zorz A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability is exploitable remotely and requires no special privileges or user interaction to be

React to this headline:

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) Read More »

Microsoft 365 anti-phishing alert “erased” with one simple trick

Certitude, Don't miss, email security, Microsoft 365, News, Outlook, phishing / SecurityTicks

Microsoft 365 anti-phishing alert “erased” with one simple trick 2024-08-08 at 16:01 By Zeljka Zorz Attackers looking for a way into organizations using Microsoft 365 can make an alert identifying unsolicited (and thus potential phishing) emails “disappear”. “When an Outlook user receives an e-mail from an address they don’t typically communicate with, Outlook shows an

React to this headline:

Microsoft 365 anti-phishing alert “erased” with one simple trick Read More »

Microsoft: DDoS defense error amplified attack on Azure, leading to outage

botnet, DDoS, Don't miss, Hot stuff, Microsoft, Microsoft 365, Microsoft Azure, News / SecurityTicks

Microsoft: DDoS defense error amplified attack on Azure, leading to outage 2024-07-31 at 13:46 By Zeljka Zorz A DDoS attack that started on Tuesday has made a number of Microsoft Azure and Microsoft 365 services temporarily inaccessible, the company has confirmed. Microsoft’s mitigation statement on the Azure status history page Microsoft Azure, 365 outage triggered

React to this headline:

Microsoft: DDoS defense error amplified attack on Azure, leading to outage Read More »

Microsoft 365 users targeted by phishers abusing Microsoft Forms

Adobe, Don't miss, Hot stuff, Microsoft 365, News, Perception Point, phishing / SecurityTicks

Microsoft 365 users targeted by phishers abusing Microsoft Forms 2024-07-29 at 12:16 By Zeljka Zorz There has been an uptick in phishing campaigns leveraging Microsoft Forms this month, aiming to trick targets into sharing their Microsoft 365 login credentials. A malicious Microsoft form (Source: Perception Point) Malicious forms leading to phishing pages impersonating Microsoft 365

React to this headline:

Microsoft 365 users targeted by phishers abusing Microsoft Forms Read More »

Maximizing productivity with Copilot for Microsoft 365: A security perspective

access control, Artificial Intelligence, cybersecurity, Don't miss, generative AI, Hot stuff, Microsoft 365, risk, Varonis, Video / SecurityTicks

Maximizing productivity with Copilot for Microsoft 365: A security perspective 2024-06-13 at 06:31 By Help Net Security In this Help Net Security video, Brian Vecci, Field CTO at Varonis, talks about maximizing the potential of Microsoft Copilot for 365. He highlights its productivity benefits and addresses critical security challenges, providing actionable steps to ensure safe

React to this headline:

Maximizing productivity with Copilot for Microsoft 365: A security perspective Read More »

Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns

account hijacking, BEC scams, cryptojacking, Don't miss, Hot stuff, Microsoft, Microsoft 365, Microsoft Azure, Microsoft Entra ID, News, OAuth, phishing, spam / SecurityTicks

Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns 13/12/2023 at 16:46 By Helga Labus Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications OAuth is an open standard authentication protocol that uses tokens to grant applications access to server resources without

React to this headline:

Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns Read More »

15 free Microsoft 365 security training modules worth your time

Don't miss, Hot stuff, how-to, Microsoft, Microsoft 365, News, skill development, strategy, tips / SecurityTicks

15 free Microsoft 365 security training modules worth your time 11/10/2023 at 07:32 By Help Net Security Microsoft 365 is a cloud-based productivity suite. Beyond just tools like Word and Excel, it integrates productivity applications with cloud functionalities, device administration, and enhanced security, all within a unified experience. Managing Microsoft 365 can be difficult for

React to this headline:

15 free Microsoft 365 security training modules worth your time Read More »

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC

DMARC, Don't miss, Email, enterprise, Hot stuff, Microsoft, Microsoft 365, News, spam / SecurityTicks

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC 09/10/2023 at 13:32 By Helga Labus In the wake of Google’s announcement of new rules for bulk senders, Microsoft is urging Microsoft 365 email senders to implement SPF, DKIM and DMARC email authentication methods. “These Domain Name Service (DNS) email authentication records verify that

React to this headline:

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC Read More »

Microsoft Teams users targeted in phishing attack delivering DarkGate malware

Don't miss, Hot stuff, Malware, Microsoft 365, Microsoft Teams, News, phishing / SecurityTicks

Microsoft Teams users targeted in phishing attack delivering DarkGate malware 11/09/2023 at 13:31 By Helga Labus A new phishing campaign taking advantage of an easily exploitable issue in Microsoft Teams to deliver malware has been flagged by researchers. Delivering malware to Microsoft Teams users Late last month, Truesec researchers spotted two compromised Microsoft 365 accounts

React to this headline:

Microsoft Teams users targeted in phishing attack delivering DarkGate malware Read More »

How Chinese hackers got their hands on Microsoft’s token signing key

cloud security, cyber espionage, data theft, Don't miss, enterprise, Europe, Government, Hot stuff, Microsoft, Microsoft 365, News, USA, Wiz / SecurityTicks

How Chinese hackers got their hands on Microsoft’s token signing key 07/09/2023 at 17:00 By Zeljka Zorz The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 government agencies has been explained: they found it somewhere

React to this headline:

How Chinese hackers got their hands on Microsoft’s token signing key Read More »

Microsoft 365 accounts of execs, managers hijacked through EvilProxy

account hijacking, Don't miss, Hot stuff, MFA, Microsoft 365, News, phishing, Proofpoint / SecurityTicks

Microsoft 365 accounts of execs, managers hijacked through EvilProxy 10/08/2023 at 14:48 By Helga Labus A phishing campaign leveraging the EvilProxy phishing-as-a-service (PhaaS) tool has been spotted targeting Microsoft 365 user accounts of C-level executives and managers at over 100 organizations around the world. The rise of phishing-as-a-service As organizations increasingly employ multi-factor authentication (MFA),

React to this headline:

Microsoft 365 accounts of execs, managers hijacked through EvilProxy Read More »

Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database

disaster recovery, Don't miss, Exchange, Hot stuff, Microsoft, Microsoft 365, Microsoft Exchange, News, Product showcase, software, Stellar / SecurityTicks

Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database 26/07/2023 at 07:02 By Help Net Security Time is of the essence when it comes to recovery after Exchange Server failure or database corruption, as organizations depend on emails for their day-to-day business communication. The more the delay in restoring services and recovering data, the

React to this headline:

Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database Read More »

Thanks Storm-0558! Microsoft to expand default access to cloud logs

APT, CISA, cloud security, Don't miss, enterprise, Government, government-backed attacks, Hot stuff, logging, Microsoft, Microsoft 365, News / SecurityTicks

Thanks Storm-0558! Microsoft to expand default access to cloud logs 20/07/2023 at 13:31 By Zeljka Zorz Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) have announced on Wednesday. The announcements come

React to this headline:

Thanks Storm-0558! Microsoft to expand default access to cloud logs Read More »

Malware delivery to Microsoft Teams users made easy

collaboration, Don't miss, enterprise, Hot stuff, Malware, Microsoft 365, Microsoft Teams, News, red team, SMBs, vulnerability / SecurityTicks

Malware delivery to Microsoft Teams users made easy 10/07/2023 at 14:33 By Zeljka Zorz A tool that automates the delivery of malware from external attackers to target employees’ Microsoft Teams inbox has been released. TeamsPhisher (Source: Alex Reid) About the exploited vulnerability As noted by Jumpsec researchers Max Corbridge and Tom Ellson, Microsoft Teams’ default

React to this headline:

Malware delivery to Microsoft Teams users made easy Read More »

How hardening Microsoft 365 tenants mitigates potential cloud attacks

CISO, Don't miss, Hot stuff, Microsoft, Microsoft 365, strategy, tips, Vectra, Video / SecurityTicks

How hardening Microsoft 365 tenants mitigates potential cloud attacks 26/06/2023 at 07:01 By Help Net Security Moving critical data and workloads to the cloud has significantly changed information security teams. But most don’t have the resources to be successful in their cloud attack modeling—not to mention the deployment of measurable controls to defend against these

React to this headline:

How hardening Microsoft 365 tenants mitigates potential cloud attacks Read More »