Microsoft 365 - Security Ticks

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200)

0-day, authentication, Don't miss, Hot stuff, Microsoft 365, MS Office, News, PrivSec / SecurityTicks

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) 2024-08-12 at 13:31 By Zeljka Zorz A new MS Office zero-day vulnerability (CVE-2024-38200) can be exploited by attackers to grab users’ NTLM hashes, Microsoft has shared late last week. The vulnerability is exploitable remotely and requires no special privileges or user interaction to be […]

React to this headline:

Unpatched MS Office flaw may leak NTLM hashes to attackers (CVE-2024-38200) Read More »

Microsoft 365 anti-phishing alert “erased” with one simple trick

Certitude, Don't miss, email security, Microsoft 365, News, Outlook, phishing / SecurityTicks

Microsoft 365 anti-phishing alert “erased” with one simple trick 2024-08-08 at 16:01 By Zeljka Zorz Attackers looking for a way into organizations using Microsoft 365 can make an alert identifying unsolicited (and thus potential phishing) emails “disappear”. “When an Outlook user receives an e-mail from an address they don’t typically communicate with, Outlook shows an

React to this headline:

Microsoft 365 anti-phishing alert “erased” with one simple trick Read More »

Microsoft: DDoS defense error amplified attack on Azure, leading to outage

botnet, DDoS, Don't miss, Hot stuff, Microsoft, Microsoft 365, Microsoft Azure, News / SecurityTicks

Microsoft: DDoS defense error amplified attack on Azure, leading to outage 2024-07-31 at 13:46 By Zeljka Zorz A DDoS attack that started on Tuesday has made a number of Microsoft Azure and Microsoft 365 services temporarily inaccessible, the company has confirmed. Microsoft’s mitigation statement on the Azure status history page Microsoft Azure, 365 outage triggered

React to this headline:

Microsoft: DDoS defense error amplified attack on Azure, leading to outage Read More »

Microsoft 365 users targeted by phishers abusing Microsoft Forms

Adobe, Don't miss, Hot stuff, Microsoft 365, News, Perception Point, phishing / SecurityTicks

Microsoft 365 users targeted by phishers abusing Microsoft Forms 2024-07-29 at 12:16 By Zeljka Zorz There has been an uptick in phishing campaigns leveraging Microsoft Forms this month, aiming to trick targets into sharing their Microsoft 365 login credentials. A malicious Microsoft form (Source: Perception Point) Malicious forms leading to phishing pages impersonating Microsoft 365

React to this headline:

Microsoft 365 users targeted by phishers abusing Microsoft Forms Read More »

Maximizing productivity with Copilot for Microsoft 365: A security perspective

access control, Artificial Intelligence, cybersecurity, Don't miss, generative AI, Hot stuff, Microsoft 365, risk, Varonis, Video / SecurityTicks

Maximizing productivity with Copilot for Microsoft 365: A security perspective 2024-06-13 at 06:31 By Help Net Security In this Help Net Security video, Brian Vecci, Field CTO at Varonis, talks about maximizing the potential of Microsoft Copilot for 365. He highlights its productivity benefits and addresses critical security challenges, providing actionable steps to ensure safe

React to this headline:

Maximizing productivity with Copilot for Microsoft 365: A security perspective Read More »

Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns

account hijacking, BEC scams, cryptojacking, Don't miss, Hot stuff, Microsoft, Microsoft 365, Microsoft Azure, Microsoft Entra ID, News, OAuth, phishing, spam / SecurityTicks

Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns 13/12/2023 at 16:46 By Helga Labus Attackers are compromising high-privilege Microsoft accounts and abusing OAuth applications to launch a variety of financially-motivated attacks. Abusing OAuth applications OAuth is an open standard authentication protocol that uses tokens to grant applications access to server resources without

React to this headline:

Attackers abuse OAuth apps to initiate large-scale cryptomining and spam campaigns Read More »

15 free Microsoft 365 security training modules worth your time

Don't miss, Hot stuff, how-to, Microsoft, Microsoft 365, News, skill development, strategy, tips / SecurityTicks

15 free Microsoft 365 security training modules worth your time 11/10/2023 at 07:32 By Help Net Security Microsoft 365 is a cloud-based productivity suite. Beyond just tools like Word and Excel, it integrates productivity applications with cloud functionalities, device administration, and enhanced security, all within a unified experience. Managing Microsoft 365 can be difficult for

React to this headline:

15 free Microsoft 365 security training modules worth your time Read More »

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC

DMARC, Don't miss, Email, enterprise, Hot stuff, Microsoft, Microsoft 365, News, spam / SecurityTicks

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC 09/10/2023 at 13:32 By Helga Labus In the wake of Google’s announcement of new rules for bulk senders, Microsoft is urging Microsoft 365 email senders to implement SPF, DKIM and DMARC email authentication methods. “These Domain Name Service (DNS) email authentication records verify that

React to this headline:

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC Read More »

Microsoft Teams users targeted in phishing attack delivering DarkGate malware

Don't miss, Hot stuff, Malware, Microsoft 365, Microsoft Teams, News, phishing / SecurityTicks

Microsoft Teams users targeted in phishing attack delivering DarkGate malware 11/09/2023 at 13:31 By Helga Labus A new phishing campaign taking advantage of an easily exploitable issue in Microsoft Teams to deliver malware has been flagged by researchers. Delivering malware to Microsoft Teams users Late last month, Truesec researchers spotted two compromised Microsoft 365 accounts

React to this headline:

Microsoft Teams users targeted in phishing attack delivering DarkGate malware Read More »

How Chinese hackers got their hands on Microsoft’s token signing key

cloud security, cyber espionage, data theft, Don't miss, enterprise, Europe, Government, Hot stuff, Microsoft, Microsoft 365, News, USA, Wiz / SecurityTicks

How Chinese hackers got their hands on Microsoft’s token signing key 07/09/2023 at 17:00 By Zeljka Zorz The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 government agencies has been explained: they found it somewhere

React to this headline:

How Chinese hackers got their hands on Microsoft’s token signing key Read More »

Microsoft 365 accounts of execs, managers hijacked through EvilProxy

account hijacking, Don't miss, Hot stuff, MFA, Microsoft 365, News, phishing, Proofpoint / SecurityTicks

Microsoft 365 accounts of execs, managers hijacked through EvilProxy 10/08/2023 at 14:48 By Helga Labus A phishing campaign leveraging the EvilProxy phishing-as-a-service (PhaaS) tool has been spotted targeting Microsoft 365 user accounts of C-level executives and managers at over 100 organizations around the world. The rise of phishing-as-a-service As organizations increasingly employ multi-factor authentication (MFA),

React to this headline:

Microsoft 365 accounts of execs, managers hijacked through EvilProxy Read More »

Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database

disaster recovery, Don't miss, Exchange, Hot stuff, Microsoft, Microsoft 365, Microsoft Exchange, News, Product showcase, software, Stellar / SecurityTicks

Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database 26/07/2023 at 07:02 By Help Net Security Time is of the essence when it comes to recovery after Exchange Server failure or database corruption, as organizations depend on emails for their day-to-day business communication. The more the delay in restoring services and recovering data, the

React to this headline:

Product showcase: Stellar Toolkit for Exchange – Restore Exchange Database Read More »

Thanks Storm-0558! Microsoft to expand default access to cloud logs

APT, CISA, cloud security, Don't miss, enterprise, Government, government-backed attacks, Hot stuff, logging, Microsoft, Microsoft 365, News / SecurityTicks

Thanks Storm-0558! Microsoft to expand default access to cloud logs 20/07/2023 at 13:31 By Zeljka Zorz Starting in September 2023, more federal government and commercial Microsoft customers will have access to expanded cloud logging capabilities at no additional charge, Microsoft and the Cybersecurity and Infrastructure Security Agency (CISA) have announced on Wednesday. The announcements come

React to this headline:

Thanks Storm-0558! Microsoft to expand default access to cloud logs Read More »

Malware delivery to Microsoft Teams users made easy

collaboration, Don't miss, enterprise, Hot stuff, Malware, Microsoft 365, Microsoft Teams, News, red team, SMBs, vulnerability / SecurityTicks

Malware delivery to Microsoft Teams users made easy 10/07/2023 at 14:33 By Zeljka Zorz A tool that automates the delivery of malware from external attackers to target employees’ Microsoft Teams inbox has been released. TeamsPhisher (Source: Alex Reid) About the exploited vulnerability As noted by Jumpsec researchers Max Corbridge and Tom Ellson, Microsoft Teams’ default

React to this headline:

Malware delivery to Microsoft Teams users made easy Read More »

How hardening Microsoft 365 tenants mitigates potential cloud attacks

CISO, Don't miss, Hot stuff, Microsoft, Microsoft 365, strategy, tips, Vectra, Video / SecurityTicks

How hardening Microsoft 365 tenants mitigates potential cloud attacks 26/06/2023 at 07:01 By Help Net Security Moving critical data and workloads to the cloud has significantly changed information security teams. But most don’t have the resources to be successful in their cloud attack modeling—not to mention the deployment of measurable controls to defend against these

React to this headline:

How hardening Microsoft 365 tenants mitigates potential cloud attacks Read More »

Microsoft Teams vulnerability allows attackers to deliver malware to employees

collaboration, Don't miss, enterprise, Hot stuff, Jumpsec, Malware, Microsoft 365, Microsoft Teams, News, red team, SMBs, vulnerability / SecurityTicks

Microsoft Teams vulnerability allows attackers to deliver malware to employees 23/06/2023 at 15:24 By Zeljka Zorz Security researchers have uncovered a bug that could allow attackers to deliver malware directly into employees’ Microsoft Teams inbox. “Organisations that use Microsoft Teams inherit Microsoft’s default configuration which allows users from outside of their organisation to reach out

React to this headline:

Microsoft Teams vulnerability allows attackers to deliver malware to employees Read More »

Microsoft confirms DDoS attacks against M365, Azure Portal

Azure, DDoS, Don't miss, Hot stuff, Microsoft, Microsoft 365, News, OneDrive, Outlook / SecurityTicks

Microsoft confirms DDoS attacks against M365, Azure Portal 19/06/2023 at 14:02 By Helga Labus The Microsoft 365 and Azure Portal outages users expirienced this month were caused by Layer 7 DDoS attacks, Microsoft has confirmed on Friday. The DDoS attacks against Microsoft 365 and Azure Portal Throughout the first half June 2023 Microsoft confirmed, at

React to this headline:

Microsoft confirms DDoS attacks against M365, Azure Portal Read More »

Phishers use encrypted file attachments steal Microsoft 365 account credentials

cybercrime, Don't miss, Encryption, Hot stuff, Microsoft 365, News, phishing, Trustwave / SecurityTicks

Phishers use encrypted file attachments steal Microsoft 365 account credentials 26/05/2023 at 08:09 By Helga Labus Phishers are using encrypted restricted-permission messages (.rpmsg) attached in phishing emails to steal Microsoft 365 account credentials. “[The campaigns] are low volume, targeted, and use trusted cloud services to send emails and host content (Microsoft and Adobe),” say Trustwave

React to this headline:

Phishers use encrypted file attachments steal Microsoft 365 account credentials Read More »

Greatness phishing-as-a-service threatens Microsoft 365 users

Cisco, Don't miss, Hot stuff, MFA, Microsoft 365, News, phishing / SecurityTicks

Greatness phishing-as-a-service threatens Microsoft 365 users 12/05/2023 at 13:20 By Helga Labus Manufacturing businesses, healthcare organizations, and tech companies in English-speaking countries are the most targeted by phishers leveraging a relatively new phishing-as-a-service (PaaS) tool called Greatness, created to phish Microsoft 365 users. According to Cisco researcher, this tool has been utilized in numerous phishing

React to this headline:

Greatness phishing-as-a-service threatens Microsoft 365 users Read More »