Search cyberveille.decio.ch

Found 5 bookmarks

Custom sorting

File hosting services misused for identity phishing

Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities, and include business email compromise (BEC) attacks.

#microsoft #EN #2024 #File #hosting #SharePoint #OneDrive #Dropbox #social-engineering #identity #phishing #research

·microsoft.com·Oct 9, 2024

File hosting services misused for identity phishing

Security bug allows anyone to spoof Microsoft employee emails

A researcher has found a way to impersonate Microsoft corporate email accounts, which could make phishing attacks harder to spot.

#techcrunch #EN #2024 #microsoft #researcher #bug #email #phishing

·techcrunch.com·Jun 19, 2024

Security bug allows anyone to spoof Microsoft employee emails

Microsoft Threat Intelligence unveils targets and innovative tactics amidst tax season

Read the new Microsoft Threat Intelligence tax season report to learn about the techniques that threat actors use to mislead taxpayers.

#microsoft #EN #2024 #phishing #tax #HTML #lure

·microsoft.com·Mar 21, 2024

Microsoft Threat Intelligence unveils targets and innovative tactics amidst tax season

Community Alert: Ongoing Malicious Campaign Impacting Azure Cloud Environments

Over the past weeks, Proofpoint researchers have been monitoring an ongoing cloud account takeover campaign impacting dozens of Microsoft Azure environments and compromising hundreds of user accoun...

#proofpoint #EN #2024 #Microsoft #Azure #Campaign #compromise #cloud-security #phishing #MFA

·proofpoint.com·Feb 13, 2024

Community Alert: Ongoing Malicious Campaign Impacting Azure Cloud Environments

DarkGate malware delivered via Microsoft Teams - detection and response

While most end users are well-acquainted with the dangers of traditional phishing attacks, such as those delivered via email or other media, a large proportion are likely unaware that Microsoft Teams chats could be a phishing vector. Most Teams activity is intra-organizational, but Microsoft enables External Access by default, which allows members of one organization to add users outside the organization to their Teams chats. Perhaps predictably, this feature has provided malicious actors a new avenue by which to exploit untrained or unaware users.

#cybersecurity.att.com #EN #2024 #Microsoft #Teams #phishing #malware

·cybersecurity.att.com·Feb 1, 2024

DarkGate malware delivered via Microsoft Teams - detection and response