Office 365
Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts
Malicious third-party OAuth apps with an evident “Publisher identity verified” badge have been used by unknown attackers to target organizations in the UK and …
Unwanted emails steadily creeping into inboxes
A research from Hornetsecurity has revealed that 40.5% of work emails are unwanted. The Cyber Security Report 2023, which analysed more than 25 billion work emails, also …
Weakness in Microsoft Office 365 Message Encryption could expose email contents
WithSecure researchers are warning organizations of a security weakness in Microsoft Office 365 Message Encryption (OME) that could be exploited by attackers to obtain …
Office exploits continue to spread more than any other category of malware
The latest Internet Security Report from the WatchGuard Threat Lab shows a reduction in overall malware detections from the peaks seen in the first half of 2021, along with an …
Escanor malware delivered in weaponized Microsoft Office documents
Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 500 worldwide, identified a new RAT (Remote Administration Tool) advertised in Dark Web and Telegram …
How to prepare your organization for a Slack or Office 365 breach
Whether it’s Slack or Office 365, communication and workflow apps are an essential tool for organizations to collaborate efficiently regardless of geography. However, using …
Phishers steal Office 365 users’ session cookies to bypass MFA, commit payment fraud
A massive phishing campaign has been targeting Office 365 (i.e., Microsoft 365) users in over 10,000 organizations since September 2021 and successfully bypassing multi-factor …
Fake voicemail notifications are after Office365, Outlook credentials
A phishing campaign using fake voicemail notifications has been and is still targeting various US-based organizations, in an attempt to grab employees’ Office365 and …
Attackers connect rogue devices to organizations’ network with stolen Office 365 credentials
Attackers are trying out a new technique to widen the reach of their phishing campaigns: by using stolen Office 365 credentials, they try to connect rogue Windows devices to …
Phishers are targeting Office 365 users by exploiting Adobe Cloud
Phishers are creating Adobe Creative Cloud accounts and using them to send phishing emails capable of thwarting traditional checks and some advanced threat protection …
Armorblox email security platform integrates with Microsoft Sentinel to help stop email-based BEC
Armorblox announced that it has joined the Microsoft Intelligent Security Association (MISA), a coalition of independent software vendors and managed security service …
Microsoft launches Privacy Management for Microsoft 365
Microsoft has made available Privacy Management for Microsoft 365, a new AI-based solution to help enterprises manage data privacy risks and build a privacy resilient …
Featured news
Resources
Don't miss
- Mastering the cybersecurity tightrope of protection, detection, and response
- PRevent: Open-source tool to detect malicious code in pull requests
- Darcula allows tech-illiterate crooks to create, deploy DIY phishing kits targeting any brand
- Hackers pose as employers to steal crypto, login credentials
- Unknown and unsecured: The risks of poor asset visibility