Office 365 Archives - Cyber Security Minute

Enterprises Warned About Zix-Themed Credential Phishing Attacks

Issued by: Security Week

Zix provides cybersecurity, compliance and productivity solutions to 21,000 organizations, and cybercriminals have been leveraging the company’s reputation in a phishing campaign aimed at enterprises. Email security company Armorblox said on Tuesday that it has observed an attack on customer environments across Microsoft Exchange, Office 365 and Google Workspace. “Although the potential account exposure of…

Malware & Threats

Malwarebytes was breached by the SolarWinds attackers

Issued by: Help Net Security

A fourth malware strain wielded by the SolarWinds attackers has been detailed by Symantec researchers, followed by the disclosure of the attackers’ ingenous lateral movement techniques and the release of an auditing script by FireEye researchers that organizations can use to check their Microsoft 365 tenants for signs of intrusion. Then, on Tuesday, Malwarebytes CEO…

Vulnerabilities

The top four Office 365 security pain points

Issued by: Help Net Security

Many novice Office 365 (O365) shops do not know where platform-specific security vulnerabilities lie, or even that they exist. The threats that you are unaware exist do not cause pain until they rise up and bite – then the agony is fierce. Companies get themselves into trouble when they do not fully understand the way…

Application Security, Malware & Threats

Cybercriminals targeting social media: Facebook and Instagram are becoming phishers’ favorites

Issued by: Help Net Security

Social media phishing, primarily Facebook and Instagram, saw the highest quarter- over-quarter growth of any industry with a 74.7 percent increase, according to the Vade Secure Phishers’ Favorites report for Q1 2019. While Facebook has been in the top 10 since report’s inception, Instagram cracked the top 25 for the first time, taking the #24…

Malware & Threats

New Office 365 phishing attack uses malicious links in SharePoint documents

Issued by: Help Net Security

Fake emails targeting Office 365 users via malicious links inserted into SharePoint documents are the latest trick phishers employ to bypass the platform’s built-in security, Avanan researchers warn. The cloud security company says that the phishing attack was leveraged against some 10% of its Office 365 customers in the past two weeks and they believe…

Malware & Threats

Corporate Office 365 users hit with clever phishing attack

Issued by: Help Net Security

Corporate Office 365 users are being targeted by phishers using a clever new trick to bypass email filters and the default security protections of the Microsoft service. The attack comes in the form of fake emails, and the trick makes the user to see one URL in the link, anti-phishing filters another, and the actual…

Malware & Threats

Office 365 Flaw Made Fake Microsoft Emails Look Legitimate

Issued by: Security Week

A flaw in Office 365 could have been exploited by attackers to send out malicious emails and make them look as if they were coming from a legitimate microsoft.com address. The issue was discovered by Utku Sen, a Turkey-based security enthusiast known for releasing an open source ransomware called Hidden Tear for educational purposes.