2024’s first Patch Tuesday steps lightly
January isn’t traditionally the lightest month on patch managers’ calendars, so a second month of (relatively) few Microsoft releases is a bit of a treat. On Tuesday the company released 48 CVEs, including 38 for Windows. Eight other product groups or tools are also affected. Of the CVEs addressed, just two are considered Critical in…
Fast-Growing Dropbox Campaign Steals Microsoft SharePoint Credentials
Threat actors are using messages sent from Dropbox to steal Microsoft user credentials in a fast-growing business email compromise (BEC) campaign. The effort evades natural language processing (NLP)-based security scans, and demonstrates the rapid evolution of these types of attacks. Researchers at Check Point Harmony observed more than 5,000 of the attacks — in which…
The most dangerous (and interesting) Microsoft 365 attacks
Government-sponsored hackers, who carry out cyberespionage campaigns, invest more resources than ever to find new ways of attacking the cloud. One of their preferred targets is Microsoft 365, previously called Office 365, a platform used by an increasing number of organizations of all sizes. From an intelligence collector’s perspective, it makes sense to target it….
Perception Point Raises $28 Million Grow Collaboration Protection Platform
The company describes itself as a protector against “content-based attacks” that come via collaboration channels, including email, cloud storage, CRM apps, and messaging platforms. Perception Point logoPerception Point says its solution can be rolled out in minutes with no change to enterprise infrastructure, and can help prevent the spread of malicious files, URLs, and block…
New Office 365 phishing attack uses malicious links in SharePoint documents
Fake emails targeting Office 365 users via malicious links inserted into SharePoint documents are the latest trick phishers employ to bypass the platform’s built-in security, Avanan researchers warn. The cloud security company says that the phishing attack was leveraged against some 10% of its Office 365 customers in the past two weeks and they believe…