Summary Businesses across multiple industries, regardless of size, are at risk of being targeted with Microsoft 365 phishing campaigns. These campaigns trick users into visiting fake Microsoft login page where threat actors capture the user’s credentials. Even accounts with MFA can be victim to these types of attacks. There are several ways in which MFA is being bypassed with these types of campaigns. MFA Fatigue is one of the ways threat actors are bypassing......
Read More
Microsoft Defender for Cloud Apps Alerting and Behaviors
Background: On May 28th, 2023, Microsoft began moving away from using Alerts in Microsoft Defender for Cloud Apps into...
Read MoreMalware distributed via MS Office DDE “feature” — no macros required!
What is DDE? DDE (Dynamic Data Exchange) is a protocol used to transfer data between applications and provides the...
Read More