As many organizations continue to adjust to an extended and potentially permanent remote workforce, dependency on cloud services has increased rapidly – as Microsoft CEO Satya Nadella stated in a recent earnings release – “We’ve seen two years’ worth of digital transformation in two months.” The following post is intended to help organizations that may have recently begun using or have increased their usage of Office 365.
Read More
With a six times increase in COVID-19 themed incidents, security professionals need to take advantage of every possible configuration and security control to protect against this growing amount of attacks. Today we will discuss how attackers are leveraging a gap in Office 365 best practices that allows undetected eavesdropping on victim’s emails.
When attackers gain control of an account in Office 365, one of the first steps they often take is to configure email forwarding in the compromised environment. Attackers configure email forwarding in order to see new emails that arrive in the victim’s inbox – which can be responses to attacker phishing attempts sent to the victim contacts. In order to disguise their presence, the attacker does not want the victim to see those emails.
Read More
