Malicious Office 365 Apps Are the Ultimate Insiders

Credit to Author: BrianKrebs| Date: Wed, 05 May 2021 12:27:50 +0000

Phishers targeting Microsoft Office 365 users increasingly are turning to specialized links that take users to their organization’s own email login page. After a user logs in, the link prompts them to install a malicious but innocuously-named app that gives the attacker persistent, password-free access to any of the user’s emails and files, both of which are then plundered to launch malware and phishing scams against others.

Read more

When contractors attack: two years in jail for vengeful IT admin

Credit to Author: Pieter Arntz| Date: Tue, 23 Mar 2021 20:26:00 +0000

An IT contractor has been handed a two year jail term after he deleted over 80% of his client’s Microsoft Office 365 accounts.

Categories: Awareness

Tags:

(Read more…)

The post When contractors attack: two years in jail for vengeful IT admin appeared first on Malwarebytes Labs.

Read more

When contractors attack: two years jail for vengeful IT admin

Credit to Author: Pieter Arntz| Date: Tue, 23 Mar 2021 20:26:00 +0000

An IT contractor has been handed a two year jail term after he deleted over 80% of his client’s Microsoft Office 365 accounts.

Categories: Awareness

Tags:

(Read more…)

The post When contractors attack: two years jail for vengeful IT admin appeared first on Malwarebytes Labs.

Read more

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

Credit to Author: BrianKrebs| Date: Fri, 28 Jun 2019 18:01:53 +0000

It might be difficult to fathom how this isn’t already mandatory, but Microsoft Corp. says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Microsoft Azure and Office365 accounts to use multi-factor authentication. The move comes amid a noticeable uptick in phishing and malware attacks targeting CSP employees and contractors.

Read more

When Identity Thieves Hack Your Accountant

Credit to Author: BrianKrebs| Date: Wed, 11 Apr 2018 18:11:26 +0000

The Internal Revenue Service has been urging tax preparation firms to step up their cybersecurity efforts this year, warning that identity thieves and hackers increasingly are targeting certified public accountants (CPAs) in a bid to siphon oodles of sensitive personal and financial data on taxpayers. This is the story of a CPA in New Jersey whose compromise by malware led to identity theft and phony tax refund requests filed on behalf of his clients.

Read more