Please turn on your JavaScript for this page to function normally.
Microsoft
Microsoft confirms DDoS attacks against M365, Azure Portal

The Microsoft 365 and Azure Portal outages users experienced this month were caused by Layer 7 DDoS attacks, Microsoft has confirmed on Friday. The DDoS attacks against …

Microsoft 365
Phishers use encrypted file attachments to steal Microsoft 365 account credentials

Phishers are using encrypted restricted-permission messages (.rpmsg) attached in phishing emails to steal Microsoft 365 account credentials. “[The campaigns] are low …

Microsoft 365
Greatness phishing-as-a-service threatens Microsoft 365 users

Manufacturing businesses, healthcare organizations, and tech companies in English-speaking countries are the most targeted by phishers leveraging a relatively new …

OneNote
Microsoft to boost protection against malicious OneNote documents

Microsoft has announced that, starting in April 2023, they will be adding enhanced protection when users open or download a file embedded in a OneNote document – a known …

Microsoft Word
PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)

A PoC exploit for CVE-2023-21716, a critical RCE vulnerability in Microsoft Word that can be exploited when the user previews a specially crafted RTF document, is now publicly …

SaaS
Security teams have no control over risky SaaS-to-SaaS connections

Employees are providing hundreds to thousands of third-party apps with access to the two most dominant workspaces, Microsoft 365 and Google Workspace, according to Adaptive …

Microsoft 365
90% of organizations have Microsoft 365 security gaps

A recently published study evaluated 1.6 million Microsoft 365 users across three continents, finding that 90% of organizations had gaps in essential security protections. …

cloud hand
Cloud data protection trends you need to be aware of

Veeam Software released the findings of the company’s Cloud Protection Trends Report 2023, covering four key “as a Service” scenarios: Infrastructure as a Service (IaaS), …

Microsoft Dynamics 365
Attackers leverage Microsoft Dynamics 365 to phish users

Attackers are abusing Microsoft Dynamics 365 Customer Voice to evade email filters and deliver phishing emails into Microsoft users’ inboxes, Avanan researchers are …

security platform
SkyKick Security Manager enables ITSPs to manage Microsoft 365 security

SkyKick releases Security Manager to help IT partners better protect customers in the cloud and accelerate growth by reducing the cost and complexity of delivering security …

Microsoft 365
Many IT pros don’t think a ransomware attack can impact Microsoft 365 data

Nearly a quarter of businesses have suffered a ransomware attack, with a fifth occurring in the past 12 months, according to Hornetsecurity. The 2022 Ransomware Report, which …

How attackers abuse Microsoft MFA
How attackers use and abuse Microsoft MFA

Microsoft has been pushing for the use of multi-factor authentication (MFA) to thwart attackers for many years. But threat actors are keeping up with the increasing enterprise …

Don't miss

Cybersecurity news