Office 365 Archives - Help Net Security

Office 365

Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts

January 31, 2023

Malicious third-party OAuth apps with an evident “Publisher identity verified” badge have been used by unknown attackers to target organizations in the UK and …

Unwanted emails steadily creeping into inboxes

November 14, 2022

A research from Hornetsecurity has revealed that 40.5% of work emails are unwanted. The Cyber Security Report 2023, which analysed more than 25 billion work emails, also …

Weakness in Microsoft Office 365 Message Encryption could expose email contents

October 14, 2022

WithSecure researchers are warning organizations of a security weakness in Microsoft Office 365 Message Encryption (OME) that could be exploited by attackers to obtain …

Office exploits continue to spread more than any other category of malware

September 29, 2022

The latest Internet Security Report from the WatchGuard Threat Lab shows a reduction in overall malware detections from the peaks seen in the first half of 2021, along with an …

Escanor malware delivered in weaponized Microsoft Office documents

August 22, 2022

Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 500 worldwide, identified a new RAT (Remote Administration Tool) advertised in Dark Web and Telegram …

How to prepare your organization for a Slack or Office 365 breach

July 18, 2022

Whether it’s Slack or Office 365, communication and workflow apps are an essential tool for organizations to collaborate efficiently regardless of geography. However, using …

Phishers steal Office 365 users’ session cookies to bypass MFA, commit payment fraud

July 13, 2022

A massive phishing campaign has been targeting Office 365 (i.e., Microsoft 365) users in over 10,000 organizations since September 2021 and successfully bypassing multi-factor …

Fake voicemail notifications are after Office365, Outlook credentials

June 21, 2022

A phishing campaign using fake voicemail notifications has been and is still targeting various US-based organizations, in an attempt to grab employees’ Office365 and …

Attackers connect rogue devices to organizations’ network with stolen Office 365 credentials

January 27, 2022

Attackers are trying out a new technique to widen the reach of their phishing campaigns: by using stolen Office 365 credentials, they try to connect rogue Windows devices to …

Phishers are targeting Office 365 users by exploiting Adobe Cloud

January 13, 2022

Phishers are creating Adobe Creative Cloud accounts and using them to send phishing emails capable of thwarting traditional checks and some advanced threat protection …

Armorblox email security platform integrates with Microsoft Sentinel to help stop email-based BEC

November 21, 2021

Armorblox announced that it has joined the Microsoft Intelligent Security Association (MISA), a coalition of independent software vendors and managed security service …

Microsoft launches Privacy Management for Microsoft 365

October 20, 2021

Microsoft has made available Privacy Management for Microsoft 365, a new AI-based solution to help enterprises manage data privacy risks and build a privacy resilient …

Office 365

Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts

Unwanted emails steadily creeping into inboxes

Weakness in Microsoft Office 365 Message Encryption could expose email contents

Office exploits continue to spread more than any other category of malware

Escanor malware delivered in weaponized Microsoft Office documents

How to prepare your organization for a Slack or Office 365 breach

Phishers steal Office 365 users’ session cookies to bypass MFA, commit payment fraud

Fake voicemail notifications are after Office365, Outlook credentials

Attackers connect rogue devices to organizations’ network with stolen Office 365 credentials

Phishers are targeting Office 365 users by exploiting Adobe Cloud

Armorblox email security platform integrates with Microsoft Sentinel to help stop email-based BEC

Microsoft launches Privacy Management for Microsoft 365

Don't miss

Google extends passkeys to Google Workspace accounts

MOVEit Transfer zero-day was exploited by Cl0p gang (CVE-2023-34362)

Surveilling your employees? You could be putting your company at risk of attack

9 free cybersecurity whitepapers you should read

How fraudsters undermine text passcodes