⚠️ TeamFiltration, a legitimate pen-test tool, is being used to hack Microsoft Teams, Outlook, and OneDrive.
🧑💻 UNK_SneakyStrike targeted 80K+ accounts without phishing, exploiting tokens and OneDrive backdoors.
🛡️ We detect and stop these threats.
#MicrosoftSecurity #TeamsHack #Token #M365Security
🔐 Conditional Access Templates bringen 2025 Zero‑Trust in Minutenschnelle. Microsoft‑managed Policies stoppen Legacy Auth & Device‑Code‑Flows automatisch.
👉 Erfahre, was es mit den neuen Richtlinien auf sich hat!
@volexity recently identified multiple Russian threat actors targeting users via #socialengineering + #spearphishing campaigns with Microsoft 365 Device Code authentication (a well-known technique) with alarming success: https://www.volexity.com/blog/2025/02/13/multiple-russian-threat-actors-targeting-microsoft-device-code-authentication/
Phishing attacks are getting smarter, but you can stay ahead. In the final part of Rachel Rabin’s blog series, find practical advice to spot and stop email threats in Microsoft 365: https://www.pentestpartners.com/security-blog/bec-ware-the-phish-part-3-detect-and-prevent-incidents-in-m365/
Here’s what’s inside:
🔍Understanding how phishing emails bypass existing controls and fine-tune your anti-malware policies.
📊 Configure Defender for Office and Defender for Cloud Apps with customised threat and alert policies to effectively prevent and detect email-based attacks.
⚡ Go beyond default settings—use KQL to identify noisy policies and refine rule scope or sensitivity for better precision.
#PhishingPrevention #EmailSecurity #Microsoft365 #CyberThreats #CyberSecurityTips #StaySecure #PhishingAwareness #M365Security #CyberResilience #SpotThePhish
In Part 2 of our BEC-ware the Phish blog series, Rachel Rabin dives into the crucial steps for responding to and remediating Business Email Compromise (BEC) incidents in M365. 💻
We'll delve into the key response actions to contain a live attacker, looking at the complexities of token revocation and password resets in hybrid environments.
An effective response requires a proactive setup. Implement pre-configured response accounts and automation to take actions consistently and without delay.
Short-term remediations help get back to business as usual, and our long-term suggestions will protect against future phishing attacks.
We'll explore hardening measures such as Conditional Access policies, phishing-resistant authentication, token protections, and app consent policies to protect against AiTM and OAuth phishing frameworks.
Lastly, we'll look at dedicated controls to protect privileged accounts from phishing, such as cloud-only identity for cloud administrative activities.
Get the full technical breakdown in the latest blog: https://www.pentestpartners.com/security-blog/bec-ware-the-phish-part-2-respond-and-remediate-incidents-in-m365/
#CyberSecurity #BusinessEmailCompromise #M365Security #PhishingProtection #InfoSec #CloudSecurity #ZeroTrust #TechCommunity
Bouncing back to this place after a bit of time away.
Wrote a blog article earlier this week on #paw - not the kind cats have.
#entra #entraid #aad #azuread #azure #m365security #infosec #identity
https://ericonidentity.com/2023/07/17/protect-your-privilege-with-paw/
