Tag: microsoft 365
58 articles

FBI Warns of Kali365 Phishing Service Targeting Microsoft 365 Accounts
Beware of Kali365, a sneaky phishing service that's hijacking Microsoft 365 accounts by exploiting a legitimate authentication flow - and it's happening fast, with the platform emerging as recently as April 2026. This clever trick uses a short code to trick victims into handing over control of their accounts.

FBI Warns of Kali365 Phishing Kit's OAuth Token Heist
The FBI has sounded the alarm on Kali365, a phishing-as-a-service platform that's making it easy for even novice hackers to steal Microsoft 365 login credentials and bypass security measures like multifactor authentication. This subscription-based service, mainly spread through Telegram, provides attackers with AI-generated phishing lures, campaign templates, and real-time tracking tools to target individuals and organizations.

FBI Warns of Kali365 Phishing Kit Targeting Microsoft 365 Users
The FBI is sounding the alarm on Kali365, a phishing kit that makes it easy for attackers to target Microsoft 365 users with AI-generated scams, automated templates, and real-time tracking. This powerful tool is lowering the bar for cybercriminals, allowing less tech-savvy attackers to launch sophisticated phishing campaigns.

Microsoft Abuses Self-Service Password Reset in Azure Data Theft Attacks
Microsoft warns that hackers are using clever social engineering tactics and exploiting self-service password reset features to drain sensitive data from high-value Azure assets. By tricking users into approving multi-factor authentication prompts, attackers can gain access to production Microsoft 365 and Azure environments.

OAuth Grants Expose Hidden Risk Below MFA Perimeter
In just five weeks, a phishing-as-a-service platform called EvilTokens compromised over 340 Microsoft 365 organizations across five countries by exploiting a clever trick: instead of stealing passwords, it convinced users to hand over OAuth refresh tokens, granting attackers long-term access to sensitive data like mailboxes, drives, and calendars. This sneaky tactic allowed hackers to bypass traditional security measures, including multi-factor authentication.

Tycoon2FA Exploits Microsoft 365 with Device-Code Phishing
Beware of Tycoon2FA's sneaky phishing tactics: victims are tricked into granting OAuth tokens to attackers through Microsoft's own device-login flow after clicking a malicious link. This comeback kid of a phishing kit has bounced back from a March disruption, now with added layers of obfuscation to evade detection.

Hackers Exploit Microsoft 365 Mailbox Rules to Conceal Post-Breach Activity
Hackers are exploiting a sneaky vulnerability in Microsoft 365 mailbox rules to hide their tracks, siphon sensitive data, and maintain a backdoor into compromised accounts. This stealthy tactic allows attackers to fly under the radar, making it even harder to detect and stop them.

Law Enforcement Disrupts APT28's Router DNS Hijack Operation
In a major breakthrough, an international coalition of law enforcement authorities and private companies has successfully disrupted a sneaky DNS hijack operation by APT28, known as FrostArmada, that targeted home network routers to steal Microsoft account credentials. This operation thwarted the hackers' plan to intercept traffic and harvest cloud account keys, protecting countless individuals from potential cyber threats.

Iranian Hackers Launch Sustained Password-Spraying Attack on Israeli Microsoft 365 Users
Iranian hackers have launched a relentless password-spraying attack on hundreds of Israeli Microsoft 365 users, sparking urgent concerns about the security of cloud inboxes in the midst of a regional conflict. This ongoing campaign, attributed to an Iran-linked threat actor, has already targeted over 300 organizations in Israel and the UAE.

Iran Launches Alarming Password-Spraying Attacks on M365 Accounts
As Iran's missile strikes leave destruction in their wake, a stealthier threat is emerging: coordinated password-spraying attacks targeting Microsoft 365 accounts of municipal authorities in the region. This sinister campaign seems to be exploiting the chaos, striking when defenses are down.

Phishing Attacks Exclusive: Critical Risk to Microsoft 365
Think an email from your CEO is safe? Microsoft 365 phishing campaigns now use cloud misconfigurations and device-code tricks to make external messages look internal and steal authentication tokens or MFA codes.

Microsoft 365 Education Risky: Stunning GDPR Alert
An Austrian regulator has ruled Microsoft 365 Education illegally tracked pupils, a landmark GDPR decision that could force cloud giants to adopt privacy-by-default settings and clarify who’s truly responsible for protecting kids’ data. Parents and schools deserve tools that safeguard students without breaking classroom tech.

cloud collaboration: Must-Have Best Practices to Avoid Risk
Cloud collaboration makes teamwork effortless — and oversharing dangerously easy; learn practical, friendly best practices to keep files moving fast while cutting exposure, from short-lived links and MFA to data stewardship and automated audits.

RaccoonO365 Disrupted: Critical, Must-Have Security Win
Microsoft just dismantled RaccoonO365, seizing 338 fake login sites that had harvested at least 5,000 Microsoft credentials — a big win that cuts off a major phishing operation and a wake-up call to harden your accounts.

AI Governance for SaaS Security Leaders: Essential Insights
As generative AI seamlessly integrates into SaaS platforms, security leaders face a pivotal challenge: balancing transformative efficiency gains with the urgent need for robust AI governance to protect sensitive data and manage emerging risks.

Microsoft: Exchange Server Subscription Edition now available
Discover Microsoft Exchange Server Subscription Edition, now available! Enhance your email experience with new features and improved security.

Microsoft 365 ‘Direct Send’ Exploited for Internal Phishing Attacks
Learn how Microsoft’s 365 ‘Direct Send’ feature is exploited in internal phishing attacks, compromising security and user trust within organizations.

Microsoft 365 to Default Block File Access Through Legacy Authentication Protocols
Microsoft 365 now defaults to block file access via legacy authentication protocols, enhancing security and protecting user data from vulnerabilities.

Microsoft addresses authentication issues affecting Microsoft 365 users
Microsoft resolves authentication issues affecting Microsoft 365 users, enhancing security and streamlining access for improved reliability.

Microsoft 365 Copilot Zero-Click Vulnerability Sparks Corporate Data Theft Concerns
Microsoft 365 Copilot zero-click vulnerability triggers corporate data theft risks, prompting urgent action to secure sensitive enterprise information.

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
Zero-click AI vulnerability in Microsoft 365 Copilot exposes sensitive data without any user interaction, risking unauthorized breaches.

Zero-click AI data leak flaw uncovered in Microsoft 365 Copilot
Zero-click AI leak flaw in Microsoft 365 Copilot risks exposing sensitive data. Learn how this security issue could compromise privacy.

CISA Warns SaaS Providers as Commvault Zero-Day Puts Azure at Risk
CISA warns SaaS providers about a critical Commvault zero-day exposing Azure to security risks. Stay informed on emerging threats.

CISA Alerts on Rising SaaS Threats Exploiting Application Secrets and Cloud Misconfigurations
CISA alerts on rising SaaS threats exploiting application secrets and cloud misconfigurations. Boost security measures to protect digital assets and data.