Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Microsoft 365

Microsoft 365 Backup: A Step-by-Step Guide with BDRSuite

BDRSuite for Microsoft 365 offers a comprehensive and cost-effective Office 365 backup solution to protect your Microsoft 365 data and ensure business continuity. BDRSuite provides seamless and automated backups of Microsoft 365 user data, flexible backup configuration options, multiple recovery options, and user-friendly interface.#microsoft #office365 #databackup #dataprotection #datarecovery #disasterrecovery.

Microsoft 365 Beginners Guide for IT Administrators

Since the outbreak of the global pandemic, demand for cloud SaaS has skyrocketed. For businesses looking for cloud productivity, communication, and collaboration, Microsoft 365 is a popular choice. This e-book contains all of the information about Microsoft 365 and serves as a guide for IT administrators who want to learn more about it. You'll learn more about creating an account, starting a new subscription, renewing an existing subscription, and the different editions available.

Detecting anomalous O365 logins and evasion techniques

Businesses across multiple industries, regardless of size, are at risk of being targeted with Microsoft 365 phishing campaigns. These campaigns trick users into visiting fake Microsoft login page where threat actors capture the user’s credentials. Even accounts with MFA can be victim to these types of attacks. There are several ways in which MFA is being bypassed with these types of campaigns.

Hunting M365 Invaders: Navigating the Shadows of Midnight Blizzard

On January 19, Microsoft issued an advisory disclosing a cybersecurity incident targeting their M365 tenants and attributing the attack to Midnight Blizzard, a state-sponsored actor also known as Nobelium and APT29. Following this, on January 24, the Microsoft team expanded on the initial announcement with a comprehensive blog post providing more insights about the attack and outlining specific tactics, techniques and procedures leveraged by the threat actor.

Cloud Threats Memo: Back to the Basics: New DarkGate Campaign Exploiting Microsoft Teams

DarkGate is a commodity malware with multiple features including the ability to download and execute files to memory, a hidden virtual network computing (HVNC) module, keylogging, information-stealing capabilities, and privilege escalation.

New Phishing-As-A-Service Kit with Ability to Bypass MFA Targets Microsoft 365 Accounts

A phishing-as-a-service platform called “Greatness” is facilitating phishing attacks against Microsoft 365 accounts, according to researchers at Sucuri. “Greatness operates as a Phishing as a Service (PhaaS) platform, providing a number of features and components for bad actors to conduct their phishing attacks against Microsoft 365 accounts,” the researchers write. “URLScan results show thousands of affected pages related to this kit.

Microsoft Teams: The New Phishing Battlefront - How Attackers Are Exploiting Trusted Platforms

Attackers are abusing Microsoft Teams to send phishing messages, according to researchers at AT&T Cybersecurity. “While most end users are well-acquainted with the dangers of traditional phishing attacks, such as those delivered via email or other media, a large proportion are likely unaware that Microsoft Teams chats could be a phishing vector,” the researchers write.

The Power of 11:11 Cloud Backup for Microsoft 365, Now in Australia!

In today’s dynamic IT landscape, safeguarding your data — no matter where it lives — is non-negotiable. Doing so, however, is much easier said than done. Success requires the diligence to look under every rock for vulnerabilities and gaps in retention, even (and especially) in places you wouldn’t expect. Take Microsoft 365, for example. It’s no secret that it has changed productivity in the workplace forever.

Trustwave SpiderLabs Detects Spike in Greatness Phishing Kit Attacks on Microsoft 365 Users

Trustwave SpiderLabs is tracking a spike in usage of the Greatness phishing kit to attack Microsoft 365 users to distribute malicious HTML attachments that steal login credentials. Greatness is a phishing-as-a-service platform developed by a threat actor known as "fisherstell," and has been available since mid-2022 that provides a ready-made infrastructure and tools for anyone to launch phishing campaigns charging $120 per month in Bitcoin.