A Microsoft O365 zero-day vulnerability has been reported by SCMagazine – and it’s being exploited across organizations of all sizes.
Delivery of malicious mails has long-been a prime method for initiating attacks on companies and individuals. Mails with malicious links trick users to access phishing websites or to download and run malicious content. Phishing attacks on cloud applications such as Office 365 are particularly dangerous: our incident response team reports that these attacks are extremely common, and often lead to users inadvertently surrendering their credentials to hackers. Once in possession of a user’s username and password, the attacker can perfectly impersonate a legitimate user on the corporate email. Such account takeovers allow attackers to trick corporate users into performing financial transactions on their behalf (typically transferring money or goods into the threat actor’s hands), to providing access to sensitive data, and to installing malware.