Tag: Microsoft 365
Cybersecurity Threat Advisory: EvilTokens targets Microsoft 365
Recent research describes a phishing kit called EvilTokens. It is actively targeting organizations in the U.S. and Europe, especially those in finance and other high-value sectors. Barracuda recommends deploying browser-aware phishing analysis and strengthening Microsoft 365 OAuth and device-code controls....
Threat Spotlight: Unpacking a stealthy new phishing kit targeting Microsoft 365
In this edition of the Threat Spotlight we see that Phishing-as-a-Service (PhaaS) platforms dominate the email threat landscape. The most prominent are sophisticated, well-resourced platforms offering tools, infrastructure, and support in return for payment or a share of the profits....
The power of hosted remote desktops for MSPs
In my last piece, I discussed how using hosted remote desktops can minimize risks should a major incident occur. Beyond reducing risks, the use of remote desktops provides a lot more than just basic access capabilities. Reduce helpdesk calls and...
Cybersecurity Threat Advisory: Microsoft 365 functionality vulnerability
Security researchers recently found an existing file version control functionality in Microsoft 365 and Office 365 enables threat actors to encrypt files stored with ransomware. The process used to encrypt these files can make them unrecoverable when proper backup is not...
