all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Advisory: Persistent MFA Circumvention in an Advanced BEC Campaign on Microsoft 365 Targets

Add to bookmarks
c
Dec. 1, 2022, 1:22 a.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by Mitiga. Written by Mitiga's Research Team. Mitiga spotted a sophisticated, advanced business email compromise campaign, targeting Microsoft 365 organizations, leveraging inherent weaknesses in Microsoft 365 MFA, Microsoft Authenticator, and Microsoft 365 Identity Protection.These weaknesses effectively nullify the added security allegedly provided by multi-factor authentication (MFA), allowing for full compromise, even of accounts that have enabled MFA. BackgroundWe i...

advanced advisory bec campaign mfa microsoft microsoft 365 persistent

Visit resource

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl
Are You Ready for Microsoft Copilot? 15 hours ago | cloudsecurityalliance.org
ai chatbot chatbot copilot customers +13
Cl
Implementing a Data-Centric Approach to Security 15 hours ago | cloudsecurityalliance.org
access access governance can cto +13
Cl
Cloud Security Alliance (CSA) AI Summit at RSAC to Deliver Critical Tools to Help Meet … 2 days, 17 hours ago | cloudsecurityalliance.org
advice alliance april benefits +19
Cl
7 Common Causes of Data Breach: Safeguarding Your Digital Assets 2 days, 19 hours ago | cloudsecurityalliance.org
assets breach breaches connected +16
Cl
How to Set Your Small Privacy Team Up for Success 3 days, 18 hours ago | cloudsecurityalliance.org
data data protection legislation organizations +11
Cl
The Data Security Risks of Adopting Copilot for Microsoft 365 3 days, 18 hours ago | cloudsecurityalliance.org
ai assistant ai-powered assistant copilot +20
Cl
From gatekeeper to guardian: Why CISOs must embrace their inner business superhero 1 week, 1 day ago | cloudsecurityalliance.org
business ciso cisos firewalls +6
Cl
Cantwell Proposes Legislation to Create a Blueprint for AI Innovation and Security 1 week, 1 day ago | cloudsecurityalliance.org
cantwell chair commerce european union +13
Cl
Sealing Pandora's Box - The Urgent Need for Responsible AI Governance 1 week, 1 day ago | cloudsecurityalliance.org
ai governance attention box code +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Information Security Manager & ISSO

@ Federal Reserve System | Minneapolis, MN
View on infosec-jobs.com

Forensic Lead

@ Arete | Hyderabad
View on infosec-jobs.com

Lead Security Risk Analyst (GRC)

@ Justworks, Inc. | New York City
View on infosec-jobs.com

Consultant Senior en Gestion de Crise Cyber et Continuité d’Activité H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com
View more jobs