all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Odd Recent M365 Compromises

Add to bookmarks
Nov. 14, 2023, 9:24 p.m. | /u/reencrypt

cybersecurity www.reddit.com

Alright, I'm running into a wall and need some guidance.



We've had a few clients with M365 account compromises recently. Most, if not all have decent controls in place (MFA/Number Matching, Authenticator, GeoIp blocking, Legacy Auth disabled, etc).

Couple things to note:

First obvious suspicious sign-in are coming from within the United States. I tracked a few of the IPs to multiple VPN and/or proxy services, but a lot of them were Microsoft data centers.

The one compromise had …

account auth authenticator blocking clients coming controls cybersecurity disabled etc geoip guidance legacy m365 mfa running sign states things united united states

Visit resource

More from www.reddit.com / cybersecurity

Cisco reveals zero-day attacks used by hackers to attack government networks in major threat campaign an hour ago | www.reddit.com
attack attacks campaign cisco +7
Any Fortune 100 company go all in on Microsoft E5 Security Suite? 11 hours ago | www.reddit.com
all in cybersecurity defender defenders +12
Blueteam Certification like cybersecurity engineers 12 hours ago | www.reddit.com
architect blueteam certification certifications +12
Fake job interviews target developers with new Python backdoor 15 hours ago | www.reddit.com
backdoor cybersecurity developers fake +7
Passkeys: A Shattered Dream 16 hours ago | www.reddit.com
cybersecurity dream passkeys
Cyberattack Gold: SBOMs Offer an Easy Census of Vulnerable Software 16 hours ago | www.reddit.com
census cyberattack cybersecurity easy +4
Ukraine's military intelligence launches cyberattack against United Russia party 16 hours ago | www.reddit.com
cyberattack cybersecurity intelligence military +4
The XZ Utils Backdoor explained - Columbia University Lecture 18 hours ago | www.reddit.com
cybersecurity
Cybersecurity for Government 19 hours ago | www.reddit.com
budget corporate cybersecurity goals +8

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Open-Source Intelligence (OSINT) Policy Analyst (TS/SCI)

@ WWC Global | Reston, Virginia, United States
View on infosec-jobs.com

Security Architect (DevSecOps)

@ EUROPEAN DYNAMICS | Brussels, Brussels, Belgium
View on infosec-jobs.com

Infrastructure Security Architect

@ Ørsted | Kuala Lumpur, MY
View on infosec-jobs.com

Contract Penetration Tester

@ Evolve Security | United States - Remote
View on infosec-jobs.com

Senior Penetration Tester

@ DigitalOcean | Canada
View on infosec-jobs.com
View more jobs