1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • More Microsoft 365 phishing attacks are using this dangerous new

    From TechnologyDaily@1337:1/100 to All on Fri May 26 16:30:03 2023
    More Microsoft 365 phishing attacks are using this dangerous new method - here's what you need to know

    Date:
    Fri, 26 May 2023 15:15:00 +0000

    Description:
    Another legitimate service is being abused to land malicious emails into your inbox.

    FULL STORY ======================================================================

    Modern-day phishing methods include abusing legitimate cloud services to bypass email security solutions and land a malicious email right into the victims inbox.

    In this latest example, cybersecurity researchers from Trustwave found a threat actor abusing Microsofts Rights Management Services (RMS) to deliver links to fake landing pages to their victims. The attacks are highly targeted and quite difficult to mitigate, the researchers are saying.

    In the attack, the threat actors will use a previously stolen email account
    to send a message to their victim. The message will contain an attachment created using the RSM service, meaning it will be encrypted and will carry
    the .RPMSG extension. Microsoft designed RSM to offer an additional layer of protection for sensitive files, by forcing readers to first authenticate. Stealing sensitive data

    The authentication can be done either using the Microsoft account, or via a one-time passcode.

    Once the users authenticate and be granted the ability to read the message, theyll be redirected to a fake SharePoint document hosted on Adobes InDesign service. The document holds a Click Here to View Document call-to-action, which brings the users to an empty page with a Loading message. This is
    merely a distraction, while a malicious script siphons sensitive data in the background.

    The data includes visitor ID, connect token and hash, video card renderer information, system language, device memory, hardware concurrency, installed browser plugins, browser window details, and OS architecture. Once this process is complete, the page will reload into a fake Microsoft 365 login
    form that steals the visitors login credentials and sends them to the attackers. Read more

    Dropbox wants to cut down on the number of apps you use at work


    Microsoft is bringing AI to Microsoft 365


    These are the best firewalls right now

    "Educate your users on the nature of the threat, and not to attempt to
    decrypt or unlock unexpected messages from outside sources," Trustwave said
    in its report.

    "To help prevent Microsoft 365 accounts being compromised, enable
    Multi-Factor Authentication (MFA)."

    Multi-factor authentication is not foolproof but does make the threat actors work a lot harder to gain access to their targets endpoints . Given that its quite simple to set up, MFA is praised in the cybersecurity community and is considered the industry standard. Here are the best malware removal tools around

    Via: BleepingComputer



    ======================================================================
    Link to news story: https://www.techradar.com/news/more-microsoft-365-phishing-attacks-are-using-t his-dangerous-new-method-heres-what-you-need-to-know


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)