PS5 details: Is there a risk that hackers will exploit them?
inet infosec

PS5 details: Is there a risk that hackers will exploit them?

Sony's game developer and creator, Mark Cerny, gave some details about the new PS5 console. In one...
Read More
infosec

Cisco warns of vulnerabilities in 9000 series routers

Cisco has released 31 security tips this week, but has focused users on "critical" patches for ...
Read More
infosec

HP: Adds the Sure Sense malware blocker to its new devices

HP announced a series of updates and new features for PCs, as well as the official HP release ...
Read More
infosec

Covering vacancies in hacker security

Incidents of online attacks are increasing day by day. Previously no such attention was paid. After the incident with the ...
Read More
infosec

Oracle: New Critical Patch Update fixes 297 vulnerabilities

Oracle releases a collection of patches for multiple critical security vulnerabilities. The update contains 297 new security fixes ...
Read More
Latest Posts

Hackers use IMAP and invade Office 365 & G Suite Cloud accounts

Based on the Proofpoint study, IMAP is the most maligned protocol - IMAP is the protocol that bypasses MFA and lock-out options for failed connections. These intelligent new violent force attacks bring a new approach to the traditional methods that used the combinations of usernames and passwords.

IMAP

Based on Proofpoint's analysis of over one hundred thousand unauthorized connections to millions of monitored cloud user accounts, we have the following conclusions:

  • 72% of accounts were at least one threat target
  • 40% had at least one compromised account in its environment
  • Approximately 2% of active user accounts were targeted by malicious entities
  • 15 from 10.000 active user accounts was successfully compromised by attackers

The ultimate goal of hacker is to start the internal electronic fishing (Phishing) and have a strong place within the organization. Internal fishing efforts are hard to spot in comparison to external.

Therefore, hackers try to access user cloud accounts and try to extend their intrusion through internal phishing.

Based on the Proofpoint analysis, most of the connection attempts come from Nigeria's IP addresses (40%), after China (26%) and other major sources are the United States, Brazil and South Africa.

The report shows that IMAP is the most maligned protocol and that IMAP-based attacks are higher in volumes from September 2018 to February 2019.

  • About 60% of his accounts Microsoft Office 365 and G Suite were targeted with IMAP attacks
  • Approximately 25% of Office 365 and G Suite users encountered a successful violation
  • The success rate of intruders in an account in a targeted organization ranged from 44%

Proofpoint researchers found that "over 31% of all cloud users suffered violations of successful spy campaigns."

How does Phishing Attack work?

Hackers endanger user cloud accounts and then send internal phishing emails from trusted bills for side moves. Threat carriers also use anonymization services such as VPN or Tor to hide their geographic location.

The attack has a higher percentage in educational institutions, especially in university and high school students. The target includes other industries such as retail, finance and technology.

The study shows that increasing the threat is a factor of increasing complexity with violent attacks aimed at the exposure of cloud accounts.

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *