Tuesday, January 26, 01:54
Home security Microsoft Office 365 is becoming a more common target for hackers

Microsoft Office 365 is becoming a more common target for hackers

The use of Microsoft Office 365 is constantly increasing and the huge amount of data stored in in cloud becomes a very tempting goal for them hackers according to the FireEye Mandiant.

Office 365

Such as said ο Doug Bienstock, chief security consultant at Mandiant “the amount of data in Office 365 is just huge and intruders are obviously interested in data. "But they can also access this data from almost anywhere in the world."

"Office 365 is also a gateway for organizations to access other applications as a unique connectivity platform," Bienstock explained.

Usually hackers have no difficulty accessing systems an organization. So they can find email lists of employees of a company and try to carry out brute-force attacks to crack any common or weak passwords.

"The attacker will receive these valid credentials, will be connected to VPN and will enter the network with the intention of increasing its privileges in a global Office 365 δια administrator account, said Josh Madeley, Mandiant's chief security consultant.

It is believed that the vast majority of state-backed APTs are interested in developing this type of attack. However, the one that is definitely interested is APT35, a team hacking from Iran, which is "notorious" for exploiting cloud services to gain access to the sensitive information it wants.

Hackers are not trying to exploit a vulnerability in Office 365. But the way companies and users secure Office 365 could be improved to protect themselves from such attacks. The first step that organizations can take to prevent attacks is to ensure that they do not use common or passwords that are easy to guess.

Agencies also need to ensure that multi-agent authentication is applied to as many employee accounts as possible, so in the event of password theft or breach, there is an extra level of defense to stop attacks. It is also recommended that organizations take the time to understand the activity in their networks, so that suspicious activity can be detected and stopped before it causes significant damage.


Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement



COVID-19 vaccines: Ways to protect supply chains

The development of vaccines for COVID-19 in such a short period of time has created many challenges and these are not only related to ...

How do insurance companies "enhance" ransomware attacks?

Ransomware attacks have increased significantly, with experts warning that their victims should not pay ransom to hackers ....

Russia: "US may be planning retaliation for SolarWinds hack"!

The Russian government warns the country's organizations about possible cyber attacks that the US may carry out, as "retaliation" for the hack ...

iPhone: How to see which apps have access to your contacts

Some iPhone privacy issues go deeper than accessing your contacts list, which exposes your contacts to ...

COVID-19: Google makes vaccination clinics available

Google CEO Sundar Pichai said Monday that the company will make its facilities available to become clinics ...

Netflix offers "studio quality" audio upgrade on Android

Do not be surprised if Netflix sounds better the next time you run a marathon with rows on your Android phone ...

Will Bitcoin return to $ 40.000? There is concern!

Bitcoin lovers who take his return above the level of $ 40.000 for granted have been worried because the demand ...

Avaddon ransomware: Its operators threaten with DDoS attacks to get ransom!

Lately, more and more ransomware gangs tend to threaten their targets with DDoS attacks in order to secure profits ....

Volunteer firefighters will be trained through VR simulation

Volunteer firefighters in the Australian state of Victoria will soon have access to the virtual reality (VR) training that will be available in ...

Tesla: Accuses its former employee of stealing her confidential data!

On January 23, Tesla sued former employee Alex Khatilov for stealing 26.000 confidential documents, including trade secrets. The software ...