News

Latest news about B2B cyber security >>> PR agencies: add us to your mailing list - see contact! >>> Book an exclusive PartnerChannel for your news!

Tag: accounts

Storm-1152: Microsoft defends itself with domain deletions 
20 December 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Microsoft is using domain deletions to stop the activities of the Storm-1152 group, which sells fraudulent Microsoft accounts and security circumvention tools. 750 million Microsoft accounts have already been put up for sale, bringing the group millions in revenue. Storm-1152 operates illegal websites and social media pages and sells fraudulent Microsoft accounts and identity verification software bypass tools on popular technology platforms. These services reduce the amount of time and effort criminals need to commit a variety of criminal and abusive behaviors online. To date, Storm-1152 has put around 750 million fraudulent Microsoft accounts up for sale, making…

Read more

PayPal: Hacker access to almost 35.000 accounts
3. February 2023
| No comments
| Short news
B2B Cyber ​​Security ShortNews

According to various media, hackers had access to almost 35.000 PayPal accounts. The provider was not hacked, but the accounts were compromised via credential stuffing. This means that users were too lazy to use different passwords, didn't replace their leaked passwords and didn't use 2-factor authentication. The passwords were then simply tried out successfully by the hackers at PayPal. A successful hack and the stupidity of users are often confused. To access the PayPal accounts, the hackers filtered customer details and passwords from various other hacks of companies or password database providers and linked them to the…

Read more

Cloud Exchange: Accounts without MFA abused for spam
10 October 2022
| No comments
| Short news
B2B Cyber ​​Security ShortNews

Microsoft reports on analyzed attacks on cloud exchange. Attackers penetrated the cloud exchange accounts using credential stuffing, known passwords from previous data breaches – all without multi-factor authentication (MFA). Then everything was set up for mass spamming via these accounts. Microsoft researchers recently investigated an attack in which malicious Open Authorization (OAuth) applications were deployed on compromised cloud tenants and then used to control Exchange Online settings and spread spam. The investigation found that the threat actor launched credential stuffing attacks against high-risk accounts that didn't have multi-factor authentication (MFA) enabled, and…

Read more

This is how employees do not become an insider threat
30 January 2022
| No comments
| PR News

Cyber ​​criminals are increasingly using phishing campaigns to attack cloud offerings such as Office 365. A compromised account belonging to an insider is worth its weight in gold for them, as it not only allows them to read emails, but also access connected services – and launch further attacks. NTT Ltd. explains how businesses should respond to the threat of phishing. With several million active company users every day, cloud offerings such as Office 365 are becoming increasingly attractive for cybercriminals: They can use the attack techniques and tools developed for several attack targets, i.e. companies. In addition, because of the abundance of data, cloud accounts and the services associated with them are…

Read more

© 2024 MedPressIT GbR
Cookie Settings