Microsoft 365 Archives

Attackers exploit open redirect vulnerability on Amex and Snapchat sites

Cybersecurity Attacks, Phishing, Vulnerabilities & Exploits / Frank Crast / August 16, 2022 / Amex, Cybersecurity Threat Center, Docusign, FedEx, Google Workspace, INKY, Microsoft, Microsoft 365, phishing, redirect, Snapchat

Attackers have been exploiting a well-known open redirect vulnerability on American Express and Snapchat sites to phish for victim’s personal data.

Attackers exploit open redirect vulnerability on Amex and Snapchat sites Read More »

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks

Cybersecurity Attacks, Security Monitoring, System Hardening, Third-Party Security / Frank Crast / March 19, 2021 / Azure, CHIRP, IOC, M365, Microsoft 365, NSA, Orion, SolarWinds, Supply Chain

The DHS CISA cybersecurity team just released a new tool dubbed CHIRP, a forensics collection tool designed to help network defenders scan for indicators of compromise (IOCs) associated with the SolarWinds Orion and Active Directory/M365 compromise and cyberattacks.

CHIRP tool scans for signs of APT compromise associated with SolarWinds and Azure/M365 cyberattacks Read More »

FireEye publishes Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers

Cloud Security, Cybersecurity Attacks, Security Monitoring / Frank Crast / January 21, 2021 / Active Directory, Microsoft 365, SolarWinds, UNC2452

Security firm FireEye has published new Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers, also known as UNC2452.

FireEye publishes Microsoft 365 tools and hardening strategies to defend against SolarWinds attackers Read More »