How Microsoft Defender for Office 365 innovated to address QR code phishing attacks
This blog examines the impact of QR code phishing campaigns and the innovative features of Microsoft Defender for Office 365 that help combat evolving cyberthreats.
File hosting services misused for identity phishing
Since mid-April 2024, Microsoft has observed an increase in defense evasion tactics used in campaigns abusing file hosting services like SharePoint, OneDrive, and Dropbox. These campaigns use sophisticated techniques to perform social engineering, evade detection, and compromise identities, and include business email compromise (BEC) attacks.
New TTPs observed in Mint Sandstorm campaign targeting high-profile individuals at universities and research orgs
Since November 2023, Microsoft has observed a distinct subset of Mint Sandstorm (PHOSPHORUS) targeting high-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the United Kingdom, and the United States.
Financially motivated threat actors misusing App Installer
Since mid-November 2023, Microsoft Threat Intelligence has observed threat actors, including financially motivated actors like Storm-0569, Storm-1113, Sangria Tempest, and Storm-1674, utilizing the ms-appinstaller URI scheme (App Installer) to distribute malware.
Threat actors misuse OAuth applications to automate financially driven attacks
Microsoft Threat Intelligence presents cases of threat actors misusing OAuth applications as automation tools in financially motivated attacks.
Star Blizzard increases sophistication and evasion in ongoing attacks
Microsoft Threat Intelligence continues to track and disrupt malicious activity attributed to a Russian state-sponsored actor we track as Star Blizzard, who has continuously improved their detection evasion capabilities while remaining focused on email credential theft against targets.
Microsoft Defender for Office 365 gets highest rating in SE Labs Enterprise Email Security Services test for Q1 2023
In Q1 2023 Q1, Microsoft was once again part of an evaluation of email security platforms conducted by SE Labs. We are thrilled to announce that Microsoft Defender for Office 365 has once again received an AAA Protection Award, the highest possible that a vendor can achieve in this test.
Forrester names Microsoft a Leader in the 2023 Enterprise Email Security Wave
Microsoft Defender for Office 365 is recognized as a Leader in Forrester’s 2023 Enterprise Email Security Wave Report.
Detecting and mitigating a multi-stage AiTM phishing and BEC campaign
Microsoft Defender Experts observed a multi-stage adversary-in-the-middle (AiTM) and business email compromise (BEC) attack targeting banking and financial services organizations over two days. This attack originated from a compromised trusted vendor, involved AiTM and BEC attacks across multiple supplier/partner organizations for financial fraud, and did not use a reverse proxy like typical AiTM attacks.
Microsoft Secure: Explore innovations transforming the future of security
Microsoft Secure kicks off today with on-demand content available to those who register. We’ll share major innovations in AI, identity, and data protection to create a safer world for all.