The Latest in IT Security

Hackers have found a clever new way to steal your Microsoft 365 credentials

01
Apr
2022
Hackers have found a clever new way to steal your Microsoft 365 credentials

image credit: unsplash

Cybercriminals have started using Static Web Apps, an Azure service, in their phishing attacks against Microsoft 365 users.

Researchers from MalwareHunterTeam noted Static Web Apps have two features that are being abused with ease – custom branding for web apps, and web hosting for static content such as HTML, CSS, JavaScript, or images.

These features have been used by threat actors to host static landing phishing pages, the researchers are now saying. These landing pages look almost identical to official Microsoft services, with the company logo, and the Single SignOn (SSO) option that harvests Office 365, Outlook, or other credentials.

Read More

Comments are closed.

Categories

THURSDAY, DECEMBER 05, 2024
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments