cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion

SharePoint Online environment

Hi All

 

Rarely do we see reports on first of a kind attack, but here is one against SharePoint Online:

 

Your organisations attack surface just increased....

 

https://www.darkreading.com/cloud/researchers-report-first-instance-of-automated-saas-ransomware-ext...

 

Regards

 

Caute_Cautim

1 Reply
denbesten
Community Champion


... Not only was the breached [MS Global administrator] account accessible from the public Internet, it also did not have multi-factor authentication (MFA) enabled — something that most security experts agree is a basic security necessity, especially for privileged accounts....

I don't understand how compromised admin account is a first.

 

The amazing part to me is that a year or so ago, MS made MFA the default even for existing non-admin accounts, unless the customer had explicitly opted out.  So, this is not a case of somebody not having gotten the memo -- they shredded, burned and buried it.