Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Caute_cautim
Community Champion
‎06-17-2023 02:34 AM
‎06-17-2023 02:34 AM

SharePoint Online environment

Hi All

 

Rarely do we see reports on first of a kind attack, but here is one against SharePoint Online:

 

Your organisations attack surface just increased....

 

https://www.darkreading.com/cloud/researchers-report-first-instance-of-automated-saas-ransomware-ext...

 

Regards

 

Caute_Cautim

Reply
0 Kudos
1 Reply
denbesten
Community Champion
‎06-17-2023 04:46 PM
‎06-17-2023 04:46 PM

... Not only was the breached [MS Global administrator] account accessible from the public Internet, it also did not have multi-factor authentication (MFA) enabled — something that most security experts agree is a basic security necessity, especially for privileged accounts....

I don't understand how compromised admin account is a first.

 

The amazing part to me is that a year or so ago, MS made MFA the default even for existing non-admin accounts, unless the customer had explicitly opted out.  So, this is not a case of somebody not having gotten the memo -- they shredded, burned and buried it.

Reply