[ Blog ] How to #backup #Microsoft Entra ID with Veeam
With latest versions of Veeam Backup & Replication it is possible to backup Microsoft Entra ID to enhance the protection of cloud services used by your Organization.
Microsoft Entra ID (formerly #Azure Active Directory) is Microsoft's cloud-based identity and access management service. It helps organizations manage user http://rviv.ly/qDANYE #entraid
Scammer abusing Microsoft's msonlineservicesteam@ for spam distribution
Microsoft의 '[email protected]' 이메일 주소가 스팸 배포를 위해 악용되고 있습니다. 공격자는 이메일 제목(Subject)에 악성 문구를 주입하여 합법적인 시스템 알림처럼 보이게 하며, 이는 Microsoft Entra ID 테넌트 브랜딩 기능의 취약점을 이용한 것으로 보입니다. 이 문제는 수개월간 지속되어 왔으며, Microsoft에 이미 보고되었으나 아직 근본적인 대응이 이루어지지 않은 상황입니다. 자동화된 알림 시스템에서 제목 커스터마이징 제한이 필요하다는 교훈을 줍니다.
Attached: 1 image ❗ We’ve observed a scammer clearly abusing Microsoft's 'msonlineservicesteam@microsoftonline[. ]com' for spam distribution. The header and message body appear completely legitimate - the abuse is happening through injection into the Subject: ✉️ Here's an example: "Your PayPal order for 0.0092 BTC ($699.99) is complete. Not you? Call +1 (803) 237-5050 account email verification code." At this point, it appears the attacker may have simply set the malicious text as either the account name or the organization name. This also appears to line up with what @[email protected] TechCrunch Security Editor identified last week: https://mastodon.social/@zackwhittaker/116562360000833298 ....although the activity we’re seeing appears to stretch back several months. Takeaway: automated notification systems should not allow this level of customization. Microsoft has been informed of this abusive activity. #ThreatIntel #Spam #InfoSec #CyberSecurity
[ Blog ] How to #backup #Microsoft Entra ID with Veeam
With latest versions of Veeam Backup & Replication it is possible to backup Microsoft Entra ID to enhance the protection of cloud services used by your Organization.
Microsoft Entra ID (formerly #Azure Active Directory) is Microsoft's cloud-based identity and access management service. It helps organizations manage user http://rviv.ly/qDANYE #entraid
📰 Nation-State Actors Weaponize Open-Source ROADtools for Azure Cloud Attacks, Bypassing MFA and Persisting in Networks
🚨 Cloud Attack Alert: Nation-states are weaponizing the open-source ROADtools framework to attack Azure environments. Unit 42 breaks down how they achieve persistence & bypass MFA. #ROADtools #Azure #CloudSecurity #EntraID
🌐 cyber[.]netsecops[.]io
🔗 https://cyber.netsecops.io/articles/roadtools-nation-state-tactics-in-the-cloud/?utm_source=mastodo…
Nation-State Actors Exploit ROADtools in Cloud Attacks
Cloud attackers are now leveraging ROADtools, a publicly available toolkit, to exploit vulnerabilities in cloud tenants, allowing them to persist, discover, and evade defenses with ease. This dual-use framework's ability to speak Entra ID and Microsoft Graph makes it a red flag for defenders to take notice.
#CloudAttacks #NationState #Roadtools #EntraId #MicrosoftGraph
Observed phishing campaign leveraging Gmail accounts to deliver emails containing only the password for a supposed “secure” PDF attachment.
Victim flow:
1. Email contains only the password for the attachment
2. Email also includes a PDF attachment
PDF contains a link redirecting to a fake secure document portal
3. User is prompted with Microsoft device login / OAuth-style authentication
4. Credential theft and session hijacking likely follow
Associated IOC domains:
* omegabearings[.]com
* vaisooru[.]com
* roufoka[.]com
Recommend:
• Block domains at DNS/proxy layers
• Hunt for related OAuth/device code login events
• Review Entra ID sign-in logs
• Reset sessions/tokens for impacted users
• Monitor for suspicious consent grants
#Phishing #CredentialPhishing #Microsoft365 #EntraID #AzureAD #OAuth #DeviceCodePhishing #ThreatIntel #IOC #BlueTeam #DFIR #SOC #CyberSecurity #ThreatHunting #Infosec #EmailSecurity #CTI #IncidentResponse
🚨 Empresas estão perdendo acesso ao Microsoft 365 por motivos absurdamente simples:
🔐 senha perdida
📵 MFA sem backup
❌ Authenticator removido
👨🏻💻 antigo TI sumiu
🚫 conta bloqueada
E aí… ninguém acessa e-mail, Teams ou SharePoint.
Tenho ajudado empresas a recuperar e reorganizar esses ambientes com segurança. 👨🏻💻☁️
#Microsoft365 #EntraID #MFA #TI #SuporteTI #CyberSecurity #MicrosoftTeams #ExchangeOnline #SharePointOnline
Tired of rigid policies that can’t keep up with modern threats? Entra ID’s Conditional Chaos Engine is here to shake things up, turning complex access requirements into a symphony of security and flexibility.
Read more 👉 https://lttr.ai/ArWOa
[ Blog ] How to #backup #Microsoft Entra ID with Veeam
With latest versions of Veeam Backup & Replication it is possible to backup Microsoft Entra ID to enhance the protection of cloud services used by your Organization.
Microsoft Entra ID (formerly #Azure Active Directory) is Microsoft's cloud-based identity and access management service. It helps organizations manage user http://rviv.ly/qDANYE #entraid
Paolo Valsecchi
sayzard
CyberNetsecIO
Analyst207
laztname
Mauricio Cassemiro
M365Show
wendythedruid