💼 Payroll Fraud Alert: Storm-2657 is targeting U.S. universities by compromising Workday accounts to redirect salaries.
Threats include phishing emails, MFA bypass, and stealth inbox rules to hide malicious activity.
🛡️ How is your organization defending SaaS HR systems?
💬 Share your defense tactics & follow @technadu for expert threat analysis.

#Cybersecurity #PayrollFraud #Workday #Infosec #MFA #Phishing #IdentitySecurity #SaaSAttacks #ThreatIntel #UniversitySecurity #CyberAwareness

The SaaS attack matrix we released as open source research project a couple weeks ago introduced some new SaaS attack methods for evading EDR and network monitoring tools.

👀 Here's a new demo combining two new SaaS attack techniques - poisoned tenants and SAMLjacking - to make a simple, but effective attack chain.

Link in the comments!

#SaaSSecurity #attacktechniques #saasattacks #redteam #pentester #blueteam

Link to article here: https://bit.ly/3YMCrhi