Microsoft 365 - Cybersec Sentinel

Microsoft 365

A collection of 2 posts

The Growing Risk of Sneaky 2FA for Microsoft and Gmail Accounts

The Growing Risk of Sneaky 2FA for Microsoft and Gmail Accounts

Threat Group: Sneaky Log Threat Type: Phishing-as-a-Service (PhaaS) Platform Exploited Vulnerabilities: Two-Factor Authentication (2FA) Mechanisms, User Trust Malware Used: Sneaky 2FA Phishing Kit Threat Score: High (8.5/10) – Due to its sophisticated methods to bypass 2FA and widespread targeting of essential communication platforms. Last Threat Observation: January 18, 2025

FlowerStorm Phishing Service Gains Traction After Rockstar2FA Shutdown

FlowerStorm Phishing Service Gains Traction After Rockstar2FA Shutdown

Threat Group: FlowerStorm Threat Type: Phishing-as-a-Service (PhaaS) Exploited Vulnerabilities: User credentials and session cookies Malware Used: FlowerStorm phishing kit Threat Score: High (8.5/10) – Due to its capability to bypass multi-factor authentication (MFA) and widespread targeting of Microsoft 365 users. Last Threat Observation: December 20, 2024 Overview The cybersecurity