Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082

Credit to Author: Katie McCafferty| Date: Sat, 01 Oct 2022 04:21:00 +0000

MSTIC observed activity related to a single activity group in August 2022 that achieved initial access and compromised Exchange servers by chaining CVE-2022-41040 and CVE-2022-41082 in a small number of targeted attacks.

The post Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082 appeared first on Microsoft Security Blog.

Read more

Malicious OAuth applications abuse cloud email services to spread spam

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Thu, 22 Sep 2022 16:00:00 +0000

Microsoft discovered an attack where attackers installed a malicious OAuth application in compromised tenants and used their Exchange Online service to launch spam runs.

The post Malicious OAuth applications abuse cloud email services to spread spam appeared first on Microsoft Security Blog.

Read more

Malicious OAuth applications used to compromise email servers and spread spam

Credit to Author: Microsoft 365 Defender Threat Intelligence Team| Date: Thu, 22 Sep 2022 16:00:00 +0000

Microsoft discovered an attack where attackers installed a malicious OAuth application in compromised tenants and used their Exchange servers to launch spam runs.

The post Malicious OAuth applications used to compromise email servers and spread spam appeared first on Microsoft Security Blog.

Read more