KnowBe4 - Russian Hackers Breached Government Agencies' MFA Using Microsoft Teams: Is Your Business Next?

Microsoft's recent blog post raised eyebrows through the cybersecurity community. State-backed hackers linked to Russia, known as APT29 or Cozy Bear, have executed “highly targeted” phishing attacks through Microsoft's Teams platform. These are the same hackers behind the historic SolarWinds hack in 2020 and the 2016 breach of the Democratic National Committee.

The method was both sophisticated and alarmingly simple. By compromising Microsoft 365 accounts owned by small businesses, the hackers created domains to deceive their targets through Microsoft Teams messages. They engaged users and elicited approval of MFA prompts, bypassing what is usually considered a robust security measure. 



from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/russian-hackers-breached-government-agencies-mfa-using-microsoft-teams-is-your-business-next

Comments

Popular posts from this blog

Krebs - NY Charges First American Financial for Massive Data Leak

KnowBe4 - Scam Of The Week: "When Users Add Their Names to a Wall of Shame"