Microsoft has revealed its plans to provide security and IT administrators using Defender for Office 365 with new filters that could find out which users and domains within their organizations were prone to impersonation attacks, according to BleepingComputer. Impersonation attacks take the form of email messages that closely resemble authentic users or domains to deceive targets into opening the emails. The new filters, called impersonated user and impersonated domain, enhance already existing measures in Defender for Office 365 for detecting impersonation attempts by allowing admins to specifically seek out users or domains that have been the targets of impersonation attacks. Security admins will find the new filters through the Impersonation insight pages and on a newly added Email Entity page. The new features are still works-in-progress, but Microsoft said during the reveal of its Microsoft 365 roadmap that they should be available to the public by the end of the month.
Jill Aitoro leads editorial for SC Media, and content strategy for parent company CyberRisk Alliance. She 20 years of experience editing and reporting on technology, business and policy.
Nearly $561,000 worth of Bitcoin, or less than a third of the demanded ransom, has already been sent by Tosan to IRLeaks' cryptocurrency wallet since both parties began negotiations in early August.
Attacks involved the creation of several ads redirecting to spoofed versions of Lowe's MyLowesLife employee portal in a bid to compromise credentials from current and former workers, according to a report from Malwarebytes Labs.
Intrusions leveraging the vulnerability have facilitated the distribution of not only the GOREVERSE reverse proxy server but also the Condi malware, the Mirai botnet variant Jenx, and four other cryptocurrency mining payloads.