Hazy Issue in Entra ID Allows Privileged Users to Become Global Admins
Source: Dark Reading
An obscure issue with Microsoft's Entra ID identity and access management service could allow a hacker to access every corner of an organization's cloud environment. Crucially, the attack requires that a hacker already have access to an admin-level account. With that in hand, though, the possibilities are limitless.
2.9 billion hit in one of the largest data breaches ever — full names, addresses and SSNs exposed
Source: Tom's Guide
Regardless of how careful you are online, your personal data can still end up in the hands of hackers—and a new data breach that exposed the data of 2.9 billion people is the perfect example of this.
FBI Issues Warning As ‘Men In Black’ Hackers Demand $60 Million Ransom
Source: Forbes
An updated advisory from the FBI and the Cybersecurity and Infrastructure Security Agency has warned of the danger from a ransomware group that has demanded as much as $60 million from its victims, and a staggering total of $500 million so far. The criminal hackers concerned have rebranded from calling themselves Royal Ransomware to BlackSuit.
Microsoft 365 anti-phishing feature can be bypassed with CSS
Source: Bleeping Computer
Researchers have demonstrated a method to bypass an anti-phishing measure in Microsoft 365 (formerly Office 365), elevating the risk of users opening malicious emails. Specifically, the anti-phishing measure that can be hidden is the 'First Contact Safety Tip,' which warns email recipients on Outlook when they receive a message from an unfamiliar address.
Ransomware Leads to $30M in Lost Income at Sonic Automotive
Source: Data Breach Today
Ransomware attacks are continuing to take a bite out of corporate profits. On Monday, publicly traded Sonic Automotive told investors that a recent ransomware attack against one of its key service providers caused earnings per share to sink by a third during the quarter ending June 30.
Comments