Hackers being resilient

Hackers being resilient

Why steal cookies when you can take the whole cookie jar?

One of our Service Provider partners has just informed us that one of their clients (who is now going to undertaking an ICTAA accreditation) was hacked this morning, the service provider has confirm that their client was using weak passwords which were brute-forced or simply guessed, one of their Office 365 admin accounts was compromised, what was alarming was the hacker didn’t send any fake emails or even try to delete any data, instead they created a Forward All Email Rule, plus added another mail connector and also a sweep rule to move all email messages to an RSS feed, which allowed them to monitor and receive a copy of every email within the tenancy using 3 different methods, needless to say this was a very well throughout and executed attack, a less experienced O365 engineer might of overlook all 3 methods employed by the hacker.

Stay vigilant out there!

Share this post

Leave a Reply