Share this article
Latest news
With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low
Copilot in Outlook will generate personalized themes for you to customize the app
Microsoft will raise the price of its 365 Suite to include AI capabilities
Death Stranding Director’s Cut is now Xbox X|S at a huge discount
Outlook will let users create custom account icons so they can tell their accounts apart easier
Severe security breaches on Office 365 and Azure accounts
3 min. read
Published onMay 20, 2021
published onMay 20, 2021
Share this article
Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more
Key notes
There is no stopping the future and, as much as we all wanted a more futuristic way to store our data and conduct business, we have all become to fear how easy it is for it to be accessed by external entities.
The complexity of vastness of the storage clouds makes the detection and repelling of threatening events more and more difficult.
How can you tell if your security has been bypassed?
According to the specialists atVectra AI, there are a few signs that indicate the fact that security for our Microsoft 365 or Azure has been compromised.
External Teams access and non-authorized, suspicious mail forwarding should be the first red flags when it comes to your, or your company’s cloud security. This could easily mean that an attack has already begun.
Regularly checking what accounts are part of the team inOffice 365is an excellent way to make sure that an external account has been already added.
This type of activity could indicate that a malicious third party has added an account under their control.
Another sign that you should keep your eyes open for is risky Office 365 Exchange operations, which could point to an attacker that is controlling Exchange in order to gain access to specific data or further attack progression.
Also, peculiar Azure AD actions may imply that attackers are already escalating privileges and also performing admin-level operations, after the account takeover.
Office 365 accounts that are downloading or sharing files and folders at a volume that was higher than normal, which could indicate a third party is using either SharePoint, or OneDrive to download functions to exfiltrate data, is another sign.
Tell the difference between friend and foe
Taking into consideration the examples above, you can understand that every activity that is being detected isn’t necessarily of malicious nature, which is why it’s paramount to have the right data before we take action.
It’s all about being able to determine and, also, tell the difference between what’s considered to be normal activity for your environment and what could be a potential issue that needs to be addressed.
The securityissues that users deal with while using Office 365are many, which should be an even bigger reason to keep both eyes wide open when we feel something’s not right.
Have you ever felt like your Microsoft Cloud security has been hacked? Tell us all about it in the comments section below.
More about the topics:Microsoft Azure,Office 365
Alexandru Poloboc
Tech Journalist
With an overpowering desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter, anchor, as well as TV and radio entertainment show host.
A certified gadget freak, he always feels the need to surround himself with next-generation electronics.
When he is not working, he splits his free time between making music, gaming, playing football, basketball and taking his dogs on adventures.
User forum
0 messages
Sort by:LatestOldestMost Votes
Comment*
Name*
Email*
Commenting as.Not you?
Save information for future comments
Comment
Δ
Alexandru Poloboc
Tech Journalist
With a desire to always get to the bottom of things and uncover the truth, Alex spent most of his time working as a news reporter.
