Microsoft Security Report Points to Basic Authentication as Root of BEC Attacks

%3CLINGO-SUB%20id%3D%22lingo-sub-2457359%22%20slang%3D%22en-US%22%3EMicrosoft%20Security%20Report%20Points%20to%20Basic%20Authentication%20as%20Root%20of%20BEC%20Attacks%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2457359%22%20slang%3D%22en-US%22%3E%3CP%3EThe%20need%20to%20remove%20basic%20authentication%20from%20Exchange%20Online%20is%20underlined%20by%20a%20June%2014%20report%20from%20the%20Microsoft%20Threat%20Intelligence%20Center%20pointing%20to%20how%20attackers%20compromise%20mailboxes%20using%20antiquated%20protocols%20like%20POP3%20and%20IMAP4%20to%20connect%20to%20accounts%20which%20don%E2%80%99t%20use%20MFA.%20After%20accounts%20are%20penetrated%2C%20the%20attackers%20plant%20inbox%20rules%20to%20forward%20copies%20of%20interesting%20messages%20and%20use%20the%20information%20received%20to%20plan%20and%20execute%20business%20email%20compromise%20attacks.%20Tenant%20administrators%20still%20have%20some%20work%20to%20do%20to%20secure%20Exchange%20Online%20and%20Azure%20AD%E2%80%A6%3C%2FP%3E%0A%3CP%3E%3CA%20href%3D%22https%3A%2F%2Foffice365itpros.com%2F2021%2F06%2F17%2Fmicrosoft-security-report-points-basic-authentication-root-bec-attacks%2F%22%20target%3D%22_blank%22%20rel%3D%22nofollow%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Foffice365itpros.com%2F2021%2F06%2F17%2Fmicrosoft-security-report-points-basic-authentication-root-bec-attacks%2F%3C%2FA%3E%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-2457359%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
MVP

The need to remove basic authentication from Exchange Online is underlined by a June 14 report from the Microsoft Threat Intelligence Center pointing to how attackers compromise mailboxes using antiquated protocols like POP3 and IMAP4 to connect to accounts which don’t use MFA. After accounts are penetrated, the attackers plant inbox rules to forward copies of interesting messages and use the information received to plan and execute business email compromise attacks. Tenant administrators still have some work to do to secure Exchange Online and Azure AD…

https://office365itpros.com/2021/06/17/microsoft-security-report-points-basic-authentication-root-be...

0 Replies