Tag Archives: MalwareLaden

Hackers Target Azure Accounts With Malware-Laden Shared Documents

A campaign to hack into Azure Cloud accounts is targeting senior executives at a wide range of organizations, affecting hundreds of user accounts so far, according to California-based cybersecurity firm Proofpoint.

“In late November 2023, Proofpoint researchers detected a new malicious campaign, integrating credential phishing and cloud account takeover (ATO) techniques,” Proofpoint said in an advisory post. The firm notes that the attack is still ongoing.

The advisory post explains the technical details of the hacks, but in short, threat actors use shared documents that are individualized to the target as phishing lures. The document links, however, redirect users to a malicious phishing web page, where account details are stolen.

Once stolen, attackers register their multi-factor…


Source link