Office 365 Admins Targeted in Ongoing Phishing Scam

This is not unexpected.  Cybercriminals are fairly smart and they are motivated to target the resources with the greatest and/or most effective access.  As more and more of the world moves their respective Exchange and Active Directory resources to the cloud, O365 and Azure administrators move up the valued target list.

This article simply points out something we have known for some time.  We must take phishing threats and associated awareness training seriously.  This must become a priority for every organization, large and small.  This issue also places a brighter spotlight on the security associated with service providers and 3rd party administrators.  Make sure your security controls take those resources into consideration as well.

https://threatpost.com/office-365-admins-phishing/150352/

Microsoft Urges Azure Customers to Patch Exim Worm

This situation is a great example of the importance of patch and firmware management.  Just because a system is hosted in the cloud, it does not mean that you are not responsible for parts if not all of the patch and firmware oversight.  Pay close attention to your service level agreements and other cloud services documentation.

If you are using these particular Azure services from Microsoft, please review this content and patch accordingly.

https://www.infosecurity-magazine.com/news/microsoft-urges-azure-customers-to-1/

https://threatpost.com/microsoft-pushes-azure-users-to-patch-linux-systems/145749/

2FA Login Failure in Office 365 and Azure

This is a very difficult situation from an IT security perspective.  Multi-factor authentication is a necessary step for the security of many systems and applications, especially those that are cloud hosted.  These types of outages can and will shake the confidence of users and make the move to multi-factor authentication that much more difficult to pursue and expand for IT security professionals in organizations.

https://www.infosecurity-magazine.com/news/2fa-login-failure-in-office-365/

Microsoft Issues ‘Important’ Security Fix for Azure AD Connect

This type of unpatched vulnerability could have serious implications for any organization running MS components in the Azure cloud.  The compromise of a domain controller could lead to the complete infiltration of an environment, providing bad guys with the ability to touch and review hundreds of servers, create unknown numbers of hidden accounts with elevated privileges, and lay the groundwork for data ex-filtration and ransomware-style infections.  Please review your environments and patch accordingly.

https://threatpost.com/microsoft-issues-important-security-fix-for-azure-ad-connect/126596/