Ongoing campaign compromises senior execs’ Azure accounts, locks them using MFA

Ongoing campaign compromises senior execs’ Azure accounts, locks them using MFA

a week ago
Anonymous $6hYC3Wwiad

https://arstechnica.com/security/2024/02/ongoing-campaign-compromises-senior-execs-azure-accounts-locks-them-using-mfa/

Hundreds of Microsoft Azure accounts, some belonging to senior executives, are being targeted by unknown attackers in an ongoing campaign that's aiming to steal sensitive data and financial assets from dozens of organizations, researchers with security firm Proofpoint said Monday.

The campaign attempts to compromise targeted Azure environments by sending account owners emails that integrate techniques for credential phishing and account takeovers. The threat actors are doing so by combining individualized phishing lures with shared documents. Some of the documents embed links that, when clicked, redirect users to a phishing webpage. The wide breadth of roles targeted indicates the threat actors’ strategy of compromising accounts with access to various resources and responsibilities across affected organizations.