We’ve been seeing a bit of a buzz in the technical security press about a new method of phishing that bypasses many key security controls. Using a rogue Azure app, the attacker tricks the user into granting the app permissions to access their Office 365 email account and all of the information associated with it. Patrick Gray at Risky Business has been writing and talking up a storm on this one, and we believe that he is right to do so. In fact, we thought this was interesting and scary enough to let you know so you can understand what’s going on and maybe do something to prevent it.
A new decade is always something to celebrate. We can now look back on our twen’teens with nostalgia, and talk about all the security threats of the past years. Nation-state attackers, critical infrastructure attacks, fiery banking trojans and the rise of ransomware.
But enough about these threats of the past. Instead, this blog will discuss some of the new-school threats that may surface now that we are in the roaring twenties.