Microsoft 365
Coverage of Microsoft 365 in the Nexus archive.
- FBI warns Microsoft users about passwordless scam
The FBI warns about a phishing-as-a-service platform called Kali365 targeting Microsoft 365 accounts. The scam bypasses multifactor authentication by exploiting Microsoft's device code login process to steal OAuth tokens, granting attackers access to Outlook, Teams, and OneDrive without requiring passwords.
- Security boss thought MFA would be too much security
A senior director at a cybersecurity company, who was allegedly its COO, overreacted to a multi-factor authentication (MFA) rollout for Microsoft 365, falsely claiming it crippled an invoicing system. The actual issue was a buggy invoicing software, but the director demanded an immediate rollback, resulting in reduced security. The incident highlighted poor decision-making despite the team's successful implementation.
- Microsoft Billing Scam?
A user's mother received a PayPal charge for Microsoft 365 without purchasing it, and the billing email appears to be from 'billing.microsoft.co', which is not recognized as an official Microsoft billing domain. The user is unsure if this is a scam.
- I stopped paying for Microsoft 365 and bought Office 2024 for $105 instead
The author stopped paying for Microsoft 365 and purchased Microsoft Office 2024 Home & Business for $104.97, a one-time fee available until June 14, as an alternative to ongoing subscription costs.
- Microsoft is disabling Office 2019 for Mac next month
Microsoft will disable Office 2019 for Mac next month by not renewing a validation certificate, forcing users to upgrade to Office 2024 or a Microsoft 365 subscription. The company revised its support statement to clarify apps will stop working, contradicting earlier assurances they would 'continue to function.'
- Chinese APT deploys new malware to keep access to hacked networks
A Chinese espionage group named UNC5221 is using new malware, including Brickstorm, Plenet, and AgentPSD, to maintain access to hacked Microsoft 365 environments.
- Coding Gaffe Exposes Microsoft 365 Accounts to Widespread Takeover
A disabled security setting in Android versions of Microsoft apps like Word, PowerPoint, and Excel allowed attackers to steal user logins and data. The vulnerability stemmed from a coding error that exposed Microsoft 365 accounts to potential takeover.
- FBI-Flagged Phishing Kit Kali365 Expands Its Reach
The FBI-flagged phishing kit Kali365, previously targeting Microsoft 365, now expands to AWS, Okta, and Russian platforms using device code phishing. This marks an increase in the platform's scope and threat level.
- Microsoft launches Scout, an OpenClaw-inspired personal assistant
Microsoft launched Scout, a new AI assistant inspired by OpenClaw, designed to integrate the capabilities of OpenClaw into the Microsoft 365 ecosystem. The assistant was introduced at Microsoft's Build event.
- Microsoft Scout is a new AI personal assistant built on OpenClaw
Microsoft Scout is a new AI personal assistant built on OpenClaw, designed to integrate into Microsoft 365 apps like Outlook, OneDrive, and Teams. It assists with tasks such as organizing calendars, expense reporting, and email drafting, offering broader capabilities than Microsoft's Copilot. Corporate vice president Omar Shahine described it as the first real personal assistant offered by Microsoft.
- Microsoft slaps new coat of paint on Copilot, buries annoying button
Microsoft redesigned its Copilot app for Microsoft 365, introducing a faster interface, improved response times for complex prompts, and a task-aware workspace for prompts. The update addresses user complaints about a disruptive floating button, offering an option to move it to the ribbon. Copilot usage increased by 27-43% across Word, Excel, PowerPoint, and Outlook following the changes.
- FBI warns of major phishing scam, with hackers ‘hijacking' Microsoft Outlook, 365 users
The FBI warns of a phishing scam targeting Microsoft Outlook and 365 users, using a pre-packaged phishing kit called Kali 365 distributed via Telegram. Hackers exploit OAuth tokens to bypass multi-factor authentication, gaining unauthorized access to accounts and services like Outlook, Teams, and OneDrive.
- Cyber attackers are hijacking Microsoft Outlook, Teams and 365 log-ins, FBI says
The FBI has issued a public warning about a new phishing tool that allows cyber attackers to access Microsoft 365 user accounts without requiring passwords. This tool is being used to hijack log-ins for Microsoft Outlook, Teams, and 365 services.
- FBI warns of Kali365 phishing service targeting Microsoft 365 accounts
The FBI has issued a warning about the Kali365 phishing-as-a-service platform, which exploits OAuth device code authentication to hijack Microsoft 365 accounts. The service steals session tokens and bypasses multi-factor authentication (MFA), posing a significant cybersecurity threat.
- FBI warns about fast-growing phishing kit targeting Microsoft 365 users
The FBI warns about Kali365, a phishing-as-a-service platform targeting Microsoft 365 users by bypassing multi-factor authentication through OAuth device code phishing. The tool enables cybercriminals to steal access tokens, leading to data theft, ransomware, and other attacks. Researchers note its rapid growth, AI-driven tactics, and low barriers for less-technical attackers.
- FBI warns of Kali365 phishing-as-a-service after April Microsoft 365 attacks
The FBI has issued a warning about Kali365, a phishing-as-a-service platform operating on Telegram that enables cybercriminals to steal OAuth tokens and gain unauthorized access to Microsoft 365 environments. The advisory follows attacks in April targeting Microsoft 365 users. This threat represents a significant security risk for organizations relying on cloud-based Microsoft services.
- Microsoft’s consumer marketing chief to leave next year
Yusuf Mehdi, Microsoft's executive vice president and consumer chief marketing officer, announced his departure after 35 years with the company, effective next year. He will continue leading marketing efforts for Windows, Copilot for consumers, and Microsoft 365 consumer business until 2027. Mehdi cited the need for time and space to ensure the team's continued success during this critical period for Microsoft.
- Plex appeal fades as Lifetime Pass jumps to $750
Plex is increasing the price of its Lifetime Plex Pass from $249.99 to $749.99, effective July 1, in an effort to encourage recurring subscriptions over one-time payments. Existing Lifetime Plex Pass holders will not be affected by the price change. The move reflects a growing trend in the tech and streaming industries towards subscription-based models.
- Microsoft Self-Service Password Reset abused in Azure data theft attacks
A threat actor is targeting Microsoft 365 and Azure production environments, stealing data by abusing legitimate applications and administration features, including Microsoft Self-Service Password Reset. The attacks are leveraging legitimate tools to gain unauthorized access. This has led to data theft in various instances.
- The New Phishing Click: How OAuth Consent Bypasses MFA
A phishing-as-a-service platform called EvilTokens compromised over 340 Microsoft 365 organizations across five countries in just five weeks. The targets received a message asking them to enter a short code and complete their normal MFA challenge. This phishing attack bypassed multi-factor authentication.
- Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing
The Tycoon2FA phishing kit has been updated to support device-code phishing attacks, allowing it to hijack Microsoft 365 accounts by abusing Trustifi click-tracking URLs. This new capability enables attackers to gain unauthorized access to sensitive information. The phishing kit's evolution poses a significant threat to account security.