Total Tests:

Hackers used credentials of a Microsoft Support worker to access users’ webmail

By Zeljka Zorz for Help Net Security
Tuesday, April 16, 2019

Motherboard’s source said that the attackers could access free, but not paid user accounts, and that the hackers were after accounts of iPhone owners whose devices were stolen and had to be de-coupled from iCloud accounts in order to be reset and sold on. They used these targets’ compromised email account to send and confirm password reset requests for iCloud accounts.

ImmuniWeb CEO Ilia Kolochenko advised all Outlook account owners to change their passwords and secret questions, as well as passwords for any other accounts that sent, or could have sent, a password recovery link to their Outlook email.

“Compromise of privileged accounts is a widespread and effective method among cybercriminals to get to the crown jewels at high speed and low cost. It is, however, quite surprising that such a reputable company as Microsoft reportedly has not reacted to the anomalies for as long as three months,” he added.

“Continuous monitoring of privileged accounts is quintessential to ensure data security and compliance. Moreover, nowadays, with emerging machine learning technologies it has become a pretty easy task is properly implemented.” Read Full Article

Book a Call Ask a Question
Talk to ImmuniWeb Experts
Have a technical question?

Our security experts will answer within
one business day. No obligations.

Have a sales question?
Tel: +41 22 560 6800 (Switzerland)
Tel: +1 720 605 9147 (USA)
Your data will stay private and confidential