Threats Hiding Behind Trusted Microsoft Domains


Astra Group Credential Stealing Threat

Throughout 2021 there was a growing increase in cyber threats hosted on legitimate services like Microsoft Teams, OneDrive, SharePoint, and OneNote to deliver phishing campaigns. These domains’ trusted reputation enables cybercriminals to easily evade current detection technologies using domain reputation and blocklists like SEG, proxy, SASE, and endpoint security tools. Attackers use shared services to get around domain reputation technologies with increased frequency. Using mainstream, legitimate commercial infrastructure sites to avoid detection has been a successful tactic, and the growth in these threats continues in 2022.

Read more…