Security Affairs
Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|Pegasus Used Against MEP Investigating Pegasus, Citizen Lab Finds|JADEPUFFER: First End-to-End AI-Driven Ransomware Operation|The Anatomy of a Shadow AI Supply-Chain Breach: Lessons from the 2026 Vercel Incident|Law enforcememt operation disrupted Malicious Residential Proxy Networks NetNut|Government and Healthcare Are the Weakest Links in Global Email Security|Europe Confirms Record €4.1B Penalty Against Google for Android Practices|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Microsoft blocked tens of billions of brute-force and phishing attacks in 2021

Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of brute-force and phishing attacks last year. Microsoft revealed that Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of phishing emails and brute force attacks last year. The IT giant added has blocked more than 25.6 billion Azure AD […]

Microsoft Office zero-day

Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of brute-force and phishing attacks last year.

Microsoft revealed that Office 365 and Azure Active Directory (Azure AD) customers were the targets of billions of phishing emails and brute force attacks last year.

The IT giant added has blocked more than 25.6 billion Azure AD brute force authentication attacks and detected 35.7 billion phishing emails with Microsoft Defender for Office 365 in 2021.

Enabling multi-factor authentication (MFA) and passwordless authentication would allow customers to protect their accounts from brute force attacks. However, only 22 percent of customers using Microsoft Azure Active Directory (Azure AD), Microsoft’s Cloud Identity Solution, have implemented a strong identity authentication protection as of December 2021. 

“MFA and passwordless solutions can go a long way in preventing a variety of threats and we’re committed to educating customers on solutions such as these to better protect themselves. From January 2021 through December 2021, we’ve blocked more than 25.6 billion Azure AD brute force authentication attacks and intercepted 35.7 billion phishing emails with Microsoft Defender for Office 365.” states Microsoft.

Microsoft added that its Defender for Endpoint blocked more than 9.6 billion malware threats
targeting enterprise and consumer customer devices, between January and December 2021.

Microsoft pointed out that online threats are increasing in volume, velocity, and level of sophistication. The company introduced Cyber Signals, a cyber threat intelligence brief informed by the latest Microsoft threat data and research.

Cyber Signals provide trend analysis and practical guidance to strengthen the defense of its customers. 

“With Cyber Signals, we’ll share trends, tactics, and strategies threat actors use to gain access to the hardware and software that houses one’s most sensitive data. We will also help inform the world on how, collectively, we can protect our most precious digital resources and our digital lives so we can build a safer world together.” concludes Microsoft.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, phishing attacks)

[adrotate banner=”5″]

[adrotate banner=”13″]