Attackers use Office 365 tools to steal data

Targeting of SaaS user accounts was one of the fastest-growing problems for organizations, even before COVID-19 forced a rapid shift to remote work, but a new report shows cybercriminals are using built-in Office 365 services in their attacks. The study from network detection and response company Vectra, based on four million monitored Office 365 accounts, shows that 71 percent of of those surveyed had seen suspicious Office 365 Power Automate behaviors. In addition 56 percent of customers saw suspicious Office 365 eDiscovery behaviors and 96 percent had seen attempts at lateral movement. "Within the new work-from-home paradigm, user account takeover… [Continue Reading]