If you are an organization that uses Microsoft Office 365 as your email platform, be on the lookout for a new tricky phishing attack recently used by cyber criminals. Microsoft has issued an alert to its customers warning them of the new attack, which merits mention to your users.

The phishing scheme is designed to

Malwarebytes, a cybersecurity firm, confirmed this week that the same hackers believed to originate from Russia who were behind the SolarWinds incident were able to access some of its internal emails without authorization.

According to the company, it did not use SolarWinds software, but had been targeted by the same hackers to access its O365

I was with a bunch of CFOs this week talking about cybersecurity and I told them how easy it is for hackers these days. They can infiltrate a company’s system by compromising an O365 account that doesn’t have multi-factor authentication, and according to a Ponemon study, are in the company’s system for over 200 days.

Many companies are migrating their email systems to Microsoft Office 365 (O365). The majority of security incidents in which we have been engaged in over the past six months involve a hacker successfully phishing an employee of the company (most of the time someone who is an executive in the company) and then spoofing the

I hang out with Chief Information Security Officers (CISOs) and Chief Information Officers (CIOs). I support them because they have thankless jobs and have a mountain of responsibilities to protect an organization, most of the time without complete support from the organization. I try to help CISOs and CIOs get the budgeting they need to