APT28. a Russia-linked threat group has changed up its tactics to include Office 365 password-cracking and credential-harvesting. The attacks have been aimed mainly at U.S. and U.K. organizations directly involved in political elections and have been going on since April.
Microsoft telemetry shows that the group launched credential-harvesting attacks against tens of thousands of accounts at more than 200 organizations between last September and June.
Organizations and individuals can protect themselves by applying multi factor authentication (MFA) and actively monitoring for failed authentications for the cloud service.
Events like this are addressed by our company, Croyten, by designing your cyber systems into something that’s impenetrable by cyber attackers. Learn more about the services we offer.