A new email phishing campaign has been found that claims to be the Microsoft Office 365 team. This new campaign sends a user an email that claims that there is an unusual amount of file deletions in the users Office 365 account and the attackers urge the user to review the alerts. The email claims that is a “medium-severity alert.” If a user clicks on the alert, the victim is redirected to a spoofed Office 365 account login page. If a user enters their login credentials the information is sent to the attackers, then the victim is redirected the official Microsoft website. The contents of the malicious email are; “A medium-severity alert has been triggered, Unusual volume of file deletion, Severity: Medium, Time: 05/26/2019 07:36:39 pm (UTC), Activity: FileDeleted, Details: 15 matched activities in 5 minutes, View alert details,”
Using Microsoft Sentinel to Detect Confluence CVE-2022-26134 Exploitation
By Akshay Rohatgi and Randy Pargman About this Student Research Project Binary Defense’s mission is