Malicious campaign targets Microsoft Azure accounts. Hundreds of individuals with executive roles are affected. Campaign started in November 2023 and is still active. Threat actors use spear phishing emails with shared documents. They gain access to Microsoft365 and 'OfficeHome' accounts. Post-compromise activities include MFA manipulation, data exfiltration, phishing, and fraud. Proofpoint provides mitigation recommendations. Hashtags: #MaliciousCampaign #MicrosoftAzure #Cybersecurity #SpearPhishing #DataExfiltration #PhishingFraud
https://www.infosecurity-magazine.com/news/malicious-campaign-microsoft-azure/