Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

Hackers Bypass MFA on Cloud Accounts via IMAP Protocol

Over the past several months, threat actors have been increasingly targeting Office 365 and G Suite cloud accounts that are using the legacy IMAP protocol, in an attempt to bypass multi-factor authentication (MFA), Proofpoint reports.

Targeted brute-force attacks have increased in sophistication over the past months, attempting to compromise accounts using variations of the usernames and passwords exposed in large credential dumps, and phishing campaigns continued to provide additional avenues into corporate accounts.

An analysis of over one hundred thousand unauthorized logins across millions of monitored cloud accounts revealed that more than 2% of the user accounts were targeted, and that 15 in 10,000 were successfully breached.

Nearly three quarters (72%) of the cloud service tenants were targeted at least once and 40% of them had at least one compromised account in their environment, Proofpoint says.

Provided that the initial target does not have the access needed to...(continued)

View All Trending Stories