An Iran state-backed group called Peach Sandstorm is using password spraying attacks to target cloud environments in organizations across many industries.
Microsoft is warning enterprises about a recent Teams-based phishing campaign operated by a developing thrat group known as Storm-0342.
The Microsoft flaws join a rash of zero days disclosed over the past week by various companies, including Apple, Google and Adobe.
Decipher editors Dennis Fisher and Lindsey O'Donnell-Welch break down a busy news week, including Microsoft's revelations about the theft of its signing key, the Trickbot group sanctions, and some new Apple iOS zero days.
Microsoft answered lingering questions about how China-based threat actors acquired a Microsoft account consumer signing key, leading to the previously disclosed hack of several Outlook accounts.