Tuesday, May 28, 2024

Microsoft Office 365 New Campaign Views to help Customers Tracking Attacks Targeting Organization and its Users

Microsoft announced the public preview of the campaign views security feature that let users view the full campaign of how the attackers targeted the organization and its users. The campaign’s view is the new feature in Office 365 Advanced Threat Protection.

This new feature allows security teams to spot the vulnerable surface, vulnerable users, harvest attacker intelligence and to take remediation steps, Microsoft said.

Campaign Views

The feature displays the data like when the campaign started/ended, impact, the user clicks, sender IP, senders and the payloads embedded. It also highlights the email flow from sender IPs to the delivery location.

Microsoft tested the feature in early previews with some of their customers and the result is extremely positive.

Following are some important features

  • Provides campaign summary including a timeline and the users affected.
  • List of IP address used to launch an attack
  • Messages that blocked, ZAPped, delivered to junk or quarantine or allowed into the inbox
  • Domain names used in the attack
  • To see how many users clicked on the phishing link
Campaign Views

“One large customer we’ve worked with was able to identify multiple configuration flaws in their tenant, by using campaign views for just a short duration of time,” Microsoft said.

The Email accounts are the tempting targets for hackers, cyberattacks are initiated over an email. Attackers follow innovative and sophisticated methods to trick the users in opening the malicious emails.

“It’s worthwhile to think about how attackers target organizations and users. It’s important to remember that attackers are often after financial gain.”

Microsoft Office 365 comes with several security tools that help security teams more comprehensively, effectively investigate, remediate issues and to stop potential breaches.

Campaign Views

Now the campaign views are available only the following plans Office 365 Advanced Threat Protection Plan 2, Office 365 E5, Microsoft 365 E5 Security and Microsoft 365 E5.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.


Latest articles

Researchers Exploited Nexus Repository Using Directory Traversal Vulnerability

Hackers target and exploit GitHub repositories for a multitude of reasons and illicit purposes.The...

DDNS Service In Fortinet Or QNAP Embedded Devices Exposes Sensitive Data, Researchers Warn

Hackers employ DNS for various purposes like redirecting traffic to enable man-in-the-middle attacks, infecting...

PoC Exploit Released For macOS Privilege Escalation Vulnerability

A new vulnerability has been discovered in macOS Sonoma that is associated with privilege...

CatDDoS Exploiting 80+ Vulnerabilities, Attacking 300+ Targets Daily

Malicious traffic floods targeted systems, servers, or networks in Distributed Denial of Service (DDoS)...

GNOME Remote Desktop Vulnerability Let Attackers Read Login Credentials

GNOME desktop manager was equipped with a new feature which allowed remote users to...

Kesakode: A Remote Hash Lookup Service To Identify Malware Samples

Today marks a significant milestone for Malcat users with the release of version 0.9.6,...

Cisco Firepower Vulnerability Let Attackers Launch SQL Injection Attacks

 A critical vulnerability has been identified in Cisco Firepower Management Center (FMC) Software's web-based...
Guru baran
Guru baranhttps://gbhackers.com
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles