Understanding the Dark Halo M365 Attack | SASIG
Forgotten your password?

Download your research report: Understanding the Dark Halo M365 Attack

How the complexity of cloud-based enterprise SaaS systems allowed attackers to hide in plain sight

This breach analysis report looks at the anatomy of the Dark Halo attack, a sophisticated and extreme assault on more than 18,000 companies and the first global Microsoft 365 (M365) incident. It explores how attackers used M365’s complexity to essentially hide in plain sight, and how reconnaissance and data exfiltration activities were accomplished using poorly-documented M365 administrative interfaces.


Get a free Dark Halo M365 Security Scan

Secrutiny, as a SASIG partner is offering free Dark Halo M365 Security Scans to find out if your M365 tenant is vulnerable to attacks like Dark Halo. Contact siriux@secrutiny.com or use discount code Secrutiny when speaking to Siriux.


About Siriux

One of our expert partners, Siriux has a unique perspective into the real-world threats and vulnerabilities which SaaS customers are currently dealing with. Using their experiences of proactive consulting and incident response associated with Global Administrator Account Takeover attacks, Siriux developed a set of automated data gathering capabilities which rely on Microsoft 365 APIs to facilitate consistent and measurable analysis of M365 security settings.


More on this topic

For more on this topic, join Secrutiny and Microsoft expert and Siriux founder Aaron Turner as we explain what’s changed within the hacker community and why M365 is fast becoming the target. We will look at recent breaches of M365 (including the Dark Halo breach), the implications on M365, how they achieved their target undetected and what we need to do to detect and mitigate the risk. Register here.


Brought to you by Secrutiny and the SASIG.



Download “Understanding the Dark Halo M365 Attack”


Click here to download



  • By providing your email address, you are giving SASIG Events Limited permission to provide you with content they think would be of interest including white papers, event invites and reports. You can unsubscribe from these emails at any time.

This website uses cookies, by continuing to use the site you agree to using cookies. Continue