Download your research report: Understanding the Dark Halo M365 Attack
How the complexity of cloud-based enterprise SaaS systems allowed attackers to hide in plain sight
This breach analysis report looks at the anatomy of the Dark Halo attack, a sophisticated and extreme assault on more than 18,000 companies and the first global Microsoft 365 (M365) incident. It explores how attackers used M365’s complexity to essentially hide in plain sight, and how reconnaissance and data exfiltration activities were accomplished using poorly-documented M365 administrative interfaces.
Get a free Dark Halo M365 Security Scan
Secrutiny, as a SASIG partner is offering free Dark Halo M365 Security Scans to find out if your M365 tenant is vulnerable to attacks like Dark Halo. Contact [email protected] or use discount code Secrutiny when speaking to Siriux.
One of our expert partners, Siriux has a unique perspective into the real-world threats and vulnerabilities which SaaS customers are currently dealing with. Using their experiences of proactive consulting and incident response associated with Global Administrator Account Takeover attacks, Siriux developed a set of automated data gathering capabilities which rely on Microsoft 365 APIs to facilitate consistent and measurable analysis of M365 security settings.
For more on this topic, join Secrutiny and Microsoft expert and Siriux founder Aaron Turner as we explain what’s changed within the hacker community and why M365 is fast becoming the target. We will look at recent breaches of M365 (including the Dark Halo breach), the implications on M365, how they achieved their target undetected and what we need to do to detect and mitigate the risk. Register here.