Microsoft reported that it was able to avert over 25.6 billion brute-force authentication attacks in Azure Active Directory, as well as 35.7 billion phishing emails using Microsoft Defender for Office 365.
The FBI warned that threat actors have been launching phishing campaigns using fraudulent job postings on recruitment websites in an effort to exfiltrate personal data and cash.
Proofpoint researchers say after the attackers take over accounts, organizations face data leakage, continued phishing, lateral movement, brand abuse and malware threats.
The Microsoft researchers found that the second stage of the campaign was successful against victims that did not implement multi-factor authentication (MFA).