Microsoft Teams targeted in Midnight Blizzard phishing attacks. These attacks are highly targeted and employ credential theft phishing lures delivered through Microsoft Teams chats. Midnight Blizzard, previously known as Nobelium, exploits compromised Microsoft 365 tenants to create legitimate technical support entities. They send messages through Microsoft Teams to steal credentials by persuading users to approve multi-factor authentication prompts. Around 40 global organizations have been affected, including government, NGOs, IT services, technology, manufacturing, and media sectors. Microsoft is actively working to prevent the actor from using the domains and is notifying affected customers. #MicrosoftTeams #phishingattacks #socialengineering #credentialtheft #cybersecurity #MidnightBlizzard #Microsoft365
https://www.infosecurity-magazine.com/news/microsoft-teams-midnight-blizzard/