Mass spamming starts with no MFA and credential stuffing

Microsoft has been monitoring and seeing an increase in attacks using malicious OAuth applications, installed on compromise cloud servers that then facilitate mass spamming from Exchange Online servers. Malicious OAuth applications abuse cloud email services to spread spam – Microsoft Security Blog The attack started with the threat actor launching …

I have bought equipment from North Face… and my information is safe. Advice about anonymous email.

…however, I do not reuse passwords – anywhere – and I had protected myself with an anonymous email using Apple’s Hide My Email service. 200,000 North Face accounts hacked in credential stuffing attack (bleepingcomputer.com) If you do not have an Apple device, have a look at DuckDuckGo’s solution, I wrote …

Is your email server blacklisted? The Peter Parker Principle.

…with great power there must also come — great responsibility! Stan Lee – Amazing Fantasy #15 (1962) A company with little accountability can blacklist your organisation’s email servers and not tell you why – and your hosting company pays for the privilege: Sp*mh**s warns email hygiene has worsened • The …