A researcher known as Paranoid Ninja among the cybersecurity community reported the finding of two critical vulnerabilities in the Microsoft Office 365 suite. According to the report, successful exploitation of these vulnerabilities allows threat actors to completely bypass the authentication process on the target system.
Initially, the expert sent a single report to the Microsoft Security Response Center (MSRC), although shortly the next confirmed the identification of another dangerous security flaw. According to the specialist, the exploitation of the second vulnerability is directly related to the first and is even more dangerous.
Paranoid Ninja ensures that cybercriminal groups often use these vulnerabilities to organize malicious campaigns aimed at users of this suite. In this regard, Microsoft will soon begin notifying users of its Office 365 service of hacking operations allegedly deployed by threat actors sponsored by foreign governments. The corresponding notifications will be added to the user’s security portal, which will be the first step in the fight against the most sophisticated cybercriminal groups.
To learn more about information security risks, malware, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) website.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.