Chalk Circle Guard protects for Office 365 evasion being used in the wild

Recently, A Microsoft Office 365 zero-day vulnerability was reported and is being exploited in the wild.

The vulnerability, dubbed BaseStriker, enables attackers to easily bypass built-in Office 365 security protection, allowing the delivery of emails with known malicious and phishing links to users.

We can confirm that we have detected over the past few weeks real world attacks utilising the BaseStriker zero-day vulnerability. These attacks have been targeting multiple customers who use Office 365 mail.

Customers using Chalk Circle Guard are fully protected from the BaseStriker zero-day vulnerability.

Delivery of malicious mails has long-been a prime method for initiating attacks on companies and individuals. Mails with malicious links trick users into visiting phishing websites or to download and run malicious content.

Phishing attacks on cloud applications such as Office 365 are particularly dangerous: these attacks are extremely common, and often lead to users inadvertently giving their login details to hackers. Once in possession of a user’s username and password, the attacker can perfectly impersonate a real user on their company email service.

Such account takeovers allow attackers to trick users into performing financial transactions on their behalf (typically transferring money or goods into the attacker’s hands), to providing access to sensitive data, the ability to setup hidden forwarding rules and installing malware.

This new vulnerability serves as a reminder to some of the security risks organisations face when adopting cloud applications. Such security risks are the reason we strongly advise customers to protect their usage of Software as a Service (SaaS) applications with dedicated SaaS security, which focuses on preventing evasive cyber attacks and which protects the business and user from cloud account takeover.

Customers using Chalk Circle Guard are fully protected from this zero-day vulnrability. The solution prevents SaaS attacks and proactively blocks evasive phishing emails and user account takeovers.

This is one of our new services and we are accepting applications for a limited number of customers to join our early access program.

If you interested in joining our early access program or would like further information please contact us.

Leave a Reply

Your email address will not be published. Required fields are marked *