open-menu
closeme
Possible Consent Grant Attack via Azure-Registered Application
calendar
Apr 22, 2024
·
Domain: Cloud
Data Source: Azure
Data Source: Microsoft 365
Use Case: Identity and Access Audit
Resources: Investigation Guide
Tactic: Initial Access
·
Share on:
twitter
facebook
linkedin
copy
Attempts to Brute Force a Microsoft 365 User Account
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Identity and Access Audit
Tactic: Credential Access
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Exchange Anti-Phish Policy Deletion
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Initial Access
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Exchange Anti-Phish Rule Modification
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Initial Access
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Exchange DKIM Signing Configuration Disabled
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Tactic: Persistence
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Exchange DLP Policy Removed
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Defense Evasion
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Exchange Malware Filter Policy Deletion
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Defense Evasion
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Exchange Malware Filter Rule Modification
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Defense Evasion
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Exchange Management Group Role Assignment
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Identity and Access Audit
Tactic: Persistence
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Exchange Safe Attachment Rule Disabled
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Defense Evasion
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Exchange Safe Link Policy Disabled
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Identity and Access Audit
Tactic: Initial Access
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Exchange Transport Rule Creation
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Exfiltration
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Exchange Transport Rule Modification
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Exfiltration
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Global Administrator Role Assigned
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Identity and Access Audit
Tactic: Persistence
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Inbox Forwarding Rule Created
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Collection
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Potential ransomware activity
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Impact
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Teams Custom Application Interaction Allowed
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Persistence
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Teams External Access Enabled
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Persistence
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Teams Guest Access Enabled
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Persistence
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Unusual Volume of File Deletion
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Impact
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 User Restricted from Sending Email
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Initial Access
·
Share on:
twitter
facebook
linkedin
copy
New or Modified Federation Domain
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Identity and Access Audit
Tactic: Privilege Escalation
·
Share on:
twitter
facebook
linkedin
copy
O365 Email Reported by User as Malware or Phish
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Tactic: Initial Access
·
Share on:
twitter
facebook
linkedin
copy
O365 Excessive Single Sign-On Logon Errors
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Identity and Access Audit
Tactic: Credential Access
·
Share on:
twitter
facebook
linkedin
copy
O365 Exchange Suspicious Mailbox Right Delegation
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Persistence
·
Share on:
twitter
facebook
linkedin
copy
O365 Mailbox Audit Logging Bypass
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Tactic: Initial Access
Tactic: Defense Evasion
·
Share on:
twitter
facebook
linkedin
copy
OneDrive Malware File Upload
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Tactic: Lateral Movement
·
Share on:
twitter
facebook
linkedin
copy
Potential Password Spraying of Microsoft 365 User Accounts
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Identity and Access Audit
Tactic: Credential Access
·
Share on:
twitter
facebook
linkedin
copy
SharePoint Malware File Upload
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Tactic: Lateral Movement
·
Share on:
twitter
facebook
linkedin
copy
Suspicious Microsoft 365 Mail Access by ClientAppId
calendar
Apr 2, 2024
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Initial Access
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Impossible travel activity
calendar
Jun 22, 2023
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Initial Access
·
Share on:
twitter
facebook
linkedin
copy
Microsoft 365 Mass download by a single user
calendar
Jun 22, 2023
·
Domain: Cloud
Data Source: Microsoft 365
Use Case: Configuration Audit
Tactic: Exfiltration
·
Share on:
twitter
facebook
linkedin
copy
to-top