Uncategorized Archives - Abnormal Security

Subscribe to receive twice-monthly updates of the latest attacks we've detected in the wild:

Joining Abnormal Security as a New Grad Software Engineer by Sharon Lin

Check out software engineer Sharon Lin’s medium blog on joining the Abnormal team. Read her full story below. This January, I joined Abnormal Security as a new grad Software Engineer. As you

Read more

What’s New: Week of Feb 15-19 – New Account Takeover Remediation Functionality

For Office 365 customers, Abnormal now manually or automatically remediates account takeover attacks. When an attack is detected, we sign users out of active sessions and disable compromised accounts.  Manual remediation is

Read more

An Inside Look at “The Rising Threat of Vendor Email Compromise in a Post-SolarWinds Era” Threat Research Report

The prolific attack on SolarWinds and their partner ecosystem will forever change how we view supply chain security and the role email communication plays in it. As the events and details surrounding

Read more

What’s New: Week of Jan 25-29 – New Role-Based Access Control Functionality

New Role-Based Access Control Functionality – Abnormal Security is introducing new functionality to our Role Based Access Controls. With this update we are introducing two new roles:  Global Per-Product Access – this

Read more

Scammers Target Microsoft 365 Read Receipt and Out of Office Reply Loophole for BEC Attacks

Abnormal Security detected two new types of attacks where scammers are targeting victims by redirecting their own Microsoft 365 Out of Office replies as well as read receipts back to them. These

Read more

Abnormal + Microsoft Bring Together Complete Email Security

When Abnormal Security was founded, our engineering and data science teams were focused on solving the toughest – and most expensive – email security problem for enterprises: business email compromise (BEC).

Read more

Abnormal Attack Stories #3: O365 Takeover Without Stealing Credentials

Quick Summary: Platform: Office 365 Mailboxes: Between 10,000 and 15,000 Email Gateway: None Email Security Bypassed: Office 365 Victims: Internal Employees Payload: Office 365 App Technique: Brand Impersonation What was the attack?

Read more