Actor

Storm-2949

1 brief RSS

Storm-2949 Abuses SSPR for Cloud-Wide Data Exfiltration

Storm-2949 compromised cloud identities through social engineering and abused the Self-Service Password Reset (SSPR) process to bypass MFA and gain persistent access, enabling lateral movement and data exfiltration from Microsoft 365 and Azure environments.

Microsoft Entra ID +3 Storm-2949 cloud-security credential-access data-exfiltration social-engineering

2r 6t 1d ago