Tag
high
advisory
Detection of Malicious Office 365 Inbox Rule Creation
3 rules 2 TTPsThis brief outlines the detection of malicious Office 365 inbox rule creation, where attackers leverage 'New-InboxRule' and 'Set-InboxRule' operations to forward, delete, or obfuscate emails, potentially leading to data exfiltration or business email compromise.
Office 365
o365
inbox-rule
email
data-exfiltration
business-email-compromise
3r
2t
medium
advisory
M365 Exchange Inbox Forwarding Rule Creation
2 rules 1 TTPDetection of new Microsoft 365 Exchange inbox forwarding rules indicating potential unauthorized email interception and exfiltration by attackers.
Exchange Online +1
o365
exchange
inbox-rule
email-forwarding
data-exfiltration
2r
1t