gtag('config', 'AW-982553285');
 



Consent phishing is an emerging technique attackers are using to compromise user accounts, even if they have Multi-factor Authentication (MFA or 2FA) enabled. With more platforms adding support for Multi-factor Authentication (MFA) and users increasingly adopting it to secure their accounts, attackers are adapting and moving to new methods of compromising user accounts and bypassing MFA/2FA.




Imagine yourself sitting down at your desk first thing on a Monday morning, cup of coffee steaming next to your keyboard as you click through your backlog of emails. You open the below email and you see that Karl has shared a financial report with you.


Maybe you’ve been waiting for the latest financials or you suspect this was sent erroneously but you’re curious and want to take a peak. When you click the link you are presented with a prompt that with your Monday brain looks just like the “Yes give me access” prompt you’ve clicked through a thousand times. I mean, it's a microsoftonline.com domain, it's https and there’s a green tick in the corner so everything looks fine.




If you’d looked closely you may have noticed that this was in fact asking you to approve access rather than granting you access. But with your muscle memory in full control you click “Accept” before even glancing at the screen. You wait for the spreadsheet to open but are presented with a generic “File does not exist” error page. Oh well, apparently Karl realised his mistake and deleted the file or revoked your access. Onto the next email.


And just like that you’ve been consent phished. You’ve just granted the attackers permanent access to your account, which they retain even if you change your password or have MFA enabled. Chances are the attacker’s tools will immediately start downloading every piece of data you just granted them access to, which they can then explore at their leisure.


To spot this you need to audit the apps you’ve approved, something you are doing regularly, right? Seriously though, this isn’t something many people check. These integrations are designed to be as seamless as possible and not to get in your way. But if this has piqued your interest you can check what access you have personally granted on Google Workspace and Microsoft 365.

If you’d been paying attention when you clicked “Accept” you might have noticed that you were granting some pretty serious permissions here. These permissions allow the attackers to read and write any files you have access to - they could download all these files and then delete them. The attackers also got permission to send emails as you. They could send emails to your colleagues from you and phish them too, this isn’t impersonation where the email just “looks” like it came from you, the email DID come from you. Lastly the attackers asked for permission to manipulate your Outlook settings, with this they could set up a mail forwarding rule so that they get copies of all your emails forwarded to them directly without even having to log in. And all of this happens until you delete the underlying OAuth app.

Consent phishing is still an emerging technique, and we believe that it has not reached peak usage by attackers yet. We will continue to actively research this attack technique as it continues to evolve.



7 views

Microsoft has announced its new hybrid Windows 365 cloud service where the operating system is stored in Microsoft’s Cloud and which securely streams each user’s apps, data, and settings to personal or corporate devices, acting as a full Windows desktop PC in the cloud.


New Era of Hybrid Personal Computer

Microsoft is calling the new subscription (SaaS) Windows 365 service (which is a simplified version of its Azure Virtual Desktop) as a “new era of hybrid personal computing” because it “draws on the power of the cloud and the capabilities of the device”.


Work From Anywhere, On Any Device, Pick Up Where You Left Off

The new Windows 365 service enables the streaming of a full Windows desktop from the cloud. With the service, Windows 10 and 11 users can:

– Stream all their personalised applications, tools, data, and settings from the cloud across any device including a Mac, iPad, Linux device, or Android.

– Work from anywhere (e.g. a hotel room or a tablet from their car) and pick up where they left off because their individual PC in the cloud remains the same, even when switching devices.


Supports Business Apps

Windows 365 cloud service also supports business apps such as Microsoft 365, Microsoft Dynamics 365, Microsoft Power Platform, and Microsoft is offering to stand by its promise of app compatibility with App Assure, a Microsoft service that helps customers with 150 or more users fix any app issues they might run into at no additional cost.


Ideal For Remote Working

The fact that users can experience their whole, individual Windows PC streamed through to any chosen device from the cloud and saved/back-up in the cloud for whenever they log on makes it ideal for remote working and for the many businesses that look like continuing flexible working practices post-pandemic. As Microsoft points out, “we’re seeing a new world of work emerge. Organizations everywhere have transformed themselves through virtual processes and remote collaboration. And as people embrace hybrid work—with people returning to the office, continuing to work from home, or some mix of the two—things will be different all over again”.

Microsoft also points to the finding of its recent Work Trend Index as proof of the need for a cloud-based hybrid solution of this kind. The Index has boiled down a study of more than 30,000 people in 31 countries plus an analysis of trillions of productivity and labour signals across Microsoft 365 and LinkedIn to arrive at some key statistics and 7 trends.

For example, the Work Trend Index found that 73 percent of workers now want flexible remote work options to stay, but 67 percent also want more in-person collaboration, post-pandemic.


Analytics and Watchdog Service

The 365 cloud service also has built-in analytics that looks at connection health across networks to make sure Cloud PC users can reach everything they need on the network to be productive. The analytics are not only able to identify Cloud PC environments where a user’s performance needs aren’t being met, but also give recommendations and enable upgrades for users at the touch of a button, thereby saving time, simplifying problem-solving and quickly boosting productivity.


Zero Trust Architecture

The Zero Trust Architecture means that security needs can be met by storing and securing information in the cloud (not on the device) and using Multifactor authentication (MFA) to verify any login or access attempt to a Cloud PC through integration with Microsoft Azure Active Directory (Azure AD).


Solves Some Old Problems

The fact that the individual Windows desktop PCs are stored securely in (and streamed from) the cloud as and when needed could solve a lot of traditional IT management problems. For example, this hybrid system looks likely to give business greater flexibility and scalability, help productivity and support innovation by making remote work and collaboration easier, tackle many of the hardware challenges (cost and maintenance), allow faster problem solving (watchdog and diagnostics), and help reduce security risks and threats. Microsoft is also keen to stress the simplicity of the service.


When?

Microsoft says that the new 365 cloud service will be “generally available later this calendar year”, although it looks set to launch for business users from August 2.


What Does This Mean For Your Business?

The new Windows 365 cloud service sees Microsoft adapting and building upon its existing, popular Azure platform and virtualisation technology to try and create a hybrid service that should appeal to business users, particularly at a time where effectively managing the challenges of flexible (hybrid) and remote working look like being ongoing trends. This service also enables Microsoft to expand its subscription model and will appeal to the large businesses that are now ready to commit more to the cloud. The power, control, flexibility, simplicity, and security aspects of the service are also likely to appeal to businesses that need to be able to manage their computing needs and maximise the possibility of improved productivity at a time which seems very uncertain and where there are already enough risks to cope with in the rapidly changing business environment.


Contact us for further details +44 (0)121 285 5626

3 views

In this article, we take a brief look at what DaaS is, as well as its advantages and disadvantages.


Desktop as a Service

Desktop as a Service (DaaS) is a service where virtual applications/virtual desktops, via a third-party public or private cloud service, are made accessible (streamed) to users over the Internet via an html-based web browser or a secure application downloaded to the user’s device(s). DaaS is usually licensed with a per-user subscription.


VDI, VM, and DaaS

VDI refers to the backend ‘virtual desktop infrastructure’ of DaaS, including the ‘virtual machines’ that run desktop operating systems, and are hosted by the third-party cloud provider. A virtual machine (VM) is a virtual environment which operates just like a ‘computer within a computer’, runs on its own isolated part of its host computer, and has its own resources that enable it to let end-users operate it (run apps on it) as they would a physical workstation.


Advantages of DaaS

The advantages of DaaS include:

– It offers businesses a simple to operate, centralised, turnkey, pay-as-you-go solution with minimal set-up time.

– It is flexible and scalable.

– IT admin is simplified (saving time and money).

– The DaaS providers handle VDI deployment, maintenance, security, upgrades, data backup, and storage, thereby saving money and freeing up in-house IT resources and meaning that companies don’t have to go to the expense, trouble, and risk of trying to manage their own on-premises VDI solution.

– An improved disaster recovery (DR) solution (i.e. failover resources) are hosted (securely) in the cloud rather than needing backup workstations.

– Better functionality and productivity from being less likely to fail, experience downtime or disruptions.

– Less dependence on (and fewer costs for) hardware/desktop infrastructure supply chains.

– DaaS can deliver better insights from data, as well as better data integration and governance.

– Improved agility of data workloads.


Disadvantages of DaaS

Some disadvantages include:

– Users will still need a device capable of running and accessing the DaaS service, as well as a good, fast Internet connection. Both of these factors have cost and employee access implications.

– Licensing payments are still required.

– Moving (sensitive) data to the cloud could bring some compliance challenges for some organisations.

– Trust in the security of the cloud is necessary and moving data to the cloud and transferring it over a network could, arguably, bring a data risk compared to keeping it locally behind the firewall.

– IT staff/the business may lack experience in using DaaS.


Some Examples

Examples of DaaS providers/service include Microsoft Windows Virtual Desktop, Amazon WorkSpaces, VMware Horizon Cloud, Citrix Virtual Apps and Desktops, Cloudalize, V2 Cloud, and dinCloud (dinWorkSpace).


What Does This Mean For Your Business?

Many businesses have made the move to the cloud anyway and are also now used to the subscription economy and the ‘as-a-service’ model of delivery e.g., Windows 10. The DaaS model clearly offers many benefits, to businesses e.g., cost and resource savings, centralisation, security, flexibility, and simplification, as well as being particularly useful at a time when remote working and now the move to hybrid working have become important. DaaS also enables companies to improve the agility of data workloads, get important business insights more quickly, offer a better work access solution to employees as well as freeing the business from many of the traditional IT management and admin challenges.


8 views

  • Managed Service Provider

  • Telecoms

  • Offsite Backup

  • Cloud Services

  • IT Support