Microsoft researchers uncovered infrastructure that powered a large-scale business email compromise (BEC) campaign. The infrastructure was hosted on multiple cloud platforms, which allowed it to stay under the radar for quite some time. Threat hunters worked with Microsoft Threat Intelligence Center (MST) to report the infrastructure to multiple cloud teams. The attacks have minimal footprint, create very low signals that don t rise to the top of a defender s alert list, and tend to blend in with the usual noise of corporate network traffic.
Source: https://threatpost.com/microsoft-disrupts-cloud-bec-campaign/166937/