The threat actors are exploiting noninteractive sign-ins, an authentication feature that security teams don't typically monitor. https://www.darkreading.com/cyberattacks-data-breaches/microsoft-365-accounts-sprayed-mega-botnet
The threat actors are exploiting noninteractive sign-ins, an authentication feature that security teams don't typically monitor. https://www.darkreading.com/cyberattacks-data-breaches/microsoft-365-accounts-sprayed-mega-botnet
and this happens now that they are testing the free [version of office](https://www.windowscentral.com/software-apps/office-365/microsoft-quietly-launches-free-ad-supported-version-of-office-apps-for-windows-with-limited-functionality)