{"id":13166,"date":"2026-05-27T02:04:00","date_gmt":"2026-05-27T02:04:00","guid":{"rendered":"https:\/\/serisec.com\/index.php\/2026\/05\/27\/fbi-warns-of-kali365-phishing-kit-that-breaks-into-microsoft-365-accounts-no-password-required\/"},"modified":"2026-05-27T02:04:00","modified_gmt":"2026-05-27T02:04:00","slug":"fbi-warns-of-kali365-phishing-kit-that-breaks-into-microsoft-365-accounts-no-password-required","status":"publish","type":"post","link":"https:\/\/serisec.com\/index.php\/2026\/05\/27\/fbi-warns-of-kali365-phishing-kit-that-breaks-into-microsoft-365-accounts-no-password-required\/","title":{"rendered":"FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts \u2013 no password required"},"content":{"rendered":"<p>    FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts \u2013 no password required<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n    <!-- no image --><br \/>\n \t<BR><br \/>\n<BR><\/BR><\/p>\n<div>So, you&#8217;ve enabled multi-factor authentication. You&#8217;ve taught your staff never to type their passwords into dodgy-looking login pages. Surely your Microsoft 365 accounts are safe now?<\/p>\n<p>Well, think again.<\/p>\n<p>Read more in my article on the Hot for Security blog.<\/p><\/div>\n<p> \t<BR><br \/>\n <BR><\/BR><br \/>\n    Graham Cluley<br \/>\n \t<BR><br \/>\n<BR><\/BR><br \/>\n<a href=\"https:\/\/www.bitdefender.com\/en-us\/blog\/hotforsecurity\/fbi-kali365-phishing-kit-breaks-microsoft-365-accounts-no-password-required\">Go to grahamcluley<\/a><br \/>\n \t<BR><br \/>\n <BR><\/BR><\/p>\n","protected":false},"excerpt":{"rendered":"<p>FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts \u2013 no password required So, you&#8217;ve enabled multi-factor authentication. You&#8217;ve taught your staff never to type their passwords into dodgy-looking login pages. Surely your Microsoft 365 accounts are safe now? Well, think again. Read more in my article on the Hot for Security [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[54,155,158,2162,124,2496],"tags":[71],"class_list":["post-13166","post","type-post","status-publish","format-standard","hentry","category-grahamcluley","category-guest-blog","category-microsoft","category-microsoft-365","category-phishing","category-two-factor-authentication","tag-grahamcluley"],"_links":{"self":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/13166"}],"collection":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/comments?post=13166"}],"version-history":[{"count":0,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/posts\/13166\/revisions"}],"wp:attachment":[{"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/media?parent=13166"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/categories?post=13166"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/serisec.com\/index.php\/wp-json\/wp\/v2\/tags?post=13166"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}