There’s a new, sneaky brute-force attack targeting enterprise Office 365 customers, according to a new report from cloud access security broker Skyhigh Networks.

Dubbed KnockKnock, the attacks use existing corporate credentials and public cloud tenants to launch the attacks, targeting mainly admin and system accounts without multifactor authentication or SSO to avoid detection. Once compromised, attackers launch internal, harder-to-detect phishing attacks against employees.

Learn more about the attacks and how to protect against them in this blog by Thu Pham.