Explore current attack trends targeting Office 365 in this informative 29-minute conference talk by David Stubley of 7 Elements. Gain insights into why attackers compromise systems, the mastery required for successful attacks, and the various areas of vulnerability. Learn about initial compromise techniques, including MFA bypass, phishing, voicemail exploitation, and Dropbox manipulation. Discover how attackers leverage basic authentication, mailbox access, and mail rules for onward compromise. Understand individual motives behind phishing emails and explore effective countermeasures. Discover the importance of enabling MFA, auditing logs, implementing basic MFA, blocking suspicious mail, and practicing compromise detection. Conclude with a Q&A session addressing O365 mailbox security concerns.