Lucene search
K

16 matches found

HackRead
HackRead
added 2025/11/26 4:13 p.m.5 views

Microsoft Teams Flaw in Guest Chat Exposes Users to Malware Attacks

New research from Ontinue exposes a major security flaw in Microsoft Teams B2B Guest Access. Learn how attackers bypass all Defender for Office 365 protections with a single invite...

6.9AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/07/11 9:50 p.m.136 views

Patch Tuesday - July 2023

Microsoft is addressing 130 vulnerabilities this July Patch Tuesday, including five zero-day vulnerabilities, and eight further critical remote code execution RCE vulnerabilities. Overall, it’s safe to say that this is a busier Patch Tuesday than the past couple of months. Note that the total cou...

9.3CVSS9.2AI score0.99374EPSS
Exploits75
Microsoft Secure
Microsoft Secure
added 2023/06/12 4:0 p.m.27 views

Forrester names Microsoft a Leader in the 2023 Enterprise Email Security Wave

In today’s rapidly evolving connected workplace, where hybrid and remote work are increasingly the norm, workplace productivity and communications tools like email and chat applications are more important than ever. However, cyberthreats continue to evolve with increasing capabilities and...

6.6AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2023/06/12 4:0 p.m.28 views

Forrester names Microsoft a Leader in the 2023 Enterprise Email Security Wave

In today’s rapidly evolving connected workplace, where hybrid and remote work are increasingly the norm, workplace productivity and communications tools like email and chat applications are more important than ever. However, cyberthreats continue to evolve with increasing capabilities and...

6.6AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/11/16 6:0 p.m.25 views

Protect against phishing with Attack Simulation Training in Microsoft Defender for Office 365

Sophisticated cyberattacks are on the rise, with email phishing as the most common attack vector. We’ve seen it all over the news with stories like Hafnium that targeted Exchange servers1 or the Nobelium attack against SolarWinds,2 which show just how easy it is for bad actors to distribute a...

6.9AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/10/21 3:0 p.m.37 views

Franken-phish: TodayZoo built from other phishing kits

A phishing kit built using pieces of code copied from other kits, some available for sale through publicly accessible scam sellers or are reused and repackaged by other kit resellers, provides rich insight into the state of the economy that drives phishing and email threats today. We uncovered th...

6.8AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/09/21 3:0 p.m.24 views

Catching the big fish: Analyzing a large-scale phishing-as-a-service operation

In researching phishing attacks, we came across a campaign that used a rather high volume of newly created and unique subdomains—over 300,000 in a single run. This investigation led us down a rabbit hole as we unearthed one of the operations that enabled the campaign: a large-scale...

7.4AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/09/21 3:0 p.m.46 views

Catching the big fish: Analyzing a large-scale phishing-as-a-service operation

In researching phishing attacks, we came across a campaign that used a rather high volume of newly created and unique subdomains—over 300,000 in a single run. This investigation led us down a rabbit hole as we unearthed one of the operations that enabled the campaign: a large-scale...

7.4AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/08/04 10:0 p.m.225 views

Spotting brand impersonation with Swin transformers and Siamese neural networks

Every day, Microsoft Defender for Office 365 encounters millions of brand impersonation emails. Our security solutions use multiple detection and prevention techniques to help users avoid divulging sensitive information to phishers as attackers continue refining their impersonation tricks. In thi...

Exploits0
Microsoft Secure
Microsoft Secure
added 2021/07/29 3:0 p.m.243 views

BazaCall: Phony call centers lead to exfiltration and ransomware

Our continued investigation into BazaCall campaigns, those that use fraudulent call centers that trick unsuspecting users into downloading the BazaLoader malware, shows that this threat is more dangerous than what’s been discussed publicly in other security blogs and covered by the media. Apart...

6.8AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/07/14 5:0 p.m.41 views

Microsoft delivers comprehensive solution to battle rise in consent phishing emails

Microsoft threat analysts are tracking a continued increase in consent phishing emails, also called illicit consent grants, that abuse OAuth request links in an attempt to trick recipients into granting attacker-owned apps permissions to access sensitive data. This blog offers a look into the...

0.2AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/06/14 4:0 p.m.55 views

Behind the scenes of business email compromise: Using cross-domain threat data to disrupt a large BEC campaign

Microsoft 365 Defender researchers recently uncovered and disrupted a large-scale business email compromise BEC infrastructure hosted in multiple web services. Attackers used this cloud-based infrastructure to compromise mailboxes via phishing and add forwarding rules, enabling these attackers to...

6.6AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/05/06 4:0 p.m.27 views

Forrester names Microsoft a Leader in the 2021 Enterprise Email Security Wave

Today, organizations face an evolving threat landscape and an exponentially increasing attack surface. Email represents the primary attack vector for cybercrime, and security teams are in search of efficient and cost-effective means to minimize the risk of these threats and the impact they have o...

0.1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2021/05/06 4:0 p.m.210 views

Business email compromise campaign targets wide range of orgs with gift card scam

Cybercriminals continue to target businesses to trick recipients into approving payments, transferring funds, or, in this case, purchasing gift cards. This kind of email attack is called business email compromise BEC—a damaging form of phishing designed to gain access to critical business...

Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2021/05/06 4:0 p.m.194 views

Business email compromise: How Microsoft is combating this costly threat

Amongst all cybercrime, phishing attacks continue to be the most prevalent today. With over 90 percent of attacks coming via email, it’s important that every organization has a plan to prevent these threats from reaching users. At Microsoft, we’re passionate about providing our customers with...

7.1AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2020/10/05 4:0 p.m.38 views

Why integrated phishing-attack training is reshaping cybersecurity—Microsoft Security

Phishing is still one of the most significant risk vectors facing enterprises today. Innovative email security technology like Microsoft Defender for Office 365 stops a majority of phishing attacks before they hit user inboxes, but no technology in the world can prevent 100 percent of phishing...

7AI score
Exploits0
Rows per page
Query Builder