9 matches found
CalPhishing Scam Uses EvilTokens Kit, Outlook Invites to Steal M365 Sessions
Hackers are exploiting Outlook calendar invites and device code phishing to steal M365 session tokens, bypass MFA and breach enterprise accounts...
Fake calendar invites are spreading. Here’s how to remove them and prevent more
We’re seeing a surge in phishing calendar invites that users can’t delete, or that keep coming back because they sync across devices. The good news is you can remove them and block future spam by changing a few settings. Most of these unwanted calendar entries are there for phishing purposes. Mos...
EUVD-2017-18909
Malware in sbrugna...
PT-2024-18197 · Microsoft · Outlook
Name of the Vulnerable Software and Affected Versions: Microsoft Outlook affected versions not specified Description: A critical issue in the calendar feature of Microsoft Outlook exposes Windows login credentials to remote theft. To protect against this, enabling multi-factor authentication is...
PT-2023-7682
Name of the Vulnerable Software and Affected Versions Microsoft Outlook affected versions not specified Description The issue is related to the calendar sharing function in Microsoft Outlook, which can be exploited to access NT LAN Manager NTLM v2 hashed passwords. Attackers can steal NTLM passwo...
July 7, 2020, update for Office 2016 (KB4484174)
None None...
Description of the security update for Office 2016: February 12, 2019
None None...
CVE-2017-16962
The WebMail components Crystal, pronto, and pronto4 in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via 1 the location or details field of a Google Calendar invitation, 2 a crafted Outlook.com calendar aka Hotmail Calendar invitation, 3 e-mail granting access to a directory that h...
Outlook Calendar Transfer Full - Base64 encoded String, Exported components, External URLs vulnerabilities
HackApp vulnerability scanner discovered that application Outlook Calendar Transfer Full published at the 'play' market has multiple vulnerabilities...