Microsoft Exchange Flaw Lets Attackers Spoof Any Email Address
“Ghost-Sender" is the result of a widespread misconfiguration, according to researchers, and evidence indicates it's being actively abused in the wild.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
“Ghost-Sender" is the result of a widespread misconfiguration, according to researchers, and evidence indicates it's being actively abused in the wild.
Also, YellowKey Gets CVE, 7-Eleven Breach, Linux Maintainers Warn on AI Bug SpamThis week, more incidents than we can list here. Among them: cloned Shai-Hulud malware, a new maximum CVSS Cisco flaw. Edge to stop loading passwords in plaintext. Tycoon 2FA offers a way around Microsoft multifactor. Convenience, taquitos and data breach: The 7-Eleven story. A MENA crackdown.
Negative feedback sinks Redmond's plan to cap outbound email recipients Microsoft has backed away from planned changes to Exchange Online after customers objected to limits designed to curb outbound email abuse.…
Microsoft is working to resolve a known issue that causes an anti-spam service to mistakenly block Exchange Online and Microsoft Teams users from opening URLs and quarantine some of their emails. [...]
Microsoft has resolved an issue with a machine learning model that mistakenly flagged emails from Gmail accounts as spam in Exchange Online. [...]
Microsoft says it mitigated a known issue in one of its machine learning (ML) models that mistakenly flagged Adobe emails in Exchange Online as spam. [...]
The legacy domain for Microsoft Stream was hijacked to show a fake Amazon site promoting a Thailand casino, causing all SharePoint sites with old embedded videos to display it as spam. [...]
Microsoft is investigating an Exchange Online bug causing anti-spam systems to mistakenly quarantine some users' emails. [...]
Cybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted Microsoft Office documents and ZIP archives as a way to bypass email defenses
The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack. [...]
The BlackBasta ransomware operation has moved its social engineering attacks to Microsoft Teams, posing as corporate help desks contacting employees to assist them with an ongoing spam attack. [...]
The trend toward remote working over the last several years has bred all kinds of tools intended to help us improve productivity and facilitate easier, faster digital communications with colleagues. So why does workplace productivity still feel impossible to achieve? Unfortunately, email—one of the most integral vehicles for business communication—is also one of the biggest drains on employee time and energy. According to data from Microsoft, employees spend as much as 8.8 hours each week checking and responding to email. And while many email communications are essential, one recent report found that nearly half of all emails are spam or other unwanted mail.
A clever disinformation campaign engages several Microsoft Azure and OVH cloud subdomains as well as Google search to promote malware and spam sites. [...]
AT&T's email servers are blocking connections from Microsoft 365 due to a "high volume" spam wave originating from Microsoft's service. [...]
Microsoft has announced plans to fight spam by imposing a daily Exchange Online bulk email limit of 2,000 external recipients starting January 2025. [...]
Microsoft has confirmed that some Outlook.com users are experiencing issues with emails being blocked and marked as spam when trying to email Gmail accounts. [...]
Mispadu Trojan Is Compromising Windows Security, Posing Threat to Banking SystemsThe novel variant of the banking Trojan Mispadu is targeting Latin American countries, especially Mexico, by exploiting a flaw in Windows SmartScreen. In this latest distribution method, the attackers send spam emails that deliver deceptive URL files that circumvent the SmartScreen banner warning.
Also: FBI Warning About Androxgh0st; eBay Pays a $3 Million Fine for CyberstalkingThis week, Microsoft expanded plans to store EU citizens' data locally, shipping-themed phishing spam is a threat, the British Library overcame a ransomware setback, the FBI warned of Androxgh0st malware, Remcos RAT targeted South Korea, and eBay was fined $3 million for a cyberstalking campaign.
Microsoft warns that financially-motivated threat actors are using OAuth applications to automate BEC and phishing attacks, push spam, and deploy VMs for cryptomining. [...]
A custom Flipper Zero firmware called 'Xtreme' has added a new feature to perform Bluetooth spam attacks on Android and Windows devices. [...]