A new report from the Acronis Threat Research Unit has uncovered a vulnerability in Microsoft Exchange Online settings that could enable email spoofing attacks.
This issue primarily affects users with a hybrid configuration of on-premises Exchange and Exchange Online, and those utilizing third-party email security solutions. In July 2023, Microsoft introduced a major change in how it handles DMARC (Domain-based Message Authentication, Reporting, and Conformance) within Microsoft Exchange. This update was intended to bolster security by enhancing how email servers verify incoming emails’ legitimacy. Unfortunately, despite clear guidance from Microsoft, a considerable number of users have yet to implement these security measures.
Read more…
Source: TechRadar News
Related:
- Researchers promise demo of ‘God-mode’ pwnage of Intel mobos
September 26, 2017
Security researchers say they’ve found a way to exploit Intel’s accident-prone Management Engine, and will reveal the problem at Black Hat Europe in December. Positive Technologies researchers say the exploit “allows an attacker of the machine to run unsigned code in the Platform Controller Hub on any motherboard via Skylake+”. Intel Management Engine (ME), a microcontroller that ...
- macOS High Sierra Zero-Day Exploit Puts Users’ Stored Keychain Passwords at Risk
September 25, 2017
It would appear that Apple’s recently released macOS High Sierra 10.13 operating system comes with a zero-day exploit that could put your stored Keychain passwords at risk if your Mac gets hacked. Patrick Wardle, a security researcher that apparently worked for NSA, published information about the said zero-day security issue minutes after Apple released the macOS ...
- EternalBlue Exploit Used in Retefe Banking Trojan Campaign
September 22, 2017
Criminals behind the Retefe banking Trojan have added a new component to their malware that uses the NSA exploit EternalBlue. The update makes Retefe the latest malware family to adopt the SMBv1 attack against a patched Windows vulnerability, and could signal an emerging trend, said researchers at Proofpoint. Earlier this year, researchers at Flashpoint observed the TrickBot ...
- IoT botnet Linux.ProxyM turns its grubby claws to spam rather than DDoS
September 22, 2017
An IoT botnet is making a nuisance of itself online after becoming a conduit for spam distribution. Linux.ProxyM has the capability to engage in email spam campaigns with marked difference to other IoT botnets, such as Mirai, that infamously offered a potent platform for running distributed-denial-of-service attacks (DDoSing). Other IoT botnets have been used as proxies ...
- CCleaner Malware Infects Big Tech Companies With Second Backdoor
September 20, 2017
The group of unknown hackers who hijacked CCleaner’s download server to distribute a malicious version of the popular system optimization software targeted at least 20 major international technology companies with a second-stage payload. Earlier this week, when the CCleaner hack was reported, researchers assured users that there’s no second stage malware used in the massive attack and affected users ...
- Attackers Use Undocumented MS Office Feature to Leak System Profile Data
September 18, 2017
An undocumented Microsoft Office feature allows attackers to gather sensitive configuration details on targeted systems simply by tricking recipients to open a specially crafted Word document—no VBA macros, embedded Flash objects or PE files needed. The undocumented feature is being used by adversaries, according to Kaspersky Lab researchers, as part of a multistage attack that first ...