Thursday, January 23, 2025
Follow us On Linkedin
HomeCyber Security NewsMicrosoft 365 Vulnerability Let Hackers Bypass Anti-phishing Feature

Microsoft 365 Vulnerability Let Hackers Bypass Anti-phishing Feature

Cyber Security NewsEmail SecurityPhishing

Published on

By Aman Mishra
Microsoft 365 Vulnerability Let Hackers Bypass Anti-phishing Feature

Free Webinar DevSecOps Hacks

SIEM as a Service

Follow Us on Google News

A vulnerability in Microsoft 365 (formerly Office 365) has been found that allows malicious actors to bypass anti-phishing measures.

One of the anti-phishing features available in Exchange Online Protection (EOP) and Microsoft Defender to Office 365 enterprises is the ‘First Contact Safety Tip.’

In the first contact safety tip, users are cautioned when they get an email from a sender that they don’t typically communicate with.

Since the First Contact Safety Tip is appended to the HTML email body, you can use Cascading Style Sheet (CSS) style tags to change how the tip is displayed.

Are you from SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Free Access

As a result, experts have developed an approach in this scenario that “hides” the First Contact Safety Tip from the user.

Keeping The Safety Tip Hidden

when users receive an email from a sender with whom they don’t normally interact. Outlook displays an alert stating, “You don’t often get emails from xyz@example.com.”

Researchers demonstrate an HTML email that “hides” the user’s access to the First Contact Safety Tip. 

Even though the inline CSS in the elements or the rendering engine Outlook uses don’t seem to support applying some more common CSS rules like display: none, height: 0px, and opacity: 0 to the table itself, it is still possible to change the background and font colors to white to make the alert practically invisible.

“It is possible to change the background and font colors to white so that the alert is effectively invisible when rendered to the end user viewing the email”, Certitude researchers shared with Cyber Security News.

Hiding the Safety Tip

The alert will no longer appear in the email body when this HTML code is used in an email!

The alert is hidden in the Email body 

Beyond that, experts spoof the icons that Microsoft Outlook includes to encrypt and/or sign emails.

After receiving reports about these issues, Microsoft decided not to fix this behavior.

Microsoft MSRC stated, “We determined your finding is valid but does not meet our bar for immediate servicing, considering this is mainly applicable to phishing attacks.

However, we have still marked your finding for future review as an opportunity to improve our products”.

How to Build a Security Framework With Limited Resources IT Security Team (PDF) - Free Guide

Aman Mishra
Aman Mishra
Aman Mishra is a Security and privacy Reporter covering various data breach, cyber crime, malware, & vulnerability.

Latest articles

ChatGPT

GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits

Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also...
Cyber Security News

Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection

The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers...
Cyber Security News

Nnice Ransomware Attacking Windows Systems With Advanced Encryption Techniques

CYFIRMA's Research and Advisory team has identified a new strain of ransomware labeled "Nnice,"...
cyber security

Microsoft Unveils New Identity Secure Score Recommendations in General Availability

Microsoft has announced the general availability of 11 new Identity Secure Score recommendations in...

API Security Webinar

Free Webinar - DevSecOps Hacks

By embedding security into your CI/CD workflows, you can shift left, streamline your DevSecOps processes, and release secure applications faster—all while saving time and resources.

In this webinar, join Phani Deepak Akella ( VP of Marketing ) and Karthik Krishnamoorthy (CTO), Indusface as they explores best practices for integrating application security into your CI/CD workflows using tools like Jenkins and Jira.

Discussion points

Automate security scans as part of the CI/CD pipeline.
Get real-time, actionable insights into vulnerabilities.
Prioritize and track fixes directly in Jira, enhancing collaboration.
Reduce risks and costs by addressing vulnerabilities pre-production.

Register Now

More like this

ChatGPT

GhostGPT – Jailbreaked ChatGPT that Creates Malware & Exploits

Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also...
Cyber Security News

Tycoon 2FA Phishing Kit Using Specially Crafted Code to Evade Detection

The rapid evolution of Phishing-as-a-Service (PhaaS) platforms is reshaping the threat landscape, enabling attackers...
Cyber Security News

Nnice Ransomware Attacking Windows Systems With Advanced Encryption Techniques

CYFIRMA's Research and Advisory team has identified a new strain of ransomware labeled "Nnice,"...

GBHackers on Security is a top cybersecurity news platform, delivering up-to-date coverage on breaches, emerging threats, malware, vulnerabilities, and global cyber incidents.

Company

Trending

Categories

Copyright @ 2016 - 2024 GBHackers On Security - All Rights Reserved