Phishing sensitive data from the Outlook Web Access Preview panel
As phishing tactics evolve, common advice like "don’t click suspicious links" and "verify the sender" may no longer be enough. This article explores a lesser-known phishing vector involving interactive PDF forms, which can extract sensitive data from users who never even leave the secure Office 365 environment. Discover how Chrome-based browsers handle these PDFs and why Microsoft has classified this issue as a low-severity vulnerability, leaving users potentially exposed until a fix is implemented.
File Extension Spoofing In Microsoft Sharepoint/OneDrive and Teams
A security vulnerability has been identified within the Office 365 environment, involving file extension spoofing through the use of the Right-to-Left Override (RTLO) character. Additionally, a flaw in the OneDrive protocol handler can enable spear phishers to use OneDrive as a Command and Control (C2) solution. If a user unknowingly executes a file with a spoofed extension, the malicious file can establish a connection to an attacker’s server, enabling unauthorized data exfiltration or further malicious activities.
Malicious File Delivery through Microsoft Teams – Understanding Custom Protocol Handler Threats and more in Electron Applications
As a new security researcher, submitting...