Security News > 2024 > November > Microsoft 365 Admin portal abused to send sextortion emails

Microsoft 365 Admin portal abused to send sextortion emails

2024-11-18 12:08

The Microsoft 365 Admin Portal is being abused to send sextortion emails, making the emails appear trustworthy and bypassing email security platforms. [...]

News URL

https://www.bleepingcomputer.com/news/security/microsoft-365-admin-portal-abused-to-send-sextortion-emails/

#365 #email #microsoft

Related news

Microsoft Warns of ClickFix Phishing Campaign Targeting Hospitality Sector via Fake Booking[.]com Emails (source)
Malicious Adobe, DocuSign OAuth apps target Microsoft 365 accounts (source)
Microsoft: Exchange Online bug mistakenly quarantines user emails (source)
Hidden Threats: How Microsoft 365 Backups Store Risks for Future Attacks (source)
Microsoft Warns of Tax-Themed Email Attacks Using PDFs and QR Codes to Deliver Malware (source)
Microsoft: Licensing issue blocks Microsoft 365 Family for some users (source)
Tycoon2FA phishing kit targets Microsoft 365 with new tricks (source)
ActiveX blocked by default in Microsoft 365 because remote code execution is bad, OK? (source)
Microsoft blocks ActiveX by default in Microsoft 365, Office 2024 (source)
Attackers phish OAuth codes, take over Microsoft 365 accounts (source)

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Microsoft		383	52	1433	2957	180	4622

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.