Security News

Microsoft is investigating a recently discovered issue that causes deleted emails to reappear in the mail inbox of Outlook.com accounts. The exact cause behind these Outlook.com undeletable emails but the company says that it's working on a fix to be deployed when a resolution is available.

Microsoft users are currently experiencing issues around the world, with users unable to access Windows Store, Xbox Live services, and Outlook. When attempting to access Microsoft Store, users are seeing loading screen, which suggests that the Store is unable to connect to the Microsoft servers.

New, sophisticated adversaries are switching up their tactics in exploiting enterprise-friendly platforms - most notably Microsoft Exchange, Outlook Web Access and Outlook on the Web - in order to steal business credentials and other sensitive data. APTs Flock Exchange, OWA. One advanced persistent threat group that has been targeting Exchange and OWA is what researchers dub "BELUGASTURGEON".

The highlight of this month's Microsoft Office security updates is without a doubt CVE-2020-16947, a remote code execution vulnerability that leads to remote code execution when previewing or opening maliciously crafted emails with a vulnerable Microsoft Outlook version. CVE-2020-16947 affects several Office products including Microsoft Outlook 2016 and Microsoft Office 2019, as well as Microsoft 365 Apps for Enterprise.

Microsoft 365 is currently experiencing an outage affecting users on both coasts of the United States and preventing them from accessing multiple Office 365 services. Starting at approximately 2:30 PM EST today, Office 365 users all over the United States began having difficulty accessing their Outlook mail and using Microsoft Teams, with active calls getting dropped.

An ongoing phishing attack puts pressure on enterprise employees to upgrade their Windows 7 systems - but in reality, they are redirected to a fake Outlook login page that steals their credentials. Windows 7 reached end-of-life on Jan. 14, with Microsoft urging enterprises to upgrade to its Windows 10 operating system.

Attackers are on the prowl for enterprise Microsoft Outlook credentials, with a new phishing campaign that leverages email-quarantine policies and uses an overlay screen tactic - on top of legitimate company webpages - to lure in victims. The initial email said, the company's email system "Failed to process new messages in the inbox folder," and "Two valid email messages have been held and quarantined for deletion." It asked the target to review the messages and recover their lost mail in the inbox folder - or they will be automatically deleted after three days.

Even though the blue text of the link itself looks like a URL, it isn't actually the URL that you will visit if you click it. Your email address is embedded in the link in the email that you click on, so the phishing page can fill in the email field as you would probably expect.

Microsoft's desktop email client Outlook has stopped working worldwide for countless users, whether they are using it with an on-premises Exchange server or with the Office 365 cloud. As a workaround, users can utilize Outlook on the web or their mobile clients.

The VBA macro leverages compromised victims' Microsoft Outlook email accounts to send spear-phishing emails to their contacts - rapidly widening the potential attack surface. Researchers say, while abusing a compromised mailbox to send malicious emails is not a new technique, this is the first publicly documented case of an attack group using both an Outlook macro and an OTM file to do so.