Outlook

Pierluigi Paganini December 14, 2023
Microsoft seized the US infrastructure of the Storm-1152 cybercrime group

Microsoft’s Digital Crimes Unit seized multiple domains used by cybercrime group Storm-1152 to sell fraudulent Outlook accounts. Microsoft’s Digital Crimes Unit seized multiple domains used by a cybercrime group, tracked as Storm-1152, to sell fraudulent accounts. Storm-1152 operates illicit websites and social media pages, selling fake Microsoft accounts and tools to bypass identity verification software […]

Pierluigi Paganini December 08, 2023
Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Russia-linked group APT28 exploited Microsoft Outlook zero-day to target European NATO members, including a NATO Rapid Deployable Corps. Palo Alto Networks’ Unit 42 reported that the Russia-linked APT28 (aka “Forest Blizzard”, “Fancybear” or “Strontium”) group exploited the CVE-2023-23397 vulnerability in attacks aimed at European NATO members. Over the past 20 months, the group targeted at […]

Pierluigi Paganini June 12, 2020
Gamaredon group uses a new Outlook tool to spread malware

Russia-linked Gamaredon APT use a new module for Microsoft Outlook that creates custom emails with malicious documents and sends them to a victim’s contacts. Reseaerchers from ESET reported that Russia-linked Gamaredon APT has a new tool in its arsenal, it is a module for Microsoft Outlook that creates custom emails with malicious documents and sends […]

Pierluigi Paganini September 30, 2019
Microsoft will add new file types to the list of blocked ones in Outlook on the Web

Microsoft announced last week it is going to expand the list of file extensions that are blocked in Outlook on the web. Microsoft announced that it will immediately block other file extensions for its Outlook web users, it will impossible for them to download this type of attachments. Microsoft pointed out that the newly blocked […]

Pierluigi Paganini June 21, 2019
Microsoft fixed CVE-2019-1105 flaw in Outlook for Android

Microsoft has addressed an important vulnerability (CVE-2019-1105) in Outlook for Android, potentially affected over 100 million users. Microsoft has addressed an important flaw tracked as CVE-2019-1105 that affects versions of Outlook for Android app before 3.0.88. The vulnerability is a stored cross-site scripting issue that is related to the way the app parses incoming email […]

Pierluigi Paganini January 20, 2015
Chinese Government runs a MITM attack against Microsoft Outlook

GreatFire revealed that the popular Microsoft Outlook emailing service was subjected to a man-in-the-middle (MITM) attack in China. This time the popular Outlook email service was allegedly hacked by Chinese authorities. The Outlook email service was not reachable in China over the weekend and according the to experts at the GreatFire organization, Chinese Government run a man-in-the-middle […]

Pierluigi Paganini May 21, 2014
Outlook Android App stores emails in plain text on mobile

Researchers at Include Security discovered that the Outlook.com Android App leaves user email messages unprotected by default on the mobile SD cards. A Microsoft Outlook client app for the Android platform lacks of encryption for the storage of email messages on the device’s SD cards. The unique protection mechanism implemented for the Outlook app is a […]

Pierluigi Paganini July 13, 2013
Microsoft provided encrypted messages key and Skype calls access to NSA

The guardian issued new top secret documents gathered by Edward Snowden demonstrating the intense collaboration between Microsoft and US government. Edward Snowden has issued new top secret documents demonstrating the intense collaboration between Microsoft and US government, in particular the whistleblower revealed the support received by the NSA that obtained by the company the access to […]