Email security, Phishing

Microsoft corporate email spoofing possible with new bug

Microsoft Outlook icon.

Threat actors could exploit a vulnerability to spoof Microsoft corporate email accounts in phishing attacks against Outlook accounts, which are used by 400 million users around the world, TechCrunch reports.

Such a flaw was publicized by security researcher Vsevolod Kokorin, also known as Slonser, in a post on X, formerly Twitter, after his disclosure was dismissed by Microsoft even after he sent a video along with the proof-of-concept exploit for the security issue. "Microsoft just said they couldn't reproduce it without providing any details. Microsoft might have noticed my tweet because a few hours ago they reopen [sic] one of my reports that I had submitted several months ago," said Kokorin. Such a development comes after Microsoft President Brad Smith emphasized the company's commitment to prioritize cybersecurity following the compromise of federal government emails and corporate email accounts by Chinese and Russian state-sponsored threat actors, respectively, due to security failings.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds