Exploiting CVE-2024-21378 – Remote Code Execution in Microsoft Outlook
Learn how NetSPI discovered that Microsoft Outlook was vulnerable to authenticated remote code execution (RCE) via synced form objects.
The Risks of the #MonikerLink Bug in Microsoft Outlook and the Big Picture
Recently, Check Point Research released a white paper titled “The Obvious, the Normal, and the Advanced: A Comprehensive Analysis of Outlook Attack Vectors”, detailing various attack vectors on Outlook to help the industry understand the security risks the popular Outlook app may bring into organizations. As mentioned in the paper, we discovered an interesting security issue in Outlook when the app handles specific hyperlinks. In this blog post, we will share our research on the issue with the security community and help defend against it. We will also highlight the broader impact of this bug in other software.
Fighting Ursa Aka APT28: Illuminating a Covert Campaign
In three campaigns over the past 20 months, Russian APT Fighting Ursa has targeted over 30 organizations of likely strategic intelligence value using CVE-2023-23397.
Results of Major Technical Investigations for Storm-0558 Key Acquisition
Results of Major Technical Investigations for Storm-0558 Key Acquisition
Chinese Microsoft hackers also hit GOP Rep. Don Bacon of Nebraska
Rep. Don Bacon tweeted Monday that he had been notified by the FBI that his emails had been hacked.
Chinese hackers breached U.S. and European government email through Microsoft bug
A Chinese hacking group exploited a bug in Microsoft’s cloud email service to spy on two-dozen organizations, including some government agencies, the tech giant said late Tuesday.
Microsoft says early June disruptions to Outlook, cloud platform, were cyberattacks
Microsoft says the early June disruptions to its Microsoft’s flagship office suite — including the Outlook email apps — were denial-of-service attacks by a shadowy new hacktivist group. In a blog post published Friday evening after The Associated Press sought clarification on the sporadic but serious outages, Microsoft confirmed that that they were DDoS attacks by a group calling itself Anonymous Sudan, which some security researchers believe is Russia-affiliated. The software giant offered few details on the attack. It did not comment on how many customers were affected.
Guidance for investigating attacks using CVE-2023-23397
This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397.
Guidance for investigating attacks using CVE-2023-23397
This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397.
Everything We Know About CVE-2023-23397
Huntress is tracking CVE-2023-23397, a 0-day that impacts Microsoft Outlook and requires no user interaction to expose user credential hashes.
Everything We Know About CVE-2023-23397
Huntress is tracking CVE-2023-23397, a 0-day that impacts Microsoft Outlook and requires no user interaction to expose user credential hashes.