US EditionMicrosoft 365 'Direct Send' Abused to Send Phishing as Internal Users
11 Articles
11 Articles
The advance of electronic fraud is of concern to both IT security specialists and provincial authorities. In particular, cases of phishing are growing, one of the most widely used deception techniques used by cybercriminals that pretends to be a reliable entity for obtaining personal or banking data from users. These frauds usually arrive by email and appeal to urgency or fear for the victim to act without verifying the authenticity of the messa…
What Small Businesses Need to Know About Microsoft 365 Security
Fact: For small and medium-sized businesses, Microsoft 365 offers a net-positive equation: Familiar functions plus bundled, cost-effective apps equal improved ROI. Fiction: The solution is fully secure “out of the box.” While Microsoft 365 includes built-in security features, SMBs must take extra steps to ensure they’re completely protected. Here’s what IT leaders need to know: Click the banner below to keep reading stories from our new publica…
Exploitation of Microsoft 365 Direct Send to Deliver Phishing Emails as Internal Users
A sophisticated phishing campaign targeting over 70 organizations, predominantly in the US, has been uncovered by Varonis’ Managed Data Detection and Response (MDDR) Forensics team. This campaign, active since May 2025, exploits a lesser-known feature of Microsoft 365 called Direct Send, which allows devices and applications within a tenant to send emails without authentication. Designed […] The post Exploitation of Microsoft 365 Direct Send to …
[Digital Daily Reporter Oh Byeong-hun] The three telecommunications companies (SK Telecom, KT, and LG Uplus) are putting their efforts into preparing countermeasures against phishing crimes that are evolving day by day. In a situation where phishing crimes using AI are increasing, they are accelerating the development and commercialization of related technologies. The government is also keeping a close eye on phishing crimes, which it defines as…
Printers and scanners are increasingly becoming tools for hackers to conduct phishing attacks thanks to a vulnerability in the Microsoft 365 Direct Send feature. FabrikaSimf – shutterstock.com The Varonis forensics team has discovered a vulnerability that allows internal devices such as printers to send emails without authentication. According to the report, the flaw has already been exploited to attack more than 70 organizations, primarily in t…
Coverage Details
Bias Distribution
- 100% of the sources are Center
To view factuality data please Upgrade to Premium
