New Microsoft 365 Attack Bypasses Email Security Controls

Sometimes it can feel like Microsoft users are on the sharp end of the cybersecurity stick a little too often. Be that by way of multiple zero-day vulnerabilities actively exploiting Windows users, or Microsoft Account takeovers that bypass authentication protections. Microsoft 365 users, however, could certainly be excused for feeling hard done by in the attack stakes with hackers exploiting technical gaps to manipulate URLs, or basic authentication exploitation by spray and pray password campaigns. Now, Microsoft 365 users have been warned as a new and sophisticated attack bypasses traditional email security controls by embedding phishing lures within legitimate Microsoft communications. Here’s what you need to know.

View Full Article

Related Articles

• The Winter Cybersecurity Playbook: Stay Safe This Season
• The Cybersecurity And Resilience Bill Is Coming. Here's What It Means
• Start 2026 Strong with FREE Cyber Risk Visibility
• 2025 State of Operational Technology and Cybersecurity Report
• How much cyber security do I need in 2025?

Popular Articles

In 2024, the UK was targeted by cyber-attacks more than any other country in Europe, with ...

Read More >

The Cybersecurity And Resilience Bill Is Coming. Here's What It Means

What would it mean for your business to begin 2026 with greater visibility into cyber risk? With Ad...

Read More >

Start 2026 Strong with FREE Cyber Risk Visibility

The holiday season is a busy time of year for shopping and traveling—and it's also a busy time...

Read More >

The Winter Cybersecurity Playbook: Stay Safe This Season

Remote work is here to stay. No surprises there. But the biggest learning from 2025 is about the ga...

Read More >

What 2025 taught us about remote work and building distributed teams