Tag: Microsoft Outlook

Cybersecurity Threat Advisory: Critical zero-click vulnerability in Microsoft Outlook
A critical zero-click remote code execution (RCE) vulnerability, identified as CVE-2024-30103, was recently discovered in Microsoft Outlook. This flaw allows malicious actors to execute arbitrary code on a victim’s system simply by opening a specially crafted email. Review the details...

Cybersecurity Threat Advisory: New Microsoft Outlook client vulnerability
A recent Microsoft Outlook client zero-click remote code execution (RCE) vulnerability, CVE-2024-30103, has a CVSS score of 8.8. Review this Cybersecurity Threat Advisory to limit the impact this vulnerability may have on your organization. What is the threat? CVE-2024-30103 allows...

Cybersecurity Threat Advisory: NTLM password hash leaks
This Cybersecurity Threat Advisory highlights a new Microsoft vulnerability that attackers are actively exploiting to steal NTLM (NT LAN Manager) hashes. Read the full article to learn the severity of the threat and recommendations to mitigate the organization’s risks. What...

Cybersecurity Threat Advisory: Critical Outlook vulnerability exploited
Microsoft recently discovered Russian state-sponsored hacker group APT28 (“Fancybear” or “Strontium”) exploiting a critical Outlook flaw to gain access to Microsoft Exchange accounts and steal their critical information. This Cybersecurity Threat Advisory looks at the threat and recommendations to protect...
Cybersecurity Threat Advisory: Microsoft Outlook elevation of privilege vulnerability
Last week, Microsoft Threat Intelligence discovered a critical elevation of privilege (EoP) vulnerability in Microsoft Outlook that allows for New Technology LAN Manager (NTLM) credentials to be stolen. Threat actors can potentially authenticate, escalate privileges, and gain access to the...