The Latest in IT Security

Microsoft 365 exploit could give attackers access to all your emails

07
Feb
2022
Microsoft 365 exploit could give attackers access to all your emails

image credit: vecteezy

Researchers have uncovered a new way to abuse a workflow automation feature in Microsoft 365 to exfiltrate data.

Eric Saraga from cybersecurity firm Varonis discovered how Power Automate, a feature found in Microsoft 365 for Outlook, SharePoint, and OneDrive, can be abused to automatically share or send files, or forward emails, to unauthorized third parties. Not in the fashion of ransomware, but devastating nonetheless.

The premise is simple: Power Automate, a feature that is enabled by default with Microsoft 365 applications, allows users to create their own “flows” – automated cross-app behaviors. To set these behaviors up, the user must first create a connection between two apps, allowing data to flow between the two.

Read More

Comments are closed.

Categories

TUESDAY, DECEMBER 06, 2022
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments