{"id":164675,"date":"2024-06-20T08:19:41","date_gmt":"2024-06-20T08:19:41","guid":{"rendered":"https:\/\/securityaffairs.com\/?p=164675"},"modified":"2024-06-20T08:19:43","modified_gmt":"2024-06-20T08:19:43","slug":"expert-warns-of-a-spoofing-bug","status":"publish","type":"post","link":"https:\/\/securityaffairs.com\/164675\/hacking\/expert-warns-of-a-spoofing-bug.html","title":{"rendered":"An unpatched bug allows anyone to impersonate Microsoft corporate email accounts<\/gwmw>"},"content":{"rendered":"
<\/div>\n
A researcher discovered a flaw that allows attackers to impersonate Microsoft corporate email accounts and launch phishing attacks. <\/h2>\n\n\n\n
The security researcher Vsevolod Kokorin (@Slonser) discovered a bug that allows anyone to impersonate Microsoft corporate email accounts. An attacker can trigger the vulnerability to launch phishing attacks.\u00a0<\/p>\n\n\n\n
\n
I want to share my recent case: > I found a vulnerability that allows sending a message from any user@domain > We cannot reproduce it > I send a video with the exploitation, a full PoC > We cannot reproduce it At this point, I decided to stop the communication with Microsoft. pic.twitter.com\/mJDoHTn9Xv<\/a><\/p>— slonser (@slonser_) June 14, 2024<\/a><\/blockquote>