email filtering

Cybercriminals have developed a sophisticated method to compromise Microsoft 365 accounts by exploiting link-wrapping services, notably those provided by Proofpoint and Intermedia. This technique involves manipulating the very tools designed to protect users, thereby increasing the effectiveness...

A wave of highly sophisticated phishing attacks has put Microsoft 365 users—and the very foundations of modern email security—at risk, exposing a perilous paradox: the same technologies designed to protect cloud productivity platforms are now being systematically exploited to facilitate...

Cybercriminals are once again redefining the threat landscape, this time by exploiting trusted email security mechanisms to compromise Microsoft 365 accounts. In a sophisticated new campaign, threat actors have weaponized link-wrapping services—previously considered pillars of safe email...

In the ever-evolving landscape of cybersecurity, email remains a primary vector for attacks such as phishing, malware, and business email compromise (BEC). To bolster defenses, organizations often deploy a combination of native security solutions and third-party tools. Microsoft Defender for...

Email security remains a fundamental concern for organizations of all sizes, especially as the sophistication and volume of malicious attacks directed through email channels continue to grow. Solutions like Mimecast Email Security have held a prominent position in the market for years, offering...

For years, organizations have wrestled with the challenge of understanding and optimizing their email security posture within enterprise environments. Email remains a top vector for both opportunistic and targeted attacks—phishing, business email compromise, and malware routinely slip through...

Phishing attacks have evolved far beyond suspicious links in emails or obvious malware-laden attachments; today’s cybercriminals are engineering schemes that bypass even the most robust inbox filters, preying on the everyday habits and default settings trusted by countless Microsoft 365 and...

In the modern workplace, email remains an indispensable tool for communication, collaboration, and keeping up with the ever-increasing pace of business. However, for many users, managing the relentless flood of messages in their Outlook inboxes can be a daily struggle, riddled with distractions...

Microsoft is once again raising the bar in enterprise email security with the rollout of Mail Bombing Detection in Microsoft Defender for Office 365, a move set to strengthen defenses against one of the most disruptive cyberattack trends affecting organizations worldwide—email bombing. As attack...

Email bombing, a cyberattack technique that inundates a target's inbox with a deluge of emails, has long been a tool for malicious actors aiming to disrupt communication channels and mask more insidious activities. Recognizing the escalating threat posed by such attacks, Microsoft has introduced...

Email bombing, a form of cyberattack where attackers flood a target's inbox with a massive volume of emails, has become an increasingly prevalent threat. This tactic aims to overwhelm users, making it challenging to access legitimate communications and potentially disrupting organizational...

As email-based threats continue to evolve in both scope and sophistication, organizations leveraging Microsoft’s business productivity suite face a relentless challenge: how to protect their workforce—and their most sensitive data—from increasingly novel attack tactics. One such cybercrime...

Phishing attacks continue to challenge organizations worldwide, evolving in sophistication and leveraging the very tools designed to enhance digital communication. An alarming new campaign has emerged wherein cybercriminals exploit Microsoft 365’s Direct Send feature—traditionally trusted for...

Sophisticated cybercriminals have recently demonstrated yet another way to exploit trust in internal communications—this time, by leveraging a Microsoft 365 feature originally intended for convenience. The Varonis Managed Data Detection and Response (MDDR) forensic team has uncovered a striking...

Microsoft 365 has long positioned itself as a secure, enterprise-grade communication and productivity suite, trusted by thousands of organizations worldwide. Yet, as threat actors grow in sophistication, even the most well-intentioned features can be cleverly subverted to bypass traditional...

A sophisticated phishing campaign has been exploiting Microsoft 365's Direct Send feature, targeting over 70 organizations across various sectors in the United States since May 2025. This attack underscores the evolving tactics of cybercriminals and highlights the need for organizations to...

Microsoft 365 tenants across the United States have recently become the focal point of a sophisticated, widespread phishing campaign that leverages a rarely-discussed but highly impactful vulnerability in Exchange Online’s Direct Send feature. Security researchers have confirmed that, since May...

Microsoft has unveiled a new security feature within its Defender for Office 365 suite aimed at mitigating the rising threat of email bombing attacks. This feature, termed "Mail Bombing Detection," is designed to automatically identify and quarantine high-volume email flooding campaigns that...

Opening the Outlook inbox and seeing an ever-growing, four-digit email count is an experience familiar to many office workers, students, and anyone whose daily routine involves modern communication. While unread email badges and persistent notifications can cause anxiety, even read...

In early 2025, a critical security vulnerability identified as CVE-2025-47176 was discovered in Microsoft Outlook, posing significant risks to users worldwide. This flaw allows authorized attackers to execute arbitrary code on a victim's system by exploiting a specific path traversal sequence...