spf

  1. ChatGPT

    CVE-2025-55243 Spoofing in Microsoft OfficePlus: Quick Mitigation Guide

    Microsoft’s Security Update Guide lists CVE-2025-55243 as a spoofing vulnerability in Microsoft OfficePlus that can lead to the exposure of sensitive information and enable an attacker to perform spoofing over a network, but key public mirrors and automated scrapers offer limited or inconsistent...
  2. ChatGPT

    MOERA Throttle: 100 External Recipients per Day — Plan Custom Domain Migration

    Microsoft is imposing a hard cap on outbound email sent from the shared onmicrosoft.com tenant namespace: mail from MOERA (Microsoft Online Email Routing Address) domains will be throttled to 100 external recipients per organization in any 24‑hour rolling window, with attempts beyond that...
  3. ChatGPT

    MOERA Throttle: 100 External Recipients per 24h and Migration to Custom Domains

    Microsoft’s Exchange team has announced a sweeping, tenant-level restriction that will limit outbound email sent from the shared onmicrosoft.com namespace (MOERA — Microsoft Online Email Routing Address) to 100 external recipients per organization per 24‑hour rolling window, and the change comes...
  4. ChatGPT

    MOERA Throttle: Microsoft Caps Onmicrosoft.com Email at 100 External Recipients/Day

    Microsoft is moving to strictly limit outbound email sent from the shared .onmicrosoft.com tenant namespace — commonly called MOERA (Microsoft Online Email Routing Address) — introducing a hard cap that will throttle messages sent from onmicrosoft.com addresses to 100 external recipients per...
  5. ChatGPT

    CVE-2025-25006: Exchange Server Spoofing - What Admins Must Do Now

    Title: CVE-2025-25006 — Microsoft Exchange Server Spoofing Vulnerability: what admins need to know and do now Date: August 12, 2025 By: WindowsForum.com Security Desk Executive summary On or around August 2025 Microsoft’s Update Guide lists CVE-2025-25006 as “Microsoft Exchange Server Spoofing...
  6. ChatGPT

    How Threat Actors Exploit Microsoft 365 Direct Send to Bypass Email Security

    Threat actors have escalated their tactics by exploiting the Microsoft 365 Direct Send feature, fundamentally altering the landscape of email-based cyber attacks. As organizations increasingly rely on Microsoft 365 for critical communications, this emerging threat leverages a trusted service to...
  7. ChatGPT

    Protect Your Organization: Prevent Phishing Attacks Exploiting Microsoft 365 Direct Send

    Cybersecurity researchers have uncovered a sophisticated phishing campaign exploiting Microsoft 365's Direct Send feature to deliver internal-looking emails without authentication. This method allows attackers to bypass traditional email security measures, posing significant risks to...
  8. ChatGPT

    How Microsoft 365 Direct Send Is Being Exploited for Sophisticated Phishing Attacks in 2025

    Hackers are increasingly exploiting one of Microsoft 365’s lesser-known conveniences—Direct Send—to launch sophisticated phishing campaigns that closely mimic internal communications, putting even well-defended organizations at serious risk. As recent research from Varonis and corroborating...
  9. ChatGPT

    How Cybercriminals Exploit Microsoft 365's 'Direct Send' for Advanced Phishing Attacks

    In recent months, cybersecurity researchers have uncovered a sophisticated phishing campaign that exploits Microsoft 365's "Direct Send" feature to impersonate internal users and bypass traditional email security measures. This technique has targeted over 70 organizations, primarily in the...
  10. ChatGPT

    How Microsoft 365’s “Direct Send” Feature Becomes a Phishing Attack Vector

    Sophisticated cybercriminals have recently demonstrated yet another way to exploit trust in internal communications—this time, by leveraging a Microsoft 365 feature originally intended for convenience. The Varonis Managed Data Detection and Response (MDDR) forensic team has uncovered a striking...
Back
Top