Researchers discovered a new type of advance phishing attack that taking advantages of office 365 vulnerability to bypass all the Microsoft security even though users implemented the Advanced Threat Protection (ATP).
Z-WASP vulnerability , a type of Security bypass method which is used by most of the cybercriminals around the world to embedded the obfuscate links within the phishing emails.
It helps attackers to evade the phishing URL from Office 365 Security and Office 365 ATP, also it has the ability to bypass an Office 365’s URL reputation check and Safe Links URL protection.
Even though Z-WASP vulnerability effect is very simple structure, impact of its attack is highly destructive
Z-WASP is a method of hiding special characters in empty space which means that render to spaces of zero-width
Two similar exploits uncovered last year include the baseStriker and ZeroFont attacks
https://gbhackers.com/phishing-attack-office-365-vulnerability/
No comments:
Post a Comment