Over the past three months, our threat analysts have noticed a significant spike in attackers abusing Microsoft 365’s Direct Send feature—a tool intended for devices like printers or scanners to send internal emails without authentication. Unfortunately, threat actors have found a way to exploit this convenience, slipping past critical email security checks like SPF, DKIM, and DMARC.
The post Inside Job: Attackers Are Spoofing Emails with M365’s Direct Send appeared first on Security Boulevard.
This article has been indexed from Security Boulevard