![]() ![]() Safe Links checks the base domain, ignoring the rest, thereby allowing the user to move on to the phishing site. The new baseStriker program splits the malicious URL so that Microsoft’s product, Safe Links, cannot detect that it points to a malicious URL. Malicious messages can now bypass the filters included in Microsoft products using the tag. ![]() The new technique has been dubbed “baseStriker” and it’s aimed at those using Microsoft Outlook. It was working well for all MS products until hackers discovered this workaround. This feature was designed to catch and stop a malicious link. Office 365’s Advanced Threat Protection provides a feature called “Safe Links” that compares a link found in an email against those on a blacklist. Older email clients will ignore the tag, but web-based email clients, recent desktop clients and most mobile apps will now handle the tag and recombine the URL into a clickable link.” How Microsoft Safe Links work Support for relative URLs in email is a recent development and the behavior is client dependent. “At one time, email clients did not support the tag, so every link needed to be an absolute URL. Avanan says that cybercriminals are now using a tag in the HTML header employed with a URL to by-pass security and infect a computer with malware. This was first revealed by Avanan, a company that deals in internet security. ![]() Hackers have discovered an innovative method of getting those malicious URLs in their emails past Office 365’s security protocols. Hackers Discover New Way to Bypass Microsoft’s Office 365 Security Protocols ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
December 2022
Categories |