Tuesday , January 7 2025

Hackers Manipulate Font Size to Bypass Office 365 Security

infosecbulletin Sunday , October 1 2023 Cyber Attack, Hot Topic, International, Vulnerabilities

ZeroFont Phishing is a new yet old technique for sending Phishing emails. It allows threat actors to bypass security mechanisms and successfully send phishing emails. Using this technique, attackers were able to evade Microsoft’s Natural Language Processing, which was serving as portion against phishing emails for Office users.

Office 365 – Natural Language Processing

India releases draft Digital Personal Data Protection Rules

By infosecbulletin / Monday , January 6 2025
On Friday, the Indian government released the draft Digital Personal Data Protection Rules, requiring social media and online platforms to...
Read More
India releases draft Digital Personal Data Protection Rules

Microsoft to invest $80 Billion in AI Data Center

By infosecbulletin / Monday , January 6 2025
Microsoft recently shared a vision for the future of American technology and economic competitiveness, highlighting Artificial Intelligence (AI) as central...
Read More
Microsoft to invest $80 Billion in AI Data Center

3.3 Million Email Server Expose User Passwords and Messages in Plain Text

By infosecbulletin / Saturday , January 4 2025
Around 3.3 million servers are running POP3/IMAP email services without encryption (TLS) enabled, the Shadowserver Foundation, a nonprofit security organization,...
Read More
3.3 Million Email Server Expose User Passwords and Messages in Plain Text

Memory-Dump-UEFI
Researcher dumping memory to bypass BitLocker on Windows 11

By infosecbulletin / Thursday , January 2 2025
Researchers have demonstrated a method to bypass Windows 11’s BitLocker encryption, enabling the extraction of Full Volume Encryption Keys (FVEKs)...
Read More
Memory-Dump-UEFI Researcher dumping memory to bypass BitLocker on Windows 11

CVE-2024-49112
PoC Exploit Released for Zero-Click vulnerability in Windows

By infosecbulletin / Thursday , January 2 2025
SafeBreach Labs revealed a zero-click vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service, dubbed “LDAP Nightmare”. This critical...
Read More
CVE-2024-49112 PoC Exploit Released for Zero-Click vulnerability in Windows

Financial Threat Assessment 2024
BCSI marks Bangladeshi 28 banks high, 10 medium for cyber attack

By infosecbulletin / Tuesday , December 31 2024
Bangladesh Cyber Security Intelligence (BCSI) has published Financial Threat Assessment report for 2024. In an era where financial institutions and...
Read More
Financial Threat Assessment 2024 BCSI marks Bangladeshi 28 banks high, 10 medium for cyber attack

Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster

By infosecbulletin / Tuesday , December 31 2024
Cybersecurity researchers have uncovered three security weaknesses in Microsoft's Azure Data Factory Apache Airflow integration that, if successfully exploited, could...
Read More
Misconfigured Kubernetes RBAC in Azure Airflow Could Expose Entire Cluster

US Treasury says it was hacked by China via third party: Beijing denies

By infosecbulletin / Tuesday , December 31 2024
The US Treasury Department said on Monday that Chinese-linked hackers were able to gain access to ‘unclassified documents’ after compromising...
Read More
US Treasury says it was hacked by China via third party: Beijing denies

PoC Exploited Released for Oracle Weblogic Server Vul

By infosecbulletin / Monday , December 30 2024
Security researchers have warned that a Proof-of-Concept (PoC) exploit has been publicly released for a critical vulnerability affecting Oracle WebLogic...
Read More
PoC Exploited Released for Oracle Weblogic Server Vul

Microsoft warn dev urgently to update .NET installer link

By infosecbulletin / Monday , December 30 2024
Microsoft is forcing .NET developers to quickly update their apps and developer pipelines so they do not use 'azureedge.net' domains...
Read More
Microsoft warn dev urgently to update .NET installer link

Microsoft is focused on securing its customers in all areas, especially phishing attacks. Phishing attacks, also known as Business Email Compromise, are commonly used by threat actors to infiltrate organizations.

Microsoft prevents phishing emails by using Natural Language Processing. This technology scans the contents of an email to detect signs of impersonation or fraud. If an email contains text such as “© 2018 Microsoft Corporation. All rights reserved” and is not from Microsoft.com, Microsoft flags it as fraudulent.

Threat actors used the ZeroFont Phishing attack to bypass email content authentication. The technique was used to understand different types of information, like banking details, user accounts, password resets, and financial requests.

ZeroFont Phishing

The attacker sends a fake email pretending to be from Office 365, warning the victim about a quota limit. The email looks like it’s from an administrative service. The phishing email uses the ZeroFont attack to bypass security measures.

ZeroFont Phishing attack (Source: AVANAN)

 

Threat actors inserted random text inside the email, which had <span style=”FONT-SIZE: 0px”> for a zero font size, and broke up the text strings to bypass Microsoft’s natural language processing.

Source: Avanan

To read the full report published by Avana click here.

Also read:

An attack every 39 seconds, approximately 2,200 attacks per day: Cyber awareness month starts

Check Also

Zero-Click vulnerability

CVE-2024-49112
PoC Exploit Released for Zero-Click vulnerability in Windows

SafeBreach Labs revealed a zero-click vulnerability in the Windows Lightweight Directory Access Protocol (LDAP) service, …

Leave a Reply

Your email address will not be published. Required fields are marked *

Mail: [email protected]
© Copyright 2025, All Rights Reserved InfoSecBulletin