A stealthy data theft technique in Microsoft 365 that abuses Outlook add-ins to exfiltrate email content without leaving meaningful forensic traces. The technique, dubbed “Exfil Out&Look,” takes advantage of how Outlook Web Access (OWA) handles add-ins and audit logging, creating a blind spot that traditional Microsoft 365 monitoring cannot see. Outlook add-ins are small web-based […] The post Attackers Weaponize Microsoft 365 Outlook Add-ins to Quietly Exfiltrate Email Data appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/attackers-weaponize-microsoft-365-outlook/
