Microsoft 365
Microsoft to disable Excel workbook links to blocked file types
Microsoft has announced that it will start disabling external workbook links to blocked file types by default between October 2025 and July 2026. After the rollout, Excel workbooks referencing blocked file types will display a #BLOCKED error or fail to refresh, eliminating security risks associated with accessing unsupported or high-risk file types, including, but not […]
Microsoft investigates outage affecting Microsoft 365 admin center
Microsoft is investigating an ongoing outage blocking Microsoft 365 administrators with business or enterprise subscriptions from accessing the admin center. While the company has yet to disclose which regions are currently affected by this ongoing service degradation issue, it’s currently tracking it on its official service health status page to provide impacted organizations with access […]
UK ties GRU to stealthy Microsoft 365 credential-stealing malware
The UK National Cyber Security Centre (NCSC) has formally attributed ‘Authentic Antics’ espionage malware attacks to APT28 (Fancy Bear), a threat actor already linked to Russia’s military intelligence service (GRU). The NCSC revealed in a detailed technical analysis of the Authentic Antics malware dated May 6th that it is stealing credentials and OAuth 2.0 tokens that […]
Microsoft investigates ongoing SharePoint Online access issues
Microsoft is investigating an ongoing incident causing intermittent issues for users attempting to access SharePoint Online sites. Part of the Microsoft 365 suite, SharePoint Online is a cloud-based collaboration and document management platform that allows users to create websites, store and share documents, and collaborate on content over the Internet. As the company announced earlier […]
Microsoft: DNS issue blocks delivery of Exchange Online OTP codes
Microsoft is working to fix a DNS misconfiguration that is causing one-time passcode (OTP) message delivery failures in Exchange Online for some users. Recipients may receive a single-use access code via a separate email to open an encrypted message in Gmail, Yahoo, or other email clients without a Microsoft 365 subscription. This OTP message allows them to view […]
Microsoft Defender for Office 365 now blocks email bombing attacks
Microsoft says its Defender for Office 365 cloud-based email security suite will now automatically detect and block email bombing attacks. Defender for Office 365 (formerly known as Office 365 Advanced Threat Protection or Office 365 ATP) protects organizations operating in high-risk industries and dealing with sophisticated threat actors from malicious threats from email messages, links, […]
Microsoft 365 ‘Direct Send’ abused to send phishing as internal users
An ongoing phishing campaign abuses a little‑known feature in Microsoft 365 called “Direct Send” to evade detection by email security and steal credentials. Direct Send is a Microsoft 365 feature that allows on‑premises devices, applications, or cloud services to send emails through a tenant’s smart host as if they originated from the organization’s domain. It’s […]
Microsoft fixes Outlook bug causing crashes when opening emails
Microsoft has fixed a known issue that will cause the classic Outlook email client to crash when opening emails or starting a new message. The bug impacts users across all Microsoft 365 Office channels who updated Outlook for Microsoft 365 earlier this month. “When you open or start a new email, classic Outlook crashes. This […]
Microsoft 365 to block file access via legacy auth protocols by default
Microsoft has announced that it will start updating security defaults for all Microsoft 365 tenants in July to block access to SharePoint, OneDrive, and Office files via legacy authentication protocols. These changes will also address application access permissions that can expose organizations to unnecessary security risks. The rollout is set to begin in mid-July 2025, […]
Microsoft shares temp fix for Outlook crashes when opening emails
Microsoft has shared a workaround for a known issue that causes the classic Outlook email client to crash when opening or starting a new message. These problems affect users in the Monthly Enterprise Channel who updated Outlook for Microsoft 365 earlier this month, starting with Version 2504 (Build 18730.20122). “When you open or start a […]