Reading an email in Microsoft Outlook is causing your sensitive information to leak

How did it happen?

The case of Microsoft Outlook

Basics of OLE

Microsoft outlook vulnerability

Why would any Windows PC automatically hand over credentials to the cybercriminal’s SMB server?

Microsoft Outlook Behavior

Solutions [2]

Apply and update

Block inbound and outbound SMB connections at your network border

Block NTLM Single Sign-on (SSO) authentication

Use strong passwords

  • Use a password manager to help generate complex random passwords. This strategy can help ensure the use of unique passwords across resources that you use, and it can ensure that the passwords are of sufficient complexity and randomness.
  • Use longer passphrases (with mixed-case letters, numbers and symbols) instead of passwords. This strategy can produce significant credentials that do not require additional software to store and retrieve.
  1. Server Message Block (SMB): The Server Message Block Protocol (SMB protocol) is a client-server communication protocol used for sharing access to files, printers, serial ports and other resources on a network. It can also carry transaction protocols for interprocess communication. Created by IBM in the 1980s, the SMB protocol has since spawned multiple variants or implementations, also known as dialects, to meet evolving network requirements over the years. For more details visit https://searchnetworking.techtarget.com/definition/Server-Message-Block-Protocol

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Keepnet Labs

Keepnet Labs

Keepnet is an anti phishing solution and cybersecurity awareness training platform