TechBizWebTechBizWeb

    Subscribe to Updates

    Get the latest news about Technology and Business from all around the web..

    What's Hot

    I’ve been getting tons of “wrong number” spam texts, and I don’t hate it?

    July 3, 2022

    DeSantis benefits from ‘Trump fatigue’ ahead of possible 2024 face-off

    July 3, 2022

    Germany and Ireland attack Boris Johnson over Northern Ireland rules

    July 3, 2022
    Facebook Twitter Instagram
    • About Us
    • Privacy Policy
    • Guest Post
    • Terms
    • Contact
    Facebook Twitter Instagram
    TechBizWebTechBizWeb
    Subscribe
    • Home
    • Technology

      I’ve been getting tons of “wrong number” spam texts, and I don’t hate it?

      July 3, 2022

      Tesla’s run of record quarterly deliveries comes to an end thanks to China’s COVID shutdowns

      July 2, 2022

      Virgin Orbit successfully launches satellites during first night mission

      July 2, 2022

      Meta’s shutting down its digital wallet, Novi

      July 2, 2022

      TCL 30 XE 5G review: not bad for $200

      July 2, 2022
    • Business
    • Cyber Security

      Tips to bolster cybersecurity, incident response this 4th of July weekend

      July 1, 2022

      Jon Raper named CISO at Costco

      July 1, 2022

      2022 RSAC takeaways: Risk management vs compliance

      July 1, 2022

      3 security lessons we haven’t learned from the Kaseya breach

      July 1, 2022

      Auston Davis named CISO at Versant Health

      June 30, 2022
    • Blockchain
    • Vulnerabilities
    • Social Engineering
    • Malware
    • Cyber Security Alerts
    TechBizWebTechBizWeb
    Home»Cyber Security»Phishers Use Zero-Width Spaces to Bypass Office 365 Protections
    Cyber Security

    Phishers Use Zero-Width Spaces to Bypass Office 365 Protections

    January 11, 2019Updated:January 14, 2019No Comments3 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr WhatsApp
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Have you been attacked? Digitpol the global investigation firm can help you, visit Digitpol’s website to learn more.


    A recently addressed vulnerability in Office 365 allowed attackers to bypass existing phishing protections and deliver malicious messages to victims’ inboxes. 

    The issue, cloud security firm Avanan says, resided in the use of zero-width spaces (ZWSPs) in the middle of malicious URLs within the RAW HTML of the emails. This method breaks the URLs, thus preventing Microsoft’s systems from recognizing them and also preventing Safe Links from successfully protecting users.

    What’s more, these zero-width spaces don’t render, meaning that the recipient would not notice the random special characters in the URL. The first wave of emails abusing this vulnerability was observed on November 10, and Microsoft addressed the issue on January 9, Avanan’s security researchers say. 

    The vulnerability apparently rendered all Office 365 users vulnerable to phishing attacks, even those who were using Microsoft’s Office 365 Advanced Threat Protection. Both URL reputation check and Safe Links protections are bypassed in the attack. 

    “The vulnerability was discovered when we noticed a large number of hackers using zero-width spaces (ZWSPs) to obfuscate links in phishing emails to Office 365, hiding the phishing URL from Office 365 Security and Office 365 ATP,” the security researchers say.

    ZWSPs, Avanan explains, are characters that render to spaces of zero-width, and can be looked at as “empty space” characters. There are 5 ZWSP entities, namely ​ (Zero-Width Space), ‌ (Zero-Width Non-Joiner), ‍ (Zero-Width Joiner),  (Zero-Width No-Break Space), and 0 (Full-Width Digit Zero).

    Although in their raw HTML form the ZWSPs appear like “a mishmash of numbers and special characters randomly inserted between the letters a word or a URL,” they are invisible when rendered in the browser, thus making the URL to appear as standard. 

    ZWSPs, the researchers explain, are part of formatting the Internet every day, being used for fingerprinting articles and documents, formatting foreign languages, and breaking long words at the end of a line and continuing them on the next line. 

    As part of the observed phishing attacks, “the Zero-Width Non-Joiner (‌) is added to the middle of a malicious URL within the RAW HTML of an email,” Avanan notes. Thus, the email processing system would not recognize the URL as legitimate and would fail to apply protections. 

    As soon as the victim clicks on the link in the email, however, they are taken to a credential harvesting phishing site mimicking that of Chase Bank.

    The new attack, which Avanan refers to as Z-WASP, is an evolution of previously observed attempts to bypass Office 365 security either by splitting the URL into base and href tags (baseStriker) or by adding characters with font-size 0 (the ZeroFont attack).

    Related: Office 365, Outlook Credentials Most Targeted by Phishing Kits

    Related: Phishers Use ‘ZeroFont’ Technique to Bypass Office 365 Protections

    Ionut Arghire is an international correspondent for SecurityWeek.

    Previous Columns by Ionut Arghire:
    Tags:



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Tips to bolster cybersecurity, incident response this 4th of July weekend

    July 1, 2022 Cyber Security

    Jon Raper named CISO at Costco

    July 1, 2022 Cyber Security

    2022 RSAC takeaways: Risk management vs compliance

    July 1, 2022 Cyber Security

    3 security lessons we haven’t learned from the Kaseya breach

    July 1, 2022 Cyber Security

    Auston Davis named CISO at Versant Health

    June 30, 2022 Cyber Security

    Lessons learned from slew of recent data breaches

    June 30, 2022 Cyber Security
    Editors Picks

    DeSantis benefits from ‘Trump fatigue’ ahead of possible 2024 face-off

    July 3, 2022

    Germany and Ireland attack Boris Johnson over Northern Ireland rules

    July 3, 2022

    Biden administration split on whether to remove China tariffs

    July 3, 2022

    Covid vaccines: how can immune imprinting help experts to rethink jabs?

    July 3, 2022
    Trending Now

    Special treatment for Tesla not in India’s ‘interest’, Ola says

    By techbizweb

    NFT Sales Slide to a 12-Month Low Amid Crypto Meltdown

    By techbizweb

    China’s rise pushes Asia-Pacific nations to embrace Nato

    By techbizweb

    https://www.nationalsportsacademy.com

    slot gacor hari ini

    http://www.inadesfo.org/

    http://www.eueomgbissau.org/

    http://www.congo-mai-mai.net/

    http://www.angelesdelafrontera.org/

    http://fifaworldcup2018schedule.com/

    http://tony4gtrmcr.co.uk/

    http://www.standrewsagreement.org/

    http://www.bob-russell.co.uk/

    http://davidmulholland.co.uk/

    http://railwayhotelenniskillen.com/

    http://www.fantasysportstrades.com/

    http://www.rainleaf-flooring.com

    http://mothersagainstguns.org/

    http://ma-coc.org/

    slot online

    http://www.paradoxmag.com/situs-judi-slot-online-gampang-menang-2021/

    http://www.paradoxmag.com/situs-judi-slot-online-terbaru-2021/

    http://slot-terbaru.net/

    Slot Gacor

    Slot Online

    Situs Slot Gacor

    http://www.appdexterity.com/

    https://cars4kids-deutschland.de/

    https://www.stretchingculture.com/

    https://www.b-123-hp.com/slot-gacor/

    https://denzstaffing.nl/

    https://ezbbqcooking.com/slot-gacor/

    https://www.mbahelp24.com/slot-gacor

    https://minhtanstore.com/slot-jackpot-terbesar/

    https://njbpusupplierdiversity.com/slot-gacor-gampang-menang/

    https://www.floridaspecialtycropfoundation.org/slot-gampang-menang/

    https://childrenscornerpreschool.org/slot-gacor-gampang-menang/

    https://cryptoquoter.com/slot-online-terbaik/

    https://alorkantho24.com/slot-gacor/

    https://ellas.xyz/slot-gacor/

    https://it.dougamatome.xyz/slot-online/

    https://www.daltercume.com/slot-gacor/

    https://josi-ana.dougamatome.xyz/slot88/

    https://josi-ana.dougamatome.xyz/slot-gacor/

    https://fastobserver.com/slot-jackpot-terbesar/

    https://www.planetexperts.com/slot-gacor/

    https://bfsolution.group/slot-bet-kecil/

    https://rustleva.co/slot/

    https://bfsolution.group/slot-bet-kecil/

    https://www.hotelcalimareal.com/togel-online/

    https://anime-game.dougamatome.xyz/slot-gacor-gampang-menang/

    https://anime-game.dougamatome.xyz/togel-online/

    https://bourbonbarrelfoods.com/slot/

    http://suneo39.wp.xdomain.jp/slot/

    https://techbizweb.com/slot-gacor/

    https://www.generalcatalyst.com/18-daftar-slot-gacor-terbaik-gampang-menang-jackpot-hari-ini/

    https://www.hotelcalimareal.com/slot-online/

    https://www.blockgates.io/slot-gacor/

    https://l12.com.br/slot-gacor/

    slot paling gacor

    https://www.donalds-hobby.com/slot-online/

    https://thecryptodirt.com/slot-gacor-hari-ini/

    http://iseta.edu.ar/aulavirtual/app/upload/users/1/1205/my_files/sbobet.html

    http://escuelavirtual.mincit.gov.co/app/upload/users/1/194/my_files/slot.html

    https://www.dev.medecinesfax.org/courses/JUDICASINO/document/slot.html

    http://www.e-archivos.org/cursos/courses/JUDICASINO/document/slot-gacor.html

    http://iesma.com.br/ead/main/upload/users/4/447/my_files/slot.html

    https://www.fundacoop.org/chamilo/app/upload/users/1/1185/my_files/slot.html

    https://fata-aatf.org/eskola/main/upload/users/3/31/my_files/slot.html

    https://uancv.edu.pe/ofinvestigacion/app/upload/users/3/328/my_files/slot-terlengkap.html

    https://micost.edu.my/EL/app/upload/users/2/209/my_files/slot-gacor.html

    https://www.academiacoderdojo.ro/elearningdev/app/upload/users/2/2442/my_files/slot-online.html

    http://campus-cidci.ulg.ac.be/courses/JUDICASINO/document/slot-termurah.html

    https://www.escueladerobotica.misiones.gob.ar/aula-ste/courses/LIVECASINO/document/slot-tergacor.html

    http://ccdipeepccqqfar.usac.edu.gt/chamilo/app/upload/users/3/358/my_files/slot-online.html

    https://cunori.edu.gt/campus/app/upload/users/7/7334/my_files/slot-online.html

    http://u-rus.com.ar/aula/app/upload/users/1/1322/my_files/slot.html

    http://icrodarisoveria.edu.it/chamilo/app/upload/users/1/1855/my_files/slot.html

    https://iestpliliagutierrez.edu.pe/clarolgm/courses/CASINO/document/slot.html

    http://pva.cobach.edu.mx/app/upload/users/7/7379/my_files/slot.html

    http://www.imb-pc-online.edu.gt/PL/app/upload/users/3/373/my_files/slot.html

    http://avcs.upeu.edu.pe/main/upload/users/3333/my_files/slot.html

    https://chamilo.fca.uas.edu.mx/app/upload/users/1/11186/my_files/slot-online/

    TechBizWeb
    Facebook Twitter Instagram Pinterest Vimeo YouTube
    • Home
    • Guest Post
    • About Us
    • Privacy Policy
    • Our Authors
    • Terms and Conditions
    • Contact
    © 2022 Tech Biz Web. Developed by Sawah Dev.

    Type above and press Enter to search. Press Esc to cancel.