Information security
fromThe Hacker News
2 days agoMicrosoft Warns Misconfigured Email Routing Can Enable Internal Domain Phishing
Misconfigured routing and lax spoof protections allow threat actors to send internally appearing phishing emails, often using Tycoon 2FA PhaaS to steal credentials.