New Hampshire Cybersecurity engineer Chris Plummer was the first to notice this vulnerability.
After discovering the issue, Plummer reported the vulnerability to Google through its bug bounty program.
This message went from a Facebook account, to a UK netblock, to O365, to me.
Nothing about this is legit.
Google just doesnt want to deal with this report honestly.
This message went from a Facebook account, to a UK netblock, to O365, to me.
Nothing about this is legit.
After taking a closer look, we realised that this indeed doesnt seem like a generic SPF vulnerability.
Well keep you posted with our assessment and the direction that this issue takes.
Hence, users are advised to exercise caution and remain wary when dealing with email communications.
source: www.techworm.net
