Jun 30, 2025, 12:00 AM
Jun 27, 2025, 12:00 AM

Hackers exploit printers to attack Windows systems via Microsoft 365

Provocative
Highlights
  • A new cyber attack campaign is exploiting printers to hack Windows systems through Microsoft 365.
  • The Varonis investigation found that the threat actors use a feature called Direct Send to bypass security measures.
  • Organizations are urged to implement strict security protocols to mitigate these attacks.
Story

In the United States, a new cyber attack campaign has emerged, targeting Windows users by leveraging printers connected to Microsoft 365. This operation, reported by Varonis Managed Data Detection and Response Forensics, began around May 2025 and has already affected at least 70 organizations. The attackers exploit a little-known feature known as Direct Send, which allows devices like printers to send emails without requiring any authentication, thus bypassing usual security checks. With threat actors utilizing this feature effectively, they have been able to spoof internal users and send phishing emails that are less scrutinized compared to regular emails. Tom Barnea, a forensics specialist at Varonis, indicated that this tactic poses significant risks, particularly because it allows attackers to deliver malicious messages without needing to compromise email accounts directly. The campaign demonstrates the broadening scope of threats as attackers continuously seek new ways to target organizations and individuals. In light of these events, it has become increasingly crucial for organizations to take proactive measures to safeguard their systems. Recommendations from Varonis to combat these attacks include enabling the

Opinions

You've reached the end