Search This Blog

Showing posts with label IP addresses Revealed. Show all posts

Microsoft Office 365 Exposing User’s IP Address in Emails





Microsoft Office 365's webmail interface has been accused for exposing the user's IP address injected into the message as an extra mail header.

This news comes as a rather major warning to those who resorted to Office 365 webmail interface to hide their IP address, because in reality they are not concealing anything.

The service injects an extra mail header into the email called x-originating-IP that contains the IP address of the connecting client, which for this situation is the user's local IP address and this all happens when an email is sent via Office 365 (https://outlook.office365.com/).

BleepingComputer even came around to test the webmail interfaces for Gmail, Yippee, AOL, Outlook.com (https://outlook.live.com), and Office 365.

As for Microsoft, it has removed the x-originating-IP header field in 2013 from Hotmail to offer their users much better security and privacy.

"Please be informed that Microsoft has opted to mask the X-Originating IP address. This is a planned change on the part of Microsoft in order to secure the well-being and safety of our customers."

However for Office 365, who 'caters to the enterprise', this header was deliberately left in so that admins could scan for email that has been sent to their respective organization from a specific IP address. This was particularly helpful for finding the location of a sender in the event of an account getting hacked.

And for Office 365 admins who don't wish to keep utilizing this header, they are allowed to make another new rule in the Exchange admin center that easily removes the header.



In any case, for security and auditing purposes, it is most likely a more shrewd decision to keep it enabled.

Telegram Messenger Leaks IP Addresses of Users



Dhiraj Mishra, a security researcher from Mumbai, India found that under specific conditions, the Telegram desktop clients for Windows, Mac, and Linux would uncover users' IP address, notwithstanding when the user was configured to protect this data.

Despite the fact that the program describes itself similar to a protected and private correspondence application, yet the researcher has demonstrated that in its default design it would permit a user's IP address to be leaked when making call.

The leak, happening just amid voice calls, happened notwithstanding when the "Peer-to-Peer" connection choice was set to "Nobody." A Peer-to-Peer connection isn't private by outline, as it directly exposes the two participants.

P2P Settings in Telegram for iOS

When utilizing Peer-to-Peer to begin Telegram calls, however, the IP address of the person you are conversing with will show up in the Telegram console logs. Not all forms incorporate a console log. For instance, Windows does not show a console log in their tests, while the Linux variant does.

The Telegram application indicates that users can keep their IP address from being disclosed by changing the setting as doing it will make the user's calls to be steered through Telegram's servers, which would then shroud the IP address, however at the expense of having a slight abatement in sound quality.

Dhiraj, the researcher even shared a Proof of Concept video to BleepingComputer that showed how the IP addresses were leaked. Where he explained about the 3 IP's that leak:

1. Telegram server IP (That's Ok)

2. Your own IP (Even that's okay too)

 3. End user IP (That's not okay)

IP address leak in Telegram console log

The issue since its revelation has been a matter of deep concern that was patched by telegram with the release of Telegram for Desktop v1.4.0 and v1.3.17 beta.

Nevertheless telegram clients who particularly utilize the application for its obscurity highlights are advised to update their desktop clients at the earliest opportunity to patch the bug that has the ability to very easily leak their IP address.