There is a critical Microsoft Outlook vulnerability for Windows (CVE-2023-23397) that allows hackers to remotely steal hashed passwords by simply receiving an email, and is actively being exploited.
Please ensure system and application updates are initiated and devices patched as soon as possible. Another layer of defense is to block TCP 445/SMB outbound from your network firewall.
More Information: