Tag: office
-
Microsoft breaks Microsoft account sign-ins in Windows 11 with latest update
OneDrive, Office, Teams Free users greeted with phantom ‘no internet’ errors, restart may help if you’re lucky First seen on theregister.com Jump to article: www.theregister.com/2026/03/20/microsoft_account_not_working_have/
-
CISA Warns of Zimbra, SharePoint Flaw Exploits; Cisco Zero-Day Hit in Ransomware Attacks
Tags: attack, cisa, cisco, cve, cybersecurity, exploit, flaw, government, infrastructure, microsoft, office, ransomware, vulnerability, zero-dayThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has urged government agencies to apply patches for two security flaws impacting Synacor Zimbra Collaboration Suite (ZCS) and Microsoft Office SharePoint, stating they have been actively exploited in the wild.The vulnerabilities in question are as follows -CVE-2025-66376 (CVSS score: 7.2) – A stored cross-site scripting First seen…
-
OFAC Sanctions DPRK IT Worker Network Funding WMD Programs Through Fake Remote Jobs
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has sanctioned six individuals and two entities for their involvement in the Democratic People’s Republic of Korea (DPRK) information technology (IT) worker scheme with an aim to defraud U.S. businesses and generate illicit revenue for the regime to fund its weapons of mass…
-
RSAC 2026 Innovation Sandbox – Charm Security: AI Anti-Fraud Platform for New Types of Fraud
Company Profile Charm Security (hereinafter referred to as Charm) is an innovative security company focused on preventing and solving fraud and deception using Agentic AI technology. Founded in January 2025, the company has set up offices in Tel Aviv, Israel and New York, USA. With a core focus on financial security, it has become an…The…
-
Energy Department set to release its first-ever cyber strategy
Alex Fitzsimmons, the acting director of the Office of Cybersecurity, Energy Security, and Emergency Response (CESER), said the plan is meant to supplement the recently-published national cyber strategy and will focus on how the agency will strengthen the “security resilience” of the energy sector. First seen on therecord.media Jump to article: therecord.media/energy-department-set-to-release-first-ever-cyber-strategy
-
Fake rooms, props and a script to lure victims: inside an abandoned Cambodia scam centre
Sprawling compound, including mock-up banks and police offices, uncovered by Thai military during border clashesIt is as if you have walked into a branch of one of Vietnam’s banks. A row of customer service desks, divided by plastic screens, with landline phones, promotional leaflets and staff business cards. A seated waiting area and a private…
-
UK regulators demand social media platforms make it harder for kids under 13 to access sites
The Information Commissioner’s Office (ICO) and Ofcom stressed that they expect immediate action, with Ofcom saying that firms have until the end of April to report back on their plans. First seen on therecord.media Jump to article: therecord.media/uk-regulators-demand-social-media-platforms-restrict-kids-access
-
Palantir’s lethal AI weaponry deployed to find chairs for US government staff
As Department of Agriculture employees return to the office, it needs ‘real-time analytics to optimize employee seat assignments’ First seen on theregister.com Jump to article: www.theregister.com/2026/03/10/palantir_usda_seating_software/
-
Foreign hacker reportedly breached FBI servers holding Epstein files in 2023
Cybercriminal reportedly accessed a server at the FBI’s New York field office, according to a source and DoJ documentsA foreign hacker compromised files relating to the FBI’s investigation of the late sex offender Jeffrey Epstein during a break-in at the bureau’s New York field office three years ago, according to “‹a source familiar with the…
-
Critical Vulnerability in Microsoft Office Allows Malicious Code to Run Remotely
Tags: cve, cvss, cyber, flaw, malicious, microsoft, office, remote-code-execution, threat, vulnerabilityMicrosoft has disclosed a critical security flaw in its Microsoft Office suite, officially tracked as CVE-2026-26110. Released on March 10, 2026, this Remote Code Execution (RCE) vulnerability poses a significant threat to organizations and individuals relying on the widely used productivity software. With a base CVSS score of 8.4, the flaw demands immediate attention from…
-
CSO Awards 2026 celebrates world-class security strategies
4Wall Entertainment HMSA Aaron’s LLC Horizon BCBSNJ Accenture K&N Engineering Inc Adobe LyondellBasell Industries Aflac McDonald’s Ally Financial Medtronic PLC AmeriHealth Caritas Midcontinent Independent System Operator (MISO) Avangrid Moelis & Company Baptist Memorial Health Care Corporation Monster Energy California Housing Finance Agency MultiCare Health System Carvana National Cybersecurity Alliance Casey’s New Albany Floyd County Schools…
-
Microsoft Patch Tuesday March 2026: Two Zero-Days and Critical RCE Bugs Fixed
The Microsoft Patch Tuesday March 2026 release introduces security updates addressing 79 vulnerabilities, including two publicly disclosed zero-day vulnerabilities and several high-risk issues tied to remote code execution. The monthly security rollout includes fixes across multiple Microsoft products such as SQL Server, .NET, Microsoft Office, SharePoint Server, and Azure services. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/microsoft-patch-tuesday-march-2026/
-
Microsoft Patchday März 2026 – 93 Schwachstellen in Windows, Office, Azure und Serverkomponenten
First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-patchday-maerz-2026-patches-updates-a-46bdfd333e21799fd5668565101471ba/
-
Microsoft Fixes 79 Vulnerabilities in March 2026 Patch Tuesday, Mitigating Two Exploited 0-Days
Microsoft has released its March 2026 Patch Tuesday updates, successfully addressing 79 security vulnerabilities across various products and mitigating two publicly disclosed zero-day flaws. These critical security updates provide essential fixes for enterprise systems, including Microsoft Windows, Office, SQL Server, and the .NET framework. March 2026 Vulnerability Overview The March 2026 Patch Tuesday addresses a…
-
March Patch Tuesday: Three high severity holes in Microsoft Office
aadsshlogin package. Systems with the extension already installed have packages.microsoft.com configured automatically, so no additional setup is required.”The cloud ecosystem doesn’t really handle patching well,” Reguly said. “It’s a relatively immature process, and the way that Microsoft handles these products really demonstrates that. The CVE impacting Azure Linux Virtual Machines (CVE-2026-23665) or the multiple CVEs…
-
Microsoft Patch Tuesday security updates for March 2026 fixed 84 bugs
Microsoft Patch Tuesday security updates for March 2026 addressed 84 vulnerabilities in its products. None of the flaws are known to be exploited so far. Microsoft Patch Tuesday security updates for March 2026 addressed 84 vulnerabilities across its products. The IT giant addressed flaws across Windows, Office, Edge, Azure, SQL Server, Hyper-V, and ReFS. Including…
-
Microsoft’s March 2026 Patch Tuesday Addresses 83 CVEs (CVE-2026-21262, CVE-2026-26127)
8Critical 75Important 0Moderate 0Low Microsoft addresses 83 CVEs including two vulnerabilities that were publicly disclosed prior to a patch being released. Microsoft patched 83 CVEs in its March 2026 Patch Tuesday release, with eight rated critical and 75 rated as important. Our counts omitted one CVE (CVE-2026-26030) assigned by GitHub. This month’s update includes patches…
-
OMB Rolled Back the Rules. Security Did Not Get Easier
<div cla The U.S. Office of Management and Budget (OMB)’s decision to rescind M-22-18 and M-23-16 and replace them with M-26-05 has been framed as a win for flexibility and a rollback of security theater. That framing is not entirely wrong, but it misses something fundamental about how modern software actually fails. There are pieces…
-
Conflicting definitions and timelines cause cybersecurity regulation morass, industry reps say
A recent Government Accountability Office report highlights businesses’ frustrations with the way the government currently oversees cybersecurity. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cybersecurity-regulation-industry-feedback-gao-panel/814215/
-
The OT security time bomb: Why legacy industrial systems are the biggest cyber risk nobody wants to fix
Tags: access, attack, authentication, awareness, business, ciso, compliance, control, cyber, cybersecurity, data, detection, exploit, firewall, incident, incident response, infrastructure, insurance, ISO-27001, metric, mfa, monitoring, network, office, phishing, ransomware, regulation, resilience, risk, risk-management, service, siem, soc, stuxnet, supply-chain, tool, vpn, vulnerability, zero-dayWhy everyone knows it’s burning, but nobody pulls the fire alarm: When I talk to OT managers, production leads or plant engineers, I rarely hear, “We didn’t know we had a problem.” Far more often, it’s, “We know it’s critical, but we can’t just shut it down.” This gap between awareness and action is the…
-
WA auditor general flags weak Microsoft 365 security controls across state entities
Western Australia’s Office of the Auditor General has uncovered weaknesses in M365 configurations across seven government agencies, leading to compromised accounts and data breaches First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366639954/WA-auditor-flags-weak-Microsoft-365-security-controls-across-state-entities
-
Anthropic Files Lawsuit Against U.S. Government Over Claude Risk Designation
Anthropic has launched an unprecedented lawsuit against the U.S. government after being designated a >>supply chain risk>>. The legal action, filed in a California federal court, targets the executive office of President Donald Trump, Defense Secretary Pete Hegseth, and 16 government agencies. The dispute centers on Anthropic CEO Dario Amodei’s refusal to allow the military…
-
Conflicting definitions and timelines causing cybersecurity regulation morass, industry reps say
A recent Government Accountability Office report highlights businesses’ frustrations with the way the government currently oversees cybersecurity. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cybersecurity-regulation-industry-feedback-gao-panel/814215/
-
New Attack Against Wi-Fi
It’s called AirSnitch: Unlike previous Wi-Fi attacks, AirSnitch exploits core features in Layers 1 and 2 and the failure to bind and synchronize a client across these and higher layers, other nodes, and other network names such as SSIDs (Service Set Identifiers). This cross-layer identity desynchronization is the key driver of AirSnitch attacks. The most…
-
Strengthening California’s Cyber Defenses: Apply Now for FFY 2024 SLCGP Grants
Tags: access, authentication, cloud, cyber, cybersecurity, defense, email, framework, google, governance, government, identity, infrastructure, mfa, mitigation, office, resilience, risk, service, software, threat, tool, vulnerabilityCal OES offers up to $250,000 to help California’s state, local, and tribal agencies strengthen their digital infrastructure against evolving cyber threats. Organizations must submit their applications by March 13, 2026. Key takeaways Significant competitive funding: Cal OES is distributing $9.7 million for local and tribal governments and $1.8 million for state agencies, with individual…
-
62 people indicted by Taiwanese prosecutors over ties to cyber scam company Prince Group
The Taipei District Prosecutors Office initiated its investigation in October after Chen Zhi, the founder of the Prince Group, was indicted by U.S. prosecutors on money laundering charges. First seen on therecord.media Jump to article: therecord.media/62-indicted-taiwan-prince-group-scams