Tag: office
-
Cybersicherheit und Compliance Warum Excel und Word zum Haftungsrisiko werden
Viele Unternehmen setzen bei der Umsetzung von NIS2 und DORA zunächst auf Excel und Word aus Gewohnheit, Kostengründen oder Pragmatismus. Für eine dauerhafte, revisionssichere Steuerung von Cyberrisiken reichen statische Office-Dokumente jedoch nicht aus. Warum das schnell zum Haftungsrisiko werden kann, zeigen fünf zentrale Schwachstellen im Umgang mit regulatorischen Anforderungen. First seen on ap-verlag.de Jump to…
-
CISA Adds Ubiquiti UniFi OS Flaws to KEV Catalog
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, kev, network, office, risk, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three critical vulnerabilities affecting Ubiquiti UniFi OS to its Known Exploited Vulnerabilities (KEV) catalog. This highlights the increasing risk to both enterprise and small-office network environments that rely on this popular network management platform. The newly identified flaws, CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910, affect UniFi OS…
-
Microsoft 365 Sensitivity Labels Now Block AI-Powered Content Analysis in Office Apps
Microsoft has announced a significant update to its Microsoft 365 ecosystem to enhance data protection. This update will prevent AI-powered and connected content analysis in Office applications when sensitivity labels are applied. According to Microsoft, the company is expanding the enforcement of the existing sensitivity label setting, “Prevent some connected experiences that analyze content.” This…
-
Juni-Patch: Windows-11-Update macht Office, File Explorer und Papierkorb kaputt
Das Windows-11-Update KB5094126 hat das Startmenü verbessert, aber auch diverse neue Bugs eingeführt. Und diese sind teilweise gravierend. First seen on golem.de Jump to article: www.golem.de/news/juni-patch-windows-11-update-macht-office-file-explorer-und-papierkorb-kaputt-2606-209999.html
-
The UK Will Scan Asylum-Seekers’ Faces for Age Checks”, Despite Knowing the Tech Is Flawed
Internal Home Office tests of age-verification technology show the risks of life-altering errors. It’s moving forward anyway. First seen on wired.com Jump to article: www.wired.com/story/facial-age-estimate-uk-asylum-seekers/
-
Windows 11 June Patch Triggers Microsoft Office Startup Issues
Microsoft’s June 2026 cumulative update for Windows 11 (KB5095051, OS Build 28000.2269) introduces an unexpected application compatibility issue that may disrupt enterprise workflows, as users report that Microsoft Office applications fail to launch when opened via certain third-party applications. The update, released on June 9, 2026, targets Windows 11 version 26H1 and bundles critical security…
-
Microsoft confirms Office apps launch issues after June updates
Microsoft is investigating a new issue preventing third-party applications from launching Microsoft Office applications or opening documents on up-to-date Windows systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-confirms-office-apps-launch-issues-after-june-updates/
-
Microsoft confirms Office apps launch issues after June updates
Microsoft is investigating a new issue preventing third-party applications from launching Microsoft Office applications or opening documents on up-to-date Windows systems. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-confirms-office-apps-launch-issues-after-june-updates/
-
Microsoft’s workplace check-in via Wi-Fi tracks who’s in the office, and not everyone’s happy
Microsoft is rolling out workplace check-in via Wi-Fi for Teams and Microsoft Places. Connect to your office network and your in-office presence updates automatically, no … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/15/microsoft-teams-workplace-wi-fi-check-in/
-
Maine Takes Breach Reporting Portal Offline After Fake Entries
The Office of the Maine Attorney General has suspended its breach reporting portal First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/maine-breach-reporting-portal/
-
Maine Shuts Down Breach Reporting Portal Following Fake VRChat and Discord Submissions
The Office of the Maine Attorney General has temporarily taken its public data breach reporting portal offline following the discovery of fraudulent submissions falsely claiming security incidents at VRChat and Discord. The incident, disclosed in an official statement on June 12, 2026, highlights growing concerns over the integrity and potential abuse of publicly accessible breach…
-
Silent Ransom Group: what you need to know
Most extortion gangs hide behind a keyboard. Silent Ransom Group will phone your staff pretending to be IT support – and if that fails, send someone to your office in person to plug in a USB stick. First seen on fortra.com Jump to article: www.fortra.com/blog/silent-ransom-group-what-you-need-know
-
Fake Windows and Office Activation Videos Spread Infostealers on TikTok and Instagram
Short-form video platforms such as TikTok and Instagram Reels have become an increasingly effective vector for distributing infostealers, as threat actors leverage polished tutorial-style clips to trick Windows users into running malicious code. Attackers create accounts with Windows-like naming and branding, then post short, high-production-value videos that mimic authentic support or how-to content. The posts…
-
China-Linked JDY Botnet Hijacks 1,500+ IoT Devices for Rapid Exploits
A significant resurgence of the JDY botnet, a covert reconnaissance network tied to China-nexus threat activity. Once a component of the larger KV-botnet ecosystem, JDY has expanded to more than 1,500 compromised small office/home office (SOHO) and Internet of Things (IoT) devices and now functions as a high-performance, centrally controlled scanner that accelerates vulnerability discovery…
-
Silent Ransom Group Hits US Law Firms in Escalating Extortion Attacks
The financially motivated group is combining vishing, IT impersonation, and in-person office intrusions to steal data and extort victims. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/silent-ransom-us-law-firms-extortion-attacks
-
UNC3753 Escalates: From Vishing Calls to Physical Office Intrusions at US Legal and Financial Firms
UNC3753 phones staff posing as IT, hijacks screen sessions, steals sensitive legal files, and now sends operatives physically into offices to plug in USB drives. Google Mandiant and the Google Threat Intelligence Group published a detailed report documenting an active extortion campaign carried out by the cybercrime group UNC3753 (aka Luna Moth, Chatty Spider, and…
-
UNC3753 Targets US Law Firms with Vishing, RMM Tools, and Physical Break-Ins
Threat cluster UNC3753, widely tracked as Silent Ransom Group or Luna Moth, is actively targeting professional, legal, and financial services in the United States. According to Mandiant’s Google Threat Intelligence Group (GTIG), this financially motivated campaign leverages a highly effective combination of voice phishing, remote monitoring and management abuse, and unprecedented physical office intrusions. Attackers…
-
Conduent Hack Victim Count Now Tops 62.2 Million
Back-Office Servicer’s Breach Estimate Has More Than Doubled Since February. The victim tally in back-office services firm Conduent Business Services’ 2024 hack has more than doubled to over 62.2 million individuals, from an earlier estimate of 25 million plus. The incident is now on track to be at least the third-largest health data breach ever…
-
Google and FBI warn of ransomware group that sends fake IT workers to hack victims in person
Cybercriminals, part of a gang known as Silent Ransom Group, have sent people pretending to be IT support employees to law firms’ offices, where the criminals have stolen data using USB drives or remote access tools. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/05/google-and-fbi-warn-of-ransomware-group-that-sends-fake-it-workers-to-hack-victims-in-person/
-
U.S. sanctions Nobitex crypto exchange used by Iranian ransomware actors
The U.S. Treasury’s Office of Foreign Assets Control (OFAC) has announced sanctions against Nobitex, Iran’s largest cryptocurrency exchange, for facilitating payments related to terrorist activities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-us-sanctions-nobitex-crypto-exchange-used-by-ransomware/
-
Microsoft Tests Wearable AI Badge for Office Workers
Microsoft showed Project Solara concept devices at Build 2026, including a wearable AI badge for office workers using AI agents. The post Microsoft Tests Wearable AI Badge for Office Workers appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-wearable-ai-badge-office-workers/
-
The U.S. sanctions Nobitex crypto exchange used by ransomware
The U.S. Treasury’s Office of Foreign Assets Control (OFAC) has announced sanctions against Nobitex, Iran’s largest cryptocurrency exchange, for facilitating payments related to terrorist activities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-us-sanctions-nobitex-crypto-exchange-used-by-ransomware/
-
The U.S. sanctions Nobitex crypto exchange used by ransomware
The U.S. Treasury’s Office of Foreign Assets Control (OFAC) has announced sanctions against Nobitex, Iran’s largest cryptocurrency exchange, for facilitating payments related to terrorist activities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-us-sanctions-nobitex-crypto-exchange-used-by-ransomware/
-
The U.S. sanctions Nobitex crypto exchange used by ransomware
The U.S. Treasury’s Office of Foreign Assets Control (OFAC) has announced sanctions against Nobitex, Iran’s largest cryptocurrency exchange, for facilitating payments related to terrorist activities. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/the-us-sanctions-nobitex-crypto-exchange-used-by-ransomware/
-
Codex knowledge work expands into research, reports, and spreadsheets
Office workers in the United States lose hours each week to email triage and to searching for files spread across disconnected systems. Roughly 40 percent of US labor, about … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/02/openai-codex-knowledge-work/
-
TP-Link Router Security Bug Enables Remote Command Execution Attacks
TP-Link has disclosed a high-severity security flaw in its Archer BE450 and Archer BE7200 Wi”‘Fi routers that could allow remote command execution once an attacker gains admin access. The vulnerability, tracked as CVE-2026-5509, is rated 8.5 (High) under CVSS v4.0, highlighting the serious risk it poses to both home and small-office networks that rely on…
-
Microsoft investigates Office Apps, Teams file access issues
Microsoft says an ongoing incident is preventing users of its Teams collaboration platform and Office for the web cloud-based productivity suite from opening files. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-investigates-office-apps-teams-file-access-issues/