Tag: office
-
Hacker Stole Sensitive Data From FEMA, Border Patrol: Reports
An assessment by DHS found that hackers were able to access FEMA servers by exploiting the CitrixBleed 2 vulnerability and steal data from both that agency and the border patrol office, contradicting an earlier statement by Homeland Security Secretary Kristi Noem that no personal information was taken during the weeks-long breach. First seen on securityboulevard.com…
-
Georgia Tech settles with DOJ over allegations of lax cybersecurity on federal projects
The Georgia Institute of Technology is paying $875,000 to settle a False Claims Act lawsuit with the federal government, which accused an office at the school of not following cybersecurity rules on some defense contracts. First seen on therecord.media Jump to article: therecord.media/georgia-tech-gtrc-cybersecurity-false-claims-act-settlement
-
Georgia Tech settles with DOJ over allegations of lax cybersecurity on federal projects
The Georgia Institute of Technology is paying $875,000 to settle a False Claims Act lawsuit with the federal government, which accused an office at the school of not following cybersecurity rules on some defense contracts. First seen on therecord.media Jump to article: therecord.media/georgia-tech-gtrc-cybersecurity-false-claims-act-settlement
-
Home Office issues new ‘backdoor’ order over Apple encryption
A second Home Office technical capability notice requires Apple to provide access to encrypted data and messages of British users stored on its iCloud service First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632159/Home-Office-issues-new-back-door-order-over-Apple-encryption
-
Home Office issues new ‘back door’ order over Apple encryption
New Home Office Technical Capability Notice (TCN) requires Apple to provide access to encrypted data and messages of British users stored on Apple’s cloud service. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366632159/Home-Office-issues-new-back-door-order-over-Apple-encryption
-
In aller Öffentlichkeit: Microsoft verschleiert Informationen zum Datenaustausch
Die schottische Polizei plant den Einsatz von Office 365 in der Cloud. Polizeidaten könnten so in mehr als 100 Länder gelangen. First seen on golem.de Jump to article: www.golem.de/news/in-aller-oeffentlichkeit-microsoft-verschleiert-informationen-zum-datenaustausch-2509-200647.html
-
Microsoft Sniffs Out AI-Based Phishing Campaign Using Its AI-Based Tools
Microsoft used AI-based tools in Defender for Office 365 to detect and block a phishing campaign in which Security Copilot determined the malicious code was likely written by a LLM, marking the latest incident in which AI security tools were used to combat an AI-based cyberattack. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/microsoft-sniffs-out-ai-based-phishing-campaign-using-its-ai-based-tools/
-
XWorm campaign shows a shift toward fileless malware and in-memory evasion tactics
Tags: api, control, detection, edr, encryption, injection, malware, monitoring, office, open-source, powershell, software, tacticsDodging sandboxes and scanners: The attackers relied on well-known evasion techniques throughout the chain, including API hashing to hide intent, API calls that bypass user-mode hooks installed by security software, and multiple encryption layers inside .NET DLLs.”The DLL file uses several encryption techniques for analysis to be difficult, such as RSACryptor, Virtualization, Fake.cctor, and many…
-
XWorm campaign shows a shift toward fileless malware and in-memory evasion tactics
Tags: api, control, detection, edr, encryption, injection, malware, monitoring, office, open-source, powershell, software, tacticsDodging sandboxes and scanners: The attackers relied on well-known evasion techniques throughout the chain, including API hashing to hide intent, API calls that bypass user-mode hooks installed by security software, and multiple encryption layers inside .NET DLLs.”The DLL file uses several encryption techniques for analysis to be difficult, such as RSACryptor, Virtualization, Fake.cctor, and many…
-
XWorm campaign shows a shift toward fileless malware and in-memory evasion tactics
Tags: api, control, detection, edr, encryption, injection, malware, monitoring, office, open-source, powershell, software, tacticsDodging sandboxes and scanners: The attackers relied on well-known evasion techniques throughout the chain, including API hashing to hide intent, API calls that bypass user-mode hooks installed by security software, and multiple encryption layers inside .NET DLLs.”The DLL file uses several encryption techniques for analysis to be difficult, such as RSACryptor, Virtualization, Fake.cctor, and many…
-
ThreatBook Launches BestBreed Advanced Threat Intelligence Solution
Singapore, Singapore, September 29th, 2025, CyberNewsWire ThreatBook, a global leader in cyber threat intelligence, detection and response, today announced the worldwide launch[1] of ThreatBook Advanced Threat Intelligence (“ThreatBook ATI”). Spearheaded from its offices in Singapore and Hong Kong, the new service offers unique industry insights for threat intelligence platforms (TIPs), security operation centers (SOCs) and…
-
ThreatBook Launches BestBreed Advanced Threat Intelligence Solution
Singapore, Singapore, September 29th, 2025, CyberNewsWire ThreatBook, a global leader in cyber threat intelligence, detection and response, today announced the worldwide launch[1] of ThreatBook Advanced Threat Intelligence (“ThreatBook ATI”). Spearheaded from its offices in Singapore and Hong Kong, the new service offers unique industry insights for threat intelligence platforms (TIPs), security operation centers (SOCs) and…
-
Hackers Use Fake Invoices to Spread XWorm RAT via Office Files
Hackers are sending fake invoice emails with malicious Office files that install the XWorm RAT on Windows systems, allowing full remote access and data theft. Learn how the shellcode and process injection are used to steal data, and how to stay safe from this persistent threat. First seen on hackread.com Jump to article: hackread.com/hackers-fake-invoices-xworm-rat-office-files/
-
Thales Named a Leader in the Data Security Posture Management Market
Tags: access, ai, attack, breach, cloud, compliance, container, control, cybersecurity, data, data-breach, defense, detection, encryption, finance, GDPR, google, Hardware, identity, intelligence, law, microsoft, monitoring, network, office, privacy, regulation, resilience, risk, soc, software, strategy, technology, threat, toolThales Named a Leader in the Data Security Posture Management Market madhav Thu, 09/25/2025 – 06:15 Most breaches begin with the same blind spot: organizations don’t know precisely what data they hold, or how exposed it is. Value and risk sit side by side. Data Security Todd Moore – Global VP of Data Security Products…
-
Check your own databases before asking to see our passport photos, Home Office tells UK cops
Guidance follows privacy complaints over sharp increase in police searches of travel doc and visa pic libraries First seen on theregister.com Jump to article: www.theregister.com/2025/09/25/uk_passport_photo_cache_block_rules/
-
US Extradition of Alleged RaidForums Admin Is Stuck in Limbo
UK High Court Overturns Home Office Request to Extradite Diogo Santos Coelho. The U.K. High Court of Justice on Sep. 11 overturned a Home Office request to extradite a Portuguese national and an alleged administrator of RaidForums who is wanted in the United States on charges of device fraud and aggravated identity theft charges. First…
-
40 Prozent aller KMU-Cyberangriffe in Europa treffen Österreich
Kleine und mittlere Unternehmen geraten zunehmend ins Fadenkreuz von Cyberkriminellen. Besonders besorgniserregend: Angriffe tarnen sich immer häufiger als bekannte Anwendungen wie ChatGPT, Microsoft Office oder Google Drive. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/kmu-cyberangriffe-europa-oesterreich
-
Inc Ransomware Group Claims 5.7 TB Theft from Pennsylvania Attorney General’s Office
The Inc ransomware gang claims to have stolen 5.7 TB of data from the Pennsylvania Attorney General’s office in an August 2025 attack. Find out how the breach unfolded, why government agencies are a top target, and what this means for citizens. First seen on hackread.com Jump to article: hackread.com/inc-ransomware-data-pennsylvania-attorney-general/
-
Anton’s Security Blog Quarterly Q3 2025
Tags: ai, automation, breach, ciso, cloud, cyber, defense, detection, edr, google, governance, guide, metric, office, RedTeam, risk, siem, soc, software, supply-chain, threat, vulnerability, vulnerability-management, zero-trustAmazingly, Medium has fixed the stats so my blog / podcast quarterly is back to life. As before, this covers both Anton on Security and my posts from Google Cloud blog, Google Cloud community blog, and our Cloud Security Podcast (subscribe on Spotify). Gemini for docs based on this blog Top 10 posts with the most…
-
European Airport Disruptions Caused by Ransomware: EU Cyber Office
The EU’s cybersecurity agency says the widespread disruptions at airports in Belgium, England, and Germany were the result of a ransomware attack on third-party on-boarding software from Collins Aerospace that was used at all three airports. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/european-airport-disruptions-caused-by-ransomware-eu-cyber-office/
-
Windows 10 und Office 2016/2019 ab Oktober 2025 sicher betreiben Teil 2
In Teil 1 hatte ich erwählt, dass Windows 10 22H2 und Microsoft Office 2016 sowie Microsoft Office 2019 zum 14. Oktober 2025 aus dem Support fallen. In Teil 2 möchte ich auf die Implikationen eingehen und auch aufzeigen, welche Optionen … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/19/windows-10-und-office-2016-2019-ab-oktober-2025-sicher-betreiben-teil-2/
-
WatchGuard patches ‘critical’ VPN flaw in firewalls that could lead to compromise
Who is affected?: A list of the nearly three dozen firewall models affected by CVE-2025-9242 is available from WatchGuard’s website. The vulnerable versions of the Fireware OS are 2025.1, 12.x, 12.5.x (T15 & T35 models), 12.3.1 (FIPS-certified release), and 11.x (end of life). These are addressed (in the same order) by updating to versions 2025.1.1,…
-
Supportende für Windows 10 und Office 2016/2019 im Oktober 2025 Teil 1
Kurzer Hinweis für Benutzer von Windows 10 22H2 und Microsoft Office 2016 sowie Microsoft Office 2019. Microsoft hat kürzlich daran erinnert, dass der Support dieser Produkte zum 14. Oktober 2025 endet. An diesem Datum wird es letztmalig Sicherheitsupdates für Windows … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/09/18/supportende-fuer-windows-10-und-office-2016-2019-im-oktober-2025/
-
Office 2016 and 2019 face October 14 execution date
The Microsoft Axman Cometh First seen on theregister.com Jump to article: www.theregister.com/2025/09/16/office_2019_2016_support/
-
What’s Old Is New Again as Iranian Hackers Exploit Macros
MuddyWater Also Embraces Bulletproof Hosts and Custom Malware. The Iranian nation-state cyberespionage group MuddyWater is going back to the future with attacks featuring Microsoft Office documents with malicious macros. It is also shifting to homegrown malware in place of commercial remote monitoring and management tools, said researchers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/whats-old-new-again-as-iranian-hackers-exploit-macros-a-29465
-
Insider Threats in Remote Work
Nisos Insider Threats in Remote Work Insider threat teams know the ground has shifted. The tools and assumptions designed for an office-centric world don’t translate to a workforce spread across homes… First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/insider-threats-in-remote-work/
-
Microsoft scores win against Office 365 credential thieves
Microsoft’s Digital Crimes Unit disrupts a major phishing-as-a-service operation that targeted and stole Office 365 usernames and credentials First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366631473/Microsoft-scores-win-against-Office-365-credential-thieves
-
Office 2016 and Office 2019 reach end of support next month
Microsoft reminded customers again this week that Office 2016 and Office 2019 will reach the end of extended support in less than 30 days, on October 14, 2025. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-office-2016-and-office-2019-reach-end-of-support-next-month/
-
Rethinking AI Data Security: A Buyer’s Guide
Generative AI has gone from a curiosity to a cornerstone of enterprise productivity in just a few short years. From copilots embedded in office suites to dedicated large language model (LLM) platforms, employees now rely on these tools to code, analyze, draft, and decide. But for CISOs and security architects, the very speed of adoption…
-
Industrie 4.0: Wie OT-Segmentierung kritische Produktionsinfrastrukturen vor Cyberangriffen schützt
Die zunehmende Digitalisierung und Vernetzung von Produktionsanlagen erweitert die Angriffsfläche für Cyberkriminelle: Einmal im System, kann sich ein Hacker durch das gesamte Netzwerk arbeiten mit verheerenden Folgen für die Produktion. OT-Segmentierung schafft Abhilfe. Ein Cyberangriff, eine kompromittierte Office-IT und kurz darauf steht die Produktion still. Dieser Ketteneffekt wird für Industrieunternehmen zunehmend zur… First seen on…