Tag: office
-
French city of Lyon ditching Microsoft for open source office and collab tools
Ingredients of future software salade Lyonnaise will include Linux, PostgreSQL, and OnlyOffice First seen on theregister.com Jump to article: www.theregister.com/2025/06/26/lyon_leaving_microsoft/
-
AI Agents Used in Cybersecurity Need Safeguards Too
Tags: ai, best-practice, ciso, cloud, cybersecurity, defense, google, intelligence, office, trainingGoogle’s Anton Chuvakin Calls for Layered Defenses When Deploying AI Tools. According to Anton Chuvakin, security advisor at Google Cloud’s Office of the CISO, relying solely on artificial intelligence model training or adversarial testing is not enough. Effective AI defense demands a defense-in-depth approach and proven best practices for autonomous actions. First seen on govinfosecurity.com…
-
Amerikanische Cloud-Applikationen prägen den Business-Alltag
Eine aktuelle, von Eperi beauftragte Techconsult-Erhebung in deutschen Unternehmen belegt, dass die Verbreitung amerikanischer Cloud-Applikationen hoch und die daraus resultierende Abhängigkeit groß ist. Allein Microsoft-365 wird weltweit bei knapp 30 Prozent aller Unternehmen genutzt. Dies legt nahe, dass potenzielle Abnabelungsbestrebungen von amerikanischen Cloud-Anbietern, insbesondere im Bereich des Office-Managements, besonders schwierig sein können. Mit 68,7 Prozent…
-
WhatsApp BANNED by House Security Goons, But Why?
Tags: officeNew phone”, who dis? Office of the Chief Administrative Officer (CAO) offers hazy reasoning. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/06/whatsapp-banned-richixbw/
-
Anton’s Security Blog Quarterly Q2 2025
Tags: ai, automation, breach, ciso, cloud, cyber, defense, detection, google, governance, guide, metric, office, RedTeam, siem, soc, software, supply-chain, threat, vulnerability, vulnerability-management, zero-trustAmazingly, Medium has fixed the stats so my blog/podcast quarterly is back to life. As before, this covers both Anton on Security and my posts from Google Cloud blog, and our Cloud Security Podcast (subscribe). Top 10 posts with the most lifetime views (excluding paper announcement blogs): Anton’s Alert Fatigue: The Study [A.C.”Š”, “Šwow, this…
-
The Security Fallout of Cyberattacks on Government Agencies
Cyberattacks against government agencies are escalating at an alarming pace. From state departments to small municipal offices, public sector organizations have become prime targets for ransomware, credential theft, and increasingly sophisticated supply chain attacks. What once were isolated breaches have evolved into systemic risks threatening public safety, economic stability, and national security. Behind this surge……
-
Microsoft Office-Zertifikat am 23. Juni 2025 ausgelaufen gibt es Probleme?
Kurze Information an die Leserschaft, die Microsoft Office verwenden. Ein Blog-Leser hat mich gerade informiert, dass am gestrigen 23. Juni 2025 ein Service-Zertifikat für Office-Online-Inhalte abgelaufen ist. Momentan deutet sich an, dass Microsoft die Übersicht über seine Zertifikate bzw. deren … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/24/microsoft-office-zertifikat-am-23-juni-2025-ausgelaufen-gibt-es-probleme/
-
U.S. House Bans WhatsApp on Official Devices Over Security and Data Protection Issues
The U.S. House of Representatives has formally banned congressional staff members from using WhatsApp on government-issued devices, citing security concerns.The development was first reported by Axios.The decision, according to the House Chief Administrative Officer (CAO), was motivated by worries about the app’s security.”The Office of Cybersecurity has deemed WhatsApp a high-risk to users First seen…
-
LapDogs Hackers Compromise 1,000 SOHO Devices Using Custom Backdoor for Stealthy Attacks
Security researchers at SecurityScorecard have uncovered a sprawling cyber-espionage campaign orchestrated by the LapDogs Operational Relay Box (ORB) Network, a sophisticated infrastructure compromising over 1,000 devices worldwide. Identified as a key tool for China-Nexus threat actors, LapDogs primarily targets Small Office/Home Office (SOHO) routers and IoT devices, particularly Linux-based systems, to facilitate covert operations. This…
-
Microsoft Enhances Defender for Office 365 with Detailed Spam and Phishing Analysis
Microsoft has announced a significant upgrade to its Defender for Office 365 platform, introducing a new AI-powered capability designed to provide unprecedented clarity into why emails are classified as spam, phishing, or clean. This enhancement, powered by large language models (LLMs), aims to bolster email security for organizations worldwide by offering clear, human-readable explanations for…
-
Stealthy backdoor found hiding in SOHO devices running Linux
SecurityScorecard’s STRIKE team has uncovered a network of compromised small office and home office (SOHO) devices they’re calling LapDogs. The threat is part of a broader … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/06/23/lapdogs-shortleash-backdoor-linux-soho-devices/
-
US patent office wants an AI to scan for prior art, but doesn’t want to pay for it
‘The selected vendor must be willing to receive consideration that is primarily non-monetary,’ says the USPTO First seen on theregister.com Jump to article: www.theregister.com/2025/06/20/us_patent_office_ai/
-
Thousands of UK government laptops, phones and tablets have been lost or stolen
Exclusive: ‘Systemic risk’ to cybersecurity after devices worth more than £1m a year are taken or lostThousands of UK government laptops, phones and tablets worth more than £1m have been either lost or stolen, freedom of information disclosures have revealed, triggering warnings of a “systemic risk” to the nation’s cybersecurity.The Department for Work and Pensions…
-
What’s OpenID Connect (OIDC) and Why Should You Care?
Alright, let’s be honest, login systems are everywhere. From your favourite pizza delivery app to your office tools, every app asks you to Sign in with Google or Log in with Microsoft. Ever wondered how that works under the hood? That’s where OpenID Connect (OIDC) comes into play. In simple terms, OIDC is a… First…
-
Microsoft Defender for Office 365 to Block Email Bombing Attacks
First seen on thesecurityblogger.com Jump to article: www.thesecurityblogger.com/microsoft-defender-for-office-365-to-block-email-bombing-attacks/
-
UK fines 23andMe for ‘profoundly damaging’ breach exposing genetics data
The UK Information Commissioner’s Office (ICO) has fined genetic testing provider 23andMe £2.31 million ($3.12 million) over ‘serious security failings’ that led to a ‘profoundly damaging’ data breach in 2023. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/uk-fines-23andme-for-profoundly-damaging-breach-exposing-genetics-data/
-
DNA testing firm 23andMe fined £2.3m by UK regulator for 2023 data hack
Information stolen from US company included details of 150,000 British residents including family treesThe genetic testing company 23andMe has been fined more than £2.3m for failing to protect the personal information of more than 150,000 UK residents after a large-scale cyberattack in 2023.Family trees, health reports, names and postcodes were among the sensitive data hacked…
-
Microsoft Office 2016-Nutzer mit Copilot zwangsbeglückt
Die Woche ist mir erneut ein ein Fall untergekommen, wo Copilot, trotz gesetzter GPOs zum Deaktivieren, in Office 2016 auftaucht. Nachdem Sicherheitsforscher auf die erste Zero-Click-Schwachstelle in der KI-Anwendung Copilot gestoßen sind, greife ich das Thema nochmals hier im Blog auf. … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/14/microsoft-office-2016-nutzer-mit-copilot-zwangsbeglueckt/
-
Government offices in North Carolina, Georgia disrupted by cyberattacks
The city government of Thomasville, North Carolina, and a court district in eastern Georgia are responding to recent intrusions into their networks. First seen on therecord.media Jump to article: therecord.media/thomasville-nc-government-ogeechee-ga-district-cyberattacks
-
Cyberangriff auf eine Staatsanwaltschaft in Georgia, USA
Ogeechee Judicial Circuit District Attorney’s Office targeted in cyber attack, operations limited First seen on griceconnect.com Jump to article: www.griceconnect.com/local-news/ogeechee-judicial-circuit-district-attorneys-office-targeted-in-cyber-attack-operations-limited-10793672
-
Apple encryption row: Does law enforcement need to use Technical Capability Notices?
History shows that law enforcement can bring successful prosecutions without the need for the Home Office to introduce ‘backdoors’ into end-to-end encryption First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366625826/Apple-encryption-row-Does-law-enforcement-need-to-use-Technical-Capability-Notices
-
EchoLeak: Erste AI 0-Click-Sicherheitslücke in Microsoft Copilot
Sicherheitsforscher sind auf die erste Zero-Click-Schwachstelle in einer KI-Anwendung gestoßen. Wenig überraschend für mich betrifft dies Microsoft 365 Copilot. Angreifer könnten Microsoft 365 Copilot über diese, als EchoLeak bezeichnete, Schwachstelle zu einer Datenexfiltration zwingen. Microsoft “stülpt” ja allen Office-Anwendern den … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/06/13/echoleak-erste-ai-0-click-sicherheitsluecke-in-microsoft-copilot/
-
WhatsApp Backs Apple Over Encryption Fight With UK
WhatsApp CEO Says UK Request Sets Dangerous Precedent. Instant messaging app WhatsApp is seeking to join Apple’s legal battle with the U.K. government over end-to-end encryption. Apple is challenging a Home Office order requiring the device maker to provide law enforcement with unencrypted copies of customer data. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/whatsapp-backs-apple-over-encryption-fight-uk-a-28685
-
CSO Awards 2025 showcase world-class security strategies
A+E Global Media Marine Corps Community Services Accenture Marvell Adobe Mastercard Aflac Munich Re Ally Financial National Cybersecurity Alliance AmeriHealth Caritas Naval Information Warfare Center Pacific Amtrak New Jersey Institute of Technology Arizona Department of Child Safety Northern Nevada HOPES Augusta University NRC Health Avanade OHLA USA Avery Dennison Penn Medicine Avnet, Inc. Precisely Baptist…
-
New Cybersecurity Executive Order: What You Need To Know
Tags: ai, cisa, cloud, communications, compliance, computing, control, cyber, cybersecurity, data, defense, detection, encryption, exploit, fedramp, framework, government, identity, incident response, infrastructure, Internet, iot, network, office, privacy, programming, resilience, risk, service, software, supply-chain, technology, threat, update, vulnerability, vulnerability-management, zero-trustA new cybersecurity Executive Order aims to modernize federal cybersecurity with key provisions for post-quantum encryption, AI risk and secure software development. On June 6, 2025, the White House released a new Executive Order (EO) aimed at modernizing the nation’s cybersecurity posture. As cyber threats continue to evolve in scale and sophistication, the EO reinforces…
-
Outlook Vulnerability Allows Remote Execution of Arbitrary Code by Attackers
Microsoft confirmed a critical security vulnerability (CVE-2025-47176) in Microsoft Office Outlook, enabling attackers to execute arbitrary code. Despite the “Remote Code Execution” title, the attack vector is local, requiring attackers to run code from a user’s own machine. However, the potential impact remains high for organizations, as successful exploitation can compromise the confidentiality, integrity, and…
-
Government using national security as ‘smokescreen’ in Apple encryption row
Senior conservative MP David Davis says the Home Office should disclose how many secret orders it has issued against telecoms and internet companies to Parliament First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366625724/Government-using-national-security-as-smokescreen-in-Apple-encryption-row
-
Multiple Microsoft Office Vulnerabilities Enable Remote Code Execution by Attackers
Microsoft has disclosed four critical remote code execution (RCE) vulnerabilities in its Office suite as part of the June 2025 Patch Tuesday updates, posing significant risks to organizations and individuals who depend on the widely used productivity software. The vulnerabilities, tracked as CVE-2025-47162, CVE-2025-47953, CVE-2025-47164, and CVE-2025-47167, each received a CVSS v3.1 base score of…
-
Ohne Nutzerinteraktion: Microsoft Office anfällig für Schadcode-Attacken
Wer Microsoft Office verwendet, sollte dringend die Juni-Updates einspielen. Angreifer können ohne Zutun des Nutzers Schadcode zur Ausführung bringen. First seen on golem.de Jump to article: www.golem.de/news/ohne-nutzerinteraktion-microsoft-office-anfaellig-fuer-schadcode-attacken-2506-197030.html
-
June 2025 Patch Tuesday: Microsoft Fixes 66 Bugs, Including Active 0-Day
June 2025 Patch Tuesday fixes 66 bugs, including a zero-day in WebDAV. Update Windows, Office, and more now to block active threats. First seen on hackread.com Jump to article: hackread.com/june-2025-patch-tuesday-microsoft-bugs-active-0-day/