Tag: office
-
Cyberattack on large Russian bread factory disrupts supply deliveries
The Vladimir Bread Factory, one of the largest bakery producers in its region, said in a statement that its internal digital systems were hit overnight on Sunday, knocking out office computers, servers and electronic document management tools. First seen on therecord.media Jump to article: therecord.media/cyberattack-russian-bread-factory-supply-disruptions
-
Microsoft releases update to address zero-day vulnerability in Microsoft Office
Microsoft has published three out-of-band (OOB) updates so far in January 2026. One of these updates was released to address a vulnerability, CVE-2026-21509, affecting Microsoft Office that has been reportedly exploited in the wild. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/microsoft-oob-update-january-2026/
-
CISA chief uploaded sensitive government files to public ChatGPT
Tags: access, chatgpt, cisa, compliance, control, cybersecurity, government, infrastructure, office, toolLeadership credibility questioned: The uploads triggered an internal DHS assessment involving the department’s then-acting general counsel Joseph Mazzara and chief information officer Antoine McCord, along with CISA’s chief information officer Robert Costello and chief counsel Spencer Fisher, the report said. The outcome has not been disclosed.According to the report, CISA spokesperson Marci McCarthy confirmed that…
-
CVE-2026-21509 – Microsoft schließt Zero Days in Office im Eiltempo
First seen on security-insider.de Jump to article: www.security-insider.de/microsoft-sicherheitsluecke-cve-2026-21509-office-update-a-bcf2b30c791d0772c56512f96c0c97f1/
-
Fixes released for a serious Microsoft Office zero-day flaw
This article originally appeared on Computerworld. First seen on csoonline.com Jump to article: www.csoonline.com/article/4123146/fixes-released-for-a-serious-microsoft-office-zero-day-flaw-2.html
-
Microsoft Issues Emergency Patch for Active Office Zero-Day
Microsoft released an emergency Office patch to fix an actively exploited zero-day flaw that lets attackers bypass security via malicious files. The post Microsoft Issues Emergency Patch for Active Office Zero-Day appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-office-zero-day-emergency-patch-january-2026/
-
Microsoft Rushes Emergency Patch for Office Zero-Day
To exploit the vulnerability, an attacker would need either system access or be able to convince a user to open a malicious Office file. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/microsoft-rushes-emergency-patch-office-zero-day
-
U.S. CISA adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog
Tags: cisa, cybersecurity, exploit, flaw, infrastructure, kev, linux, microsoft, office, vulnerabilityU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Microsoft Office, GNU InetUtils, SmarterTools SmarterMail, and Linux Kernel flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the flaws added to the catalog:…
-
Microsoft Issues Emergency Patch for Active Office Zero-Day
Microsoft issued an emergency patch for an actively exploited Microsoft Office zero-day enabling code execution. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/microsoft-issues-emergency-patch-for-active-office-zero-day/
-
UK plans sweeping overhaul of policing amid surge in online crimes
The British Home Office published proposals that would include the creation of a new National Police Service, described by officials as Britain’s equivalent of the FBI. First seen on therecord.media Jump to article: therecord.media/uk-national-policing-overhaul-cybercrime
-
Office zero-day exploited in the wild forces Microsoft OOB patch
Another actively abused Office bug, another emergency patch Office 2016 and 2019 users are left with registry tweaks instead of fixes. First seen on theregister.com Jump to article: www.theregister.com/2026/01/27/office_zeroday_exploited_in_the/
-
Microsoft Releases Patch for Office Zero Day Amid Evidence of Exploitation
Microsoft urged customers running Microsoft Office 2016 and 2019 to apply the patch to be protected First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/microsoft-patch-office-zero-day/
-
Microsoft reveals actively exploited Office zero-day, provides emergency fix (CVE-2026-21509)
Microsoft released emergency Office security updates to fix a security feature bypass vulnerability (CVE-2026-21509) that its threat intelligence and security teams spotted … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/27/microsoft-reveals-actively-exploited-office-zero-day-provides-emergency-fix-cve-2026-21509/
-
Microsoft bringt Notfallpatch: Office-Nutzer werden über Zero-Day-Lücke attackiert
Eine gefährliche Sicherheitslücke betrifft alle gängigen Office-Versionen. Angesichts der aktiven Ausnutzung sollten Anwender zügig patchen. First seen on golem.de Jump to article: www.golem.de/news/microsoft-bringt-notfallpatch-office-nutzer-werden-ueber-zero-day-luecke-attackiert-2601-204646.html
-
Emergency Microsoft update fixes inwild Office zero-day
Microsoft issued emergency updates to fix an actively exploited Office zero-day, CVE-2026-21509, affecting Office 20162024 and Microsoft 365 Apps. Microsoft released out-of-band security updates to address an actively exploited Office zero-day vulnerability tracked as CVE-2026-21509. The issue is a security feature bypass vulnerability that affects multiple Office versions, including Microsoft Office 2016, Microsoft Office 2019,…
-
Microsoft patches actively exploited Office zero-day vulnerability
Microsoft has released emergency security updates to patch a high-severity Office zero-day vulnerability exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/microsoft/microsoft-patches-actively-exploited-office-zero-day-vulnerability/
-
UK border tech budget swells by £100M as Home Office targets small boat crossings
Drone, satellite, and other data combined to monitor unwanted vessels First seen on theregister.com Jump to article: www.theregister.com/2026/01/24/home_office_small_boats/
-
Filling the Most Common Gaps in Google Workspace Security
Security teams at agile, fast-growing companies often have the same mandate: secure the business without slowing it down. Most teams inherit a tech stack optimized for breakneck growth, not resilience. In these environments, the security team is the helpdesk, the compliance expert, and the incident response team all rolled into one.Securing the cloud office in…
-
Warum Microsoft-365-Konfigurationen geschützt werden müssen
Tags: access, authentication, backup, ciso, cloud, compliance, framework, least-privilege, mail, mfa, microsoft, office, powershell, risk, zero-trustLesen Sie, warum CISOs den M365-Tenant stärker in den Blick nehmen müssen.Im Jahr 2010 war Office 365 eine einfache Suite mit Office-Anwendungen und zusätzlicher E-Mail-Funktion. Das hat sich 15 Jahre später mit Microsoft 365 geändert: Die Suite ist ein wesentliches Element in den Bereichen Kommunikation, Zusammenarbeit und Sicherheit. Dienste wie Entra, Intune, Exchange, Defender, Teams…
-
ClickFix to CrashFix: KongTuke Used Fake Chrome Ad Blocker to Install ModeloRAT
Huntress discovers ‘CrashFix,’ a new attack by KongTuke hacker group using fake ad blockers to crash browsers and trick office workers into installing ModeloRAT malware. First seen on hackread.com Jump to article: hackread.com/clickfix-crashfix-kongtuke-fake-chrome-ad-blocker-modelorat/
-
Hackers target Afghan government workers with fake correspondence from senior officials
Hackers are targeting Afghan government employees with phishing emails disguised as official correspondence from the office of the country’s prime minister, researchers found. First seen on therecord.media Jump to article: therecord.media/hackers-target-afghan-workers
-
From arts degree to cybersecurity: Rona Michele Spiegel brings fresh perspective to cyber leadership
Tags: ai, awareness, business, cisco, ciso, cloud, compliance, computer, cyber, cybersecurity, data, governance, group, hacking, Hardware, intelligence, jobs, network, office, penetration-testing, privacy, psychology, risk, risk-management, skills, software, startup, strategy, supply-chain, technology, tool, vulnerabilityRona Michele Spiegel’s journey to cybersecurity might seem unconventional to some: She studied the arts. But as someone who grew up when computers first appeared and everyone wanted to experiment with them, she did a lot of multimedia work. She was always interested in technology and discussed with art colleagues about where the world was…
-
UkraineGermany operation targets Black Basta, Russian leader wanted
Police in Ukraine and Germany identified Black Basta suspects and issued an international wanted notice for the group’s alleged Russian leader. Ukrainian and German police raided homes linked to alleged Black Basta ransomware members, identifying two Ukrainian suspects. Law enforcement also issued an international wanted notice for the group’s alleged Russian ringleader. >>The Office of…
-
Microsoft’s January Security Update of High-Risk Vulnerability Notice for Multiple Products
Overview On January 14, NSFOCUS CERT detected that Microsoft released the January Security Update patch, which fixed 112 security issues involving widely used products such as Windows, Microsoft Office, Microsoft SQL Server, Azure, etc., including high-risk vulnerability types such as privilege escalation and remote code execution. Among the vulnerabilities fixed by Microsoft’s monthly update this…The…
-
Contagious Claude Code bug Anthropic ignored promptly spreads to Cowork
Office workers without AI experience warned to watch for prompt injection attacks – good luck with that First seen on theregister.com Jump to article: www.theregister.com/2026/01/15/anthropics_claude_bug_cowork/
-
California AG to probe Musk’s Grok for nonconsensual deepfakes
California’s attorney general said Wednesday that his office has opened a probe into the spread of nonconsensual sexually explicit material by the artificial intelligence tool Grok. First seen on therecord.media Jump to article: therecord.media/california-grok-deepfakes-investigation
-
Microsoft January 2026 Patch Tuesday: 115 Vulnerabilities Fixed
Microsoft kicks off 2026 with 115 security updates, including a fix for an actively exploited zero-day. Protect your Windows and Office systems today. First seen on hackread.com Jump to article: hackread.com/microsoft-january-2026-patch-tuesday-vulnerabilities/
-
Microsoft Patch Tuesday security updates for January 2026 fixed actively exploited zero-day
Microsoft Patch Tuesday addressed 112 security flaws across Windows, Office, Azure, Edge, and more, including eight critical vulnerabilities, kicking off the new year with a major patch update. Microsoft Patch Tuesday security updates for January 2026 release 112 CVEs affecting Windows, Office, Azure, Edge, SharePoint, SQL Server, SMB, and Windows management services. Including third-party Chromium…