Collecting Cyber-News from over 60 sources

Tag: office

Solving networking and security challenges in the modern branch

Dec 5, 2024 6:50 PM

Tags: access, attack, automation, botnet, business, cloud, control, cybercrime, data, endpoint, exploit, firewall, Hardware, infrastructure, Internet, iot, malware, monitoring, network, office, risk, router, service, software, threat, tool, unauthorized, update, vulnerability, zero-trust

As organizations embrace digital transformation, branch offices have become critical hubs for innovation and operations. They host diverse devices, users, and cloud-enabled applications that drive business agility and customer engagement. However, the rapid expansion of branch infrastructures has introduced significant challenges, particularly in networking and security.The rise of Internet-of-Things (IoT) devices in branch locations is…
Talent overlooked: embracing neurodiversity in cybersecurity

Dec 4, 2024 8:48 AM

Tags: awareness, business, cisa, ciso, cloud, computing, corporate, cyber, cybersecurity, email, finance, firewall, flaw, framework, google, government, hacking, incident response, jobs, microsoft, mitre, office, sap, service, skills, technology, threat, tool, training, vulnerability

In cybersecurity, diverse perspectives help in addressing complex, emerging threats. Increasingly, there’s a push to recognize that neurodiversity brings significant value to cybersecurity. However, neurodiverse people frequently face systemic barriers that hinder their success in the field.Neurodiversity refers to the way some people’s brains work differently to the neurotypical brain. This includes autism, ADHD (attention…
Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defenses

Dec 4, 2024 6:48 AM

Tags: antivirus, attack, cybersecurity, defense, email, hacker, malicious, microsoft, office, phishing, software, spam

Cybersecurity researchers have called attention to a novel phishing campaign that leverages corrupted Microsoft Office documents and ZIP archives as a way to bypass email defenses.”The ongoing attack evades #antivirus software, prevents uploads to sandboxes, and bypasses Outlook’s spam filters, allowing the malicious emails to reach your inbox,” ANY.RUN said in a series of posts…
65% of office workers bypass cybersecurity to boost productivity

Dec 4, 2024 5:49 AM

Tags: access, cybersecurity, jobs, office, risk

High-risk access exists throughout the workplace, in almost every job role, proving that the time has come for organizations to re-think the way they protect their workforce, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/04/employees-privileged-access-security-risk/
Corrupted Microsoft Office Documents Used In Phishing Campaign

Dec 3, 2024 4:48 PM

Tags: microsoft, office, phishing

First seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36662/Corrupted-Microsoft-Office-Documents-Used-In-Phishing-Campaign.html
SmokeLoader picks up ancient MS Office bugs to pack fresh credential stealer

Dec 3, 2024 2:48 PM

Tags: access, antivirus, attack, browser, credentials, cve, cvss, data, email, exploit, flaw, fortinet, framework, healthcare, login, malicious, malware, microsoft, office, phishing, remote-code-execution, risk, software, threat, vulnerability, windows

Threat actors are using a well-known modular malware loader, SmokeLoader, to exploit known Microsoft Office vulnerabilities and steal sensitive browser credentials.The loader which runs a framework to deploy multiple malware modules, was observed by Fortinet’s FortiGuard Labs in attacks targeting manufacturing, healthcare, and IT companies in Taiwan.”SmokeLoader, known for its ability to deliver other malicious…
Phishers send corrupted documents to bypass email security

Dec 3, 2024 1:48 PM

Tags: email, malware, office, phishing, service, spam

Phishers have come up with a new trick for bypassing email security systems: corrupted MS Office documents. The spam campaign Malware hunting service Any.Run has warned last … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/12/03/phishers-send-corrupted-documents-to-bypass-email-security/
SmokeLoader Malware Exploits MS Office Flaws to Steal Browser Credentials

Dec 2, 2024 7:48 PM

Tags: credentials, exploit, flaw, malware, office

SmokeLoader malware has resurfaced with enhanced capabilities and functionalities, targeting your personal data. First seen on hackread.com Jump to article: hackread.com/smokeloader-malware-ms-office-flaws-browser-data/
Data Breaches in the USA in November 2024: 5,266,320 People Impacted

Dec 2, 2024 6:48 PM

Tags: breach, data, data-breach, governance, office, usa

Analyzing the Maine Attorney General’s data For November 2024, IT Governance USA’s analysis of the Office of the Maine Attorney General’s data breach notifications found the following: We look at what’s reported to a regulator to help us identify significant real-world trends and patterns. We chose the Office of the Maine Attorney General as this…
SmokeLoader Malware Campaign Targets Companies in Taiwan

Dec 2, 2024 3:28 PM

Tags: exploit, malware, microsoft, office, phishing, vulnerability

SmokeLoader malware identified targeting Taiwanese firms via phishing, exploiting Microsoft Office vulnerabilities First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/smokeloader-malware-taiwan/
Biden-â Harris administration releases roadmap to enhance internet routing

Dec 1, 2024 3:26 PM

Tags: Internet, office

The Biden-Harris Administration has taken another step toward improving the nation’s cybersecurity. In September, the White House Office of the Nation… First seen on securityintelligence.com Jump to article: securityintelligence.com/news/biden-harris-administration-releases-roadmap-enhance-internet-routing/
VPN für Dummies: Was sie können und wie man sie nutzt

Dec 1, 2024 2:27 PM

Tags: Internet, office, vpn

Egal ob im Home Office oder auf Reisen: Virtuelle Private Netzwerke (VPNs) sind das Mittel der Wahl, wenn es darum geht, sich sicher mit dem Internet … First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/tipps-ratgeber/vpn-fur-dummies-was-sie-konnen-und-wie-man-sie-nutzt/
CVE-2023-36884 Office and Windows HTML Remote Code Execution Vulnerability

Dec 1, 2024 2:19 AM

Tags: cve, detection, microsoft, office, remote-code-execution, threat, vulnerability, windows

Written by Yann Lehmann and Harish Segar of the Kudelski Security Threat Detection & Research Team Summary On July 11th, Microsoft disclosed a rem… First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2023/07/14/cve-2023-36884-office-and-windows-html-remote-code-execution-vulnerability/
Escanor Malware delivered in Weaponized Microsoft Office Documents

Dec 1, 2024 1:19 AM

Tags: malware, microsoft, office

First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/escanor-malware-delivered-in-weaponized-microsoft-office-documents
Copilot: Administratorwissen zum Schutz der Daten

Dec 1, 2024 12:28 AM

Tags: ai, microsoft, office

Microsoft hat ja damit begonnen, seine AI-Lösung Copilot in Microsoft Office-Anwendungen mit “Auto-Opt-in” an Kunden mit entsprechender Lizenz auszurollen. Administratoren kommt eine besondere Verantwortung zu, was den Schutz von Daten im Unternehmen betrifft. Microsoft hat dazu kürzlich einen Beitrag mit … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/12/01/copilot-was-administratoren-zum-schutz-der-daten-wissen-sollten/
Data Breaches in the USA in September 2024: 3,451,574 People Impacted

Dec 1, 2024 12:18 AM

Tags: breach, data, governance, office, usa

Analyzing the Maine Attorney General’s data For September 2024, IT Governance USA’s analysis of the Office of the Maine Attorney General’s data breach… First seen on itgovernanceusa.com Jump to article: www.itgovernanceusa.com/blog/data-breaches-in-the-usa-in-september-2024-3451574-people-impacted
Data Breaches in the USA in October 2024: 3,088,066 People Impacted

Dec 1, 2024 12:18 AM

Tags: breach, data, data-breach, governance, office, usa

Analyzing the Maine Attorney General’s data For October 2024, IT Governance USA’s analysis of the Office of the Maine Attorney General’s data breach n… First seen on itgovernanceusa.com Jump to article: www.itgovernanceusa.com/blog/data-breaches-in-the-usa-in-october-2024-3088066-people-impacted
Achtung: CoPilot in Office-Apps standardmäßig aktiviert

Nov 28, 2024 1:22 AM

Tags: ai, microsoft, office, update

Microsoft hat wohl Updates der Office-Apps in Microsoft 365 ausgerollt, bei denen standardmäßig ein Opt-In in CoPilot aktiviert ist. Damit werten Word oder Excel Dokumente standardmäßig aus, um die AI-Modelle zu trainieren. Nutzer tun gut daran, sofern möglich, diese Option … First seen on borncity.com Jump to article: www.borncity.com/blog/2024/11/28/achtung-copilot-in-office-apps-standardmaessig-aktiviert-abschalten/
APT60 Exploits WPS Office Vulnerability to Deploy SpyGlace Backdoor

Nov 27, 2024 1:11 PM

Tags: apt, attack, backdoor, cyber, exploit, google, jobs, office, service, threat, vulnerability

The threat actor known as APT-C-60 has been linked to a cyber attack targeting an unnamed organization in Japan that used a job application-themed lure to deliver the SpyGlace backdoor.That’s according to findings from JPCERT/CC, which said the intrusion leveraged legitimate services like Google Drive, Bitbucket, and StatCounter. The attack was carried out around August…
The workplace has become a surveillance state

Nov 27, 2024 10:11 AM

Tags: office

Cracked Labs report explores the use of motion sensors and wireless networking kit to monitor offices First seen on theregister.com Jump to article: www.theregister.com/2024/11/27/workplace_surveillance/
Watchdog Report: HHS OCR Should Beef-Up HIPAA Audit Program

Nov 27, 2024 12:12 AM

Tags: cybersecurity, healthcare, HIPAA, office, service

HHS OIG: Current Audit Program Is Not Pushing Entities Enough to Improve Cyber. The U.S. Department of Health and Human Services’ Office for Civil Rights should restart and toughen the scope of its HIPAA audits. A watchdog agency says HHS needs to better assess whether regulated healthcare organizations are taking required actions to reduce their…
9 VPN alternatives for securing remote network access

Nov 26, 2024 9:11 AM

Tags: access, ai, api, attack, authentication, automation, best-practice, business, cloud, compliance, computer, computing, control, corporate, credentials, cve, cybercrime, cybersecurity, data, defense, detection, dns, encryption, endpoint, exploit, firewall, fortinet, group, guide, Hardware, iam, identity, infrastructure, Internet, iot, least-privilege, login, malicious, malware, mfa, microsoft, monitoring, network, office, password, ransomware, risk, router, saas, service, software, strategy, switch, threat, tool, update, vpn, vulnerability, vulnerability-management, waf, zero-trust

Once the staple for securing employees working remotely, VPNs were designed to provide secure access to corporate data and systems for a small percentage of a workforce while the majority worked within traditional office confines. The move to mass remote working brought about by COVID-19 in early 2020 changed things dramatically. Since then, large numbers…
ICO Urges More Data Sharing to Tackle Fraud Epidemic

Nov 25, 2024 10:55 AM

Tags: data, fraud, office, scam

The UK’s Information Commissioner’s Office argues that regulatory concerns shouldn’t prevent firms sharing data to stop scams First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ico-urges-data-sharing-tackle/
101 Videoclips zu Identity-Protection

Nov 24, 2024 2:54 PM

Tags: identity, mail, microsoft, office, windows

Die zunehmende Popularität des Windows-Server-Betriebssystems für das Bereitstellen grundlegender Datei- und Druckfreigabedienste sowie anderer Back-Office-Dienste wie E-Mail, Messaging und Zusammenarbeit hat dazu beigetragen, dass Active-Directory (AD) zum bevorzugten Netzwerkverzeichnis wurde. Microsoft hat praktisch alle seine beliebten Anwendungen so weiterentwickelt, dass sie sich auf AD stützen, sodass AD heute einer der am weitesten verbreiteten Softwaredienste in…
Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps

Nov 22, 2024 5:53 PM

Tags: access, advisory, ai, application-security, attack, backup, best-practice, breach, cisa, cloud, computer, cve, cyber, cyberattack, cybercrime, cybersecurity, data, exploit, extortion, firewall, framework, governance, government, group, guide, Hardware, incident, incident response, infrastructure, injection, intelligence, Internet, LLM, malicious, microsoft, mitigation, mitre, monitoring, network, nist, office, open-source, powershell, privacy, ransomware, regulation, risk, risk-management, russia, service, skills, software, sql, strategy, supply-chain, tactics, technology, theft, threat, tool, update, vulnerability, vulnerability-management, windows

Don’t miss OWASP’s update to its “Top 10 Risks for LLMs” list. Plus, the ranking of the most harmful software weaknesses is out. Meanwhile, critical infrastructure orgs have a new framework for using AI securely. And get the latest on the BianLian ransomware gang and on the challenges of protecting water and transportation systems against…
Cybersecurity Concerns Loom Over Drinking Water Systems, Says EPA Inspector General Report

Nov 22, 2024 5:53 AM

Tags: cybersecurity, office

A new report from the Office of Inspector General (OIG) of the U.S. Environmental Protection Agency (EPA) has highlighted significant cybersecurity concerns at drinking water systems across the United States.... First seen on securityonline.info Jump to article: securityonline.info/cybersecurity-concerns-loom-over-drinking-water-systems-says-epa-inspector-general-report/
Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Nov 21, 2024 11:53 PM

Tags: attack, cybersecurity, government, office, ransomware

Mexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president amidst growing cybersecurity concerns. Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. “Today they are going to send me a report on the supposed hacking.” President Claudia Sheinbaum said…
Mexico’s President Says Government Is Investigating Reported Ransomware Hack of Legal Affairs Office

Nov 21, 2024 2:53 PM

Tags: country, government, office, ransomware

Mexico’s president says the government is investigating a reported ransomware hack of the country’s legal affairs office. The post Mexico’s President Says Government Is Investigating Reported Ransomware Hack of Legal Affairs Office appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/mexicos-president-says-government-is-investigating-reported-ransomware-hack-of-legal-affairs-office/
8 Betrügereien im Home Office, die Sie vermeiden sollten

Nov 21, 2024 12:51 AM

Tags: office

First seen on welivesecurity.com Jump to article: www.welivesecurity.com/de/scams/8-betrugereien-im-home-office-die-sie-vermeiden-sollten/
EPA IG Office: ‘High-Risk’ Security Flaws in Hundreds of Water Systems

Nov 19, 2024 10:53 PM

Tags: breach, data, flaw, office, risk, threat, vulnerability

The watchdog for the EPA found that, of 1,062 U.S. drinking water systems it assessed, 97 had “critical” or “high-risk” security flaws and another 211 had less dangerous vulnerabilities, risking threats from stolen data to disrupted service. First seen on securityboulevard.com Jump to article: securityboulevard.com/2024/11/epa-ig-office-high-risk-security-flaws-in-hundreds-of-water-systems/