Security News > 2021

Microsoft has addressed a known issue causing memory or disk space errors when opening some documents using Microsoft Word, Microsoft Excel, or other Microsoft Office apps. This known issue only affects customers who have installed Microsoft Office apps from the Microsoft Store and are trying to open an Office document that triggers the Protected View feature.

The indictments were presented Friday against Jean-Francois Eap, the head of Sky Global, and Thomas Herdman, a former high-level distributor of Sky Global devices, the department said Friday. "The indictment alleges that Sky Global generated hundreds of millions of dollars providing a service that allowed criminal networks around the world to hide their international drug trafficking activity from law enforcement," said Acting US Attorney Randy Grossman.

Now, nearly 24,000 WeLeakInfo's customers are finding that the personal and payment data they shared with WeLeakInfo over its five-year-run has been leaked online. In a post on the database leaking forum Raidforums, a regular contributor using the handle "Pompompurin" said he stole the WeLeakInfo payment logs and other data after noticing the domain wli[.

Microsoft Exchange servers around the world are still getting compromised via the ProxyLogon and three other vulnerabilities patched by Microsoft in early March. A. Human operated ransomware attacks are utilizing the Microsoft Exchange vulnerabilities to exploit customers.

To keep your Linux servers and desktops as secure as possible, you should check for and remove legacy communication services. Jack Wallen shows you how.

It's looking like the exploitation of critical Exchange flaws that Microsoft revealed at the start of the month could be much worse than folks first suspected. An analysis by Slovak security shop ESET claims that six advanced criminal hacking groups, thought to have some level of state sponsorship, used the zero days to attack government and industry sites before the flaws were patched.

Google last week announced the release of proof-of-concept code designed to exploit the notorious Spectre vulnerability and leak information from web browsers. In 2019, the Google team responsible for Chrome's V8 JavaScript engine said that the attack can't be mitigated at the software level, arguing that security boundaries in browsers should be aligned with low-level primitives, such as process-based isolation.

Abstract: Overnight, Apple has turned its hundreds-of-million-device ecosystem into the world's largest crowd-sourced location tracking network called offline finding. OF leverages online finder devices to detect the presence of missing offline devices using Bluetooth and report an approximate location back to the owner via the Internet.

There are four forms of password reuse and they all are bad. The first and easiest to prevent is the use of the same password on the same account. Schenck, my password is Football123, and the system prompts me to change my password but lets me use Football123 again - then I'm reusing an old password.

What digital identities could be, if we put data privacy at their core, is selective. Each time it's needed, your digital identity only reveals what needs to be revealed at that time and keeps the rest of your data safely hidden.