Security News
Microsoft on Monday said it's taking steps to disable Visual Basic for Applications macros by default across its products, including Word, Excel, PowerPoint, Access, and Visio, for documents downloaded from the web in an attempt to eliminate an entire class of attack vector."Bad actors send macros in Office files to end users who unknowingly enable them, malicious payloads are delivered, and the impact can be severe including malware, compromised identity, data loss, and remote access," Kellie Eickmeyer said in a post announcing the move.
Macro code from the internet will at last be turned off by default! If you've been in cybersecurity since the last millennium, you will certainly remember, and may still have occasional nightmares about, Microsoft Office macro viruses.
Amy Zegart has a new book: Spies, Lies, and Algorithms: The History and Future of American Intelligence. The intelligence playing field is leveling - and not in a good way.
Taiwanese company QNAP has warned customers to secure network-attached storage appliances and routers against a new ransomware variant called DeadBolt. "QNAP urges all QNAP NAS users to [] immediately update QTS to the latest available version."
It's been a busy week with ransomware attacks tied to political protests, new attacks on NAS devices, amazing research released about tactics, REvil's history, and more. A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.
Britain's controversial Online Safety Bill will leave Britons more exposed to internet harms than ever before, the Internet Society has said, while data from other countries suggests surveillance mostly isn't used to target child abusers online, despite this being a key cited rationale of linked measures. Government efforts to depict end-to-end encryption as a harm that needs to be designed out of the internet as it exists today will result in "Fraud and online harm" increasing, the Internet Society said this week.
The Cyberspace Administration of China has shared its spring-cleaning plans with the world - and suggested it's time to make the Middle Kingdom's web sites sparkle with wholesome content. At the top of the list is violent content, which China has never wanted online.
A massive Minecraft tournament styled after the Netflix blockbuster Squid Game apparently inspired a distributed denial of service attack that took down the sole internet service provider in Andorra. Confirmed: Internet disruption registered on #Andorra Telecom on Saturday evening; the incident is attributed by the state telco to a DDoS attack targeting the high-stakes #SquidCraftGames Minecraft Twitch competition, resulting in the elimination of Team Andorra pic.
For every 1,000 assets on an attack surface, there is often only one that's truly interesting to an attacker. Attackers likely put it top of their list because 1) there is a known exploit; 2) Solarwinds is typically a mission-critical technology for a business that could give an attacker privileged access; and 3) it's widely used.
Germany-based security biz Avira's antivirus has enabled a new feature: "Avira Crypto". As NortonLifeLock also bought Avast last year, it will be interesting to see if its owner's new-found fondness for imaginary internet money will soften Avast's strong anti-cryptocurrency-mining stance.