Security News

Microsoft deprecates Defender Application Guard for Office
2023-11-27 21:00

Microsoft is deprecating Defender Application Guard for Office and the Windows Security Isolation APIs, and it recommends Defender for Endpoint attack surface reduction rules, Protected View, and...

Microsoft fixes ‘Something Went Wrong’ Office sign-in errors
2023-11-20 21:17

Microsoft is rolling out fixes for known Microsoft 365 issues causing 'Something Went Wrong ' sign-in errors and rendering desktop applications unusable for many customers. As the company acknowledged almost one month ago, these login issues impact customers using Excel, Word, Outlook, and PowerPoint for Microsoft 365, Microsoft 365 Apps for business, and Office apps for iOS and Android.

FBI warns of extortion groups targeting plastic surgery offices
2023-10-18 06:55

The FBI warns that cybercriminals are using spoofed emails and phone numbers to target plastic surgery offices across the United States for extortion in phishing attacks that spread malware. "Cybercriminals use open-source information, to include social media, and social engineering techniques to enhance the harvested ePHI data of plastic surgery patients," the FBI said.

China reportedly bans iPhones from more government offices
2023-09-07 05:28

Analysis Chinese authorities have reportedly banned Apple's iPhones from some government offices. News of Beijing's ban was reported by the Wall Street Journal, which mentioned people familiar with the matter as having said employees at some central government regulators were told not to use iPhones for work or bring them into the office.

Microsoft Office update breaks actively exploited RCE attack chain
2023-08-08 20:15

Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks. In today's Microsoft August Patch Tuesday, the update helps fix CVE-2023-36884, a security issue disclosed in July, which Microsoft did not patch at the time but provided mitigation advice.

Hackers can abuse Microsoft Office executables to download malware
2023-08-03 15:48

The main executable for the Microsoft Publisher application has already been confirmed that it can download payloads from a remote server. According to recent research, even executables that are not signed by Microsoft serve purposes that are useful in attacks, such as reconnaissance.

CISA orders govt agencies to mitigate Windows and Office zero-days
2023-07-18 08:41

CISA ordered federal agencies to mitigate remote code execution zero-days affecting Windows and Office products that were exploited by the Russian-based RomCom cybercriminal group in NATO phishing attacks.Under the binding operational directive issued in November 2021, U.S. Federal Civilian Executive Branch Agencies are now required to secure Windows devices on their networks against attacks exploiting CVE-2023-36884.

Microsoft: Unpatched Office zero-day exploited in NATO summit attacks
2023-07-11 18:23

"Microsoft is investigating reports of a series of remote code execution vulnerabilities impacting Windows and Office products. Microsoft is aware of targeted attacks that attempt to exploit these vulnerabilities by using specially-crafted Microsoft Office documents," Redmond said today. "An attacker could create a specially crafted Microsoft Office document that enables them to perform remote code execution in the context of the victim. However, an attacker would have to convince the victim to open the malicious file."

Trellix fixes bug breaking Office apps after June Windows updates
2023-06-29 09:10

Cybersecurity firm Trellix has addressed an incompatibility issue causing Endpoint Security Agent's Exploit Guard module to block some Microsoft Office and third-party apps from opening after...

Patch Tuesday fixes 4 critical RCE bugs, and a bunch of Office holes
2023-06-14 18:32

In case you were wondering, there were 26 Remote Code Execution patches, including four dubbed "Critical", although three of those seem to related bugs that were found and fixed together in a single Windows component. RCE patches generally cause the most concern, because they deal with bugs that can, in theory at least, be exploited by attackers who don't yet have a foothold on your network, which means they represent possible ways of criminals breaking-and-entering in the first place.