Security News

Five months after announcing plans to disable Visual Basic for Applications macros by default in the Office productivity suite, Microsoft appears to have rolled back its plans. "Based on feedback received, a rollback has started," Microsoft employee Angela Robertson said in a July 6 comment.

Microsoft has fixed a known issue causing Office applications like Word and Excel to crash when working with cloud documents. The complete list of affected Office apps includes Excel for Microsoft 365, Word for Microsoft 365, and PowerPoint for Microsoft 365.

Microsoft appears set to roll back its decision to adopt a default stance of preventing macros sourced from the internet from running in Office unless given explicit permission. Things got worse over the years, so in 2016 Microsoft upped the ante with a tool that allowed admins to define when and where macros were allowed to run.

While Microsoft announced earlier this year that it would block VBA macros on downloaded documents by default, Redmond said on Thursday that it will roll back this change based on "Feedback" until further notice. On systems where VBA macros aut0blocking is enabled, customers see a "SECURITY RISK: Microsoft has blocked macros from running because the source of this file is untrusted" security alert.

A never-before-seen remote access trojan dubbed ZuoRAT has been singling out small office/home office routers as part of a sophisticated campaign targeting North American and European networks. The malware "Grants the actor the ability to pivot into the local network and gain access to additional systems on the LAN by hijacking network communications to maintain an undetected foothold," researchers from Lumen Black Lotus Labs said in a report shared with The Hacker News.

Black Lotus Labs discovered a new remote access trojan called ZuoRAT, which targets remote workers via their small office/home office devices, including models from ASUS, Cisco, DrayTek and NETGEAR. Overview of campaign elements. The campaign included ZuoRAT - a multi-stage RAT developed for SOHO routers leveraging known vulnerabilities - which allowed the threat actor to enumerate the adjacent home network, collect data in transit, and hijack home users' DNS/HTTP internet traffic.

Acronis is more than just a company that sells backup tools. Acronis Cyber Protect Home Office doesn't stop at protection and backup.

Researchers are warning attackers can abuse Microsoft Office 365 functionality to target files stored on SharePoint and OneDrive in ransomware attacks."Proofpoint has discovered a potentially dangerous piece of functionality in Office 365 or Microsoft 365 that allows ransomware to encrypt files stored on SharePoint and OneDrive in a way that makes them unrecoverable without dedicated backups or a decryption key from the attacker," according to researchers.

A "Dangerous piece of functionality" has been discovered in Microsoft 365 suite that could be potentially abused by a malicious actor to ransom files stored on SharePoint and OneDrive and launch attacks on cloud infrastructure. The cloud ransomware attack makes it possible to launch file-encrypting malware to "Encrypt files stored on SharePoint and OneDrive in a way that makes them unrecoverable without dedicated backups or a decryption key from the attacker," Proofpoint said in a report published today.

It was first the pandemic that changed the usual state of work - before, it was commuting, working in the office & coming home for most corporate employees. When we had to adapt to the self-isolation rules, the work moved to home offices, which completely changed the workflow for many businesses.