Security News

Phishers are creating Adobe Creative Cloud accounts and using them to send phishing emails capable of thwarting traditional checks and some advanced threat protection solutions, Avanan security researcher Jeremy Fuchs warns. This new wave of attacks started in December 2021, and they are exploiting the fact that Adobe's apps are designed to foster collaboration by sharing documents.

Attackers are leveraging Adobe Creative Cloud to target Office 365 users with malicious links that appear to be coming legitimately from Cloud users but instead direct victims to a link that steals their credentials, researchers have discovered. Though attackers are primarily targeting Office 365 users - a favorite target among threat actors - researchers have seen them hit Gmail inboxes as well, Jeremy Fuchs, cybersecurity research analyst at Avanan, told Threatpost.

During this year's first Patch Tuesday, Microsoft has addressed a critical severity Office vulnerability that can let attackers execute malicious code remotely on vulnerable systems. The security flaw, tracked as CVE-2022-21840, is a remote code execution bug that attackers can exploit with no privileges on the targeted devices as part of low complexity attacks that require user interaction.

Here are some resolutions to follow to ensure your organization safely navigates the new hybrid office model. CISOs must stretch communications skills and create new channels to deliver education about information security.

69.1% of professionals with security responsibility believe a rethink is needed to deal with the threat of cybersecurity now that devices and applications have moved outside the corporate network, a SentryBay survey reveals. The poll aimed to assess attitudes to cyber threats and methods of protecting vulnerable devices.

The Clop ransomware gang pwned a managed service provider with access to the UK's Police National Computer, dumping data on its dark web leaks site - but officials deny that police data was compromised. Reports surfaced in the Mail on Sunday newspaper over the weekend that the criminals had published information from the Police National Computer on their leaks site.

US universities are being targeted in multiple phishing attacks designed to impersonate college login portals to steal valuable Office 365 credentials. These campaigns are believed to be conducted by multiple threat actors starting in October 2021, with Proofpoint sharing details on the tactics, techniques, and procedures used in the phishing attacks.

A massive shortfall in PC availability, lack of login for secure IT systems, disjointed IT systems and a desperate attempt to fall back onto printed paper methods all contributed to chaotic scenes at the newly merged Foreign, Commonwealth, and Development Office, according to written testimony put before Parliament today. "On the evening of Saturday 21 August, the soldiers were issued one FCDO computer for every two soldiers. These did not work because FCDO IT had not issued the passwords to unlock them. These computers were finally unlocked on the afternoon of Sunday 22 August. Until this, the soldiers worked with one computer shared between roughly eight people," said former desk officer Raphael Marshall in his evidence [PDF] to the House of Commons Foreign Affairs Select Committee's Inquiry on Government Policy on Afghanistan.

Microsoft is offering discounts of up to 50% on Microsoft 365 subscriptions to those using pirated versions of Microsoft Office willing to switch to a genuine version. The message displayed is a call to action for those likely using a pirate copy of Microsoft Office: "GET UP TO 50% OFF. For a limited time, save up to 50% on a genuine Microsoft 365 subscription."

A persuasive and ongoing series of phishing attacks are using fake Office 365 notifications asking the recipients to review blocked spam messages, with the end goal of stealing their Microsoft credentials. Instead of reaching the Office 365 portal when clicking the 'Review' button, they are sent to a phishing landing page that will ask them to enter their Microsoft credentials to access the quarantined spam messages.