Security News
A novel threat actor with unclear motivesis running a crimeware campaign delivering multiple Windows and Android RATs through the exploitation of CVE-2017-11882. The actor has registered multiple domains that feature political themes such as diplomatic and humanitarian efforts and uses them to deliver malware payloads to the victims.
Microsoft has been branded as "The world's best malware hoster for about a decade," thanks to abuse of the Office 365 and Live platform, as well as its slow response to reports by security researchers. TheAnalyst noted that a BazarLoader malware campaign was hosting its malware on Microsoft's OneDrive service.
The threat actor's goal is Microsoft Office 365 account takeovers. Microsoft, which began tracking the activity in late July 2021, detailed the attacks in an alert released Monday, adding that the culprits appear to be bent on espionage and have ties to Iran.
Russian law enforcement on Tuesday has arrested Ilya Sachkov, the co-founder and CEO of cybersecurity company Group-IB, on suspicion of high treason resulting from sharing data with foreign intelligence. Authorities carried out searches at Group-IB offices in Moscow that started early morning on Tuesday and lasted till evening.
Despite office workers being aware of the cybersecurity challenges faced by their employer - especially when it comes to hybrid working - many admit to high risk behavior including sharing passwords, downloading non-work related files and even losing work-owned devices, a BlueFort Security survey reveals. Despite the above, 33 percent of office workers said that they will not be taking any measures or extra precautions when transporting devices with access to company data from remote to office.
While most of Azure Active Directory's security features require an enterprise Microsoft 365 account, an E3 or better, you can still get some benefit from Azure Active Directory from an Office 365 account. It's worth using these tools to see what exposure you have to drive-by attacks, where techniques like password dictionary sprays are used to break into poorly secured accounts.
Microsoft today started rolling out Office LTSC for Windows and macOS, the non-subscription Office version for commercial and government customers. Office LTSC 2021 is specifically designed for organizations running regulated devices where feature updates can't be installed for years at a time, for devices without internet connections, as well as specialty systems that require a long-term servicing channel.
According to a recent AtlasVPN report, malicious office documents are the latest trend in cybercriminal behavior; a timely strategy as companies pause office reentry plans and continue to work remotely due to COVID-19. "Even though infecting office documents with malware has been established for a long time, it is still very successful at tricking people," said William Sword, Atlas VPN cybersecurity researcher, in a blog post about the findings.
Banks and post offices in New Zealand have been hit by a cyber offensive, according to reports, consisting of sustained DDoS attacks against a number of critical online services. Local cybersecurity agency NZ-CERT added to the general air of mystery, saying in a statement on its website that it was "Aware of a DDoS attack targeting a number of New Zealand organisations. We are monitoring the situation and are working with affected parties where we can."
Affecting Windows desktops and servers, the attacks exploit an MSHTML vulnerability by using specially crafted Microsoft Office documents. Microsoft has raised alarm bells over a new cyberattack that's actively targeting Windows users by exploiting a security flaw through malicious Office documents.