Security News

As employees reunite for the first time in a long time, it's a good opportunity for companies to rebuild a stronger office security culture between employees and security teams - one that comes from a place of positive intent. Create a positive intent security culture for your office.

Securonix announced it has opened its office in Tokyo, Japan, and will be offering a local Securonix Cloud pod in the region. As its platform gains rapid traction among global organizations, this investment in the Asia-Pacific region will enable Securonix to enhance its support for new and existing customers in Japan.

Legacy users of Microsoft Excel are being targeted in a malware campaign that uses a novel malware-obfuscation technique to disable Office defenses and deliver the Zloader trojan. The attack, according to research published Thursday by McAfee, marries functions in Microsoft Office Word and Excel to work together to download the Zloader payload, without triggering an alert warning for end users of the malicious attack.

While it's a norm for phishing campaigns that distribute weaponized Microsoft Office documents to prompt victims to enable macros in order to trigger the infection chain directly, new findings indicate attackers are using non-malicious documents to disable security warnings prior to executing macro code to infect victims' computers. In yet another instance of malware authors continue to evolve their techniques to evade detection, researchers from McAfee Labs stumbled upon a novel tactic that "Downloads and executes malicious DLLs without any malicious code present in the initial spammed attachment macro."

Microsoft released the July 2021 non-security Microsoft Office updates with improvements and fixes for crashes and issues affecting Windows Installer editions of Office 2016 products. One week ago, Microsoft resolved issues and updated features for Microsoft 365 Apps for enterprise, Microsoft 365 Apps for business, and the subscription versions of the desktop apps for Project and Visio.

The Cabinet Office spaffed almost £300,000 on cybersecurity-related training for its staff in the last year - an eye-popping increase of almost 500 per cent on the year before. This is according to a Freedom of Information request by political think tank Parliament Street, which found the Cabinet Office lavished £274,142.

AUTOCRYPT announced the opening of its first European office in Munich, Germany in June 2021. The new office, AUTOCRYPT Technologies GmbH, is expected to play a key role in the company's active work with European OEMs on building V2X, in-vehicle, and Plug&Charge security solutions, as well as its ongoing discussions to participate in the development of Europe's Cooperative Intelligent Transport Systems.

While workers need to rest and recharge, cybersecurity hygiene can never take a break. Forcing people to use the corporate VPN is one way of better protecting access to sensitive information, as we all know that some people can never switch work off during a vacation.

Microsoft 365 Defender researchers have disrupted the cloud-based infrastructure used by scammers behind a recent large-scale business email compromise campaign. "The use of attacker infrastructure hosted in multiple web services allowed the attackers to operate stealthily, characteristic of BEC campaigns," Microsoft 365 Defender Research Team's Stefan Sellmer and Microsoft Threat Intelligence Center security researcher Nick Carr explained.

Avaya and RingCentral announced a wide range of new capabilities for the Avaya Cloud Office by RingCentral Unified Communications as a Service solution, including many Avaya device-specific enhancements providing easy migration, additional video and global expansion features extending the ability for customers to connect across any device and work environment. New ways to connect over video Avaya Cloud Office rooms - Combined with an Avaya Collaboration Unit, Avaya Cloud Office turns any workspace into a conference room.