Security News

Microsoft released the July 2021 non-security Microsoft Office updates with improvements and fixes for crashes and issues affecting Windows Installer editions of Office 2016 products. One week ago, Microsoft resolved issues and updated features for Microsoft 365 Apps for enterprise, Microsoft 365 Apps for business, and the subscription versions of the desktop apps for Project and Visio.

The Cabinet Office spaffed almost £300,000 on cybersecurity-related training for its staff in the last year - an eye-popping increase of almost 500 per cent on the year before. This is according to a Freedom of Information request by political think tank Parliament Street, which found the Cabinet Office lavished £274,142.

AUTOCRYPT announced the opening of its first European office in Munich, Germany in June 2021. The new office, AUTOCRYPT Technologies GmbH, is expected to play a key role in the company's active work with European OEMs on building V2X, in-vehicle, and Plug&Charge security solutions, as well as its ongoing discussions to participate in the development of Europe's Cooperative Intelligent Transport Systems.

While workers need to rest and recharge, cybersecurity hygiene can never take a break. Forcing people to use the corporate VPN is one way of better protecting access to sensitive information, as we all know that some people can never switch work off during a vacation.

Microsoft 365 Defender researchers have disrupted the cloud-based infrastructure used by scammers behind a recent large-scale business email compromise campaign. "The use of attacker infrastructure hosted in multiple web services allowed the attackers to operate stealthily, characteristic of BEC campaigns," Microsoft 365 Defender Research Team's Stefan Sellmer and Microsoft Threat Intelligence Center security researcher Nick Carr explained.

Avaya and RingCentral announced a wide range of new capabilities for the Avaya Cloud Office by RingCentral Unified Communications as a Service solution, including many Avaya device-specific enhancements providing easy migration, additional video and global expansion features extending the ability for customers to connect across any device and work environment. New ways to connect over video Avaya Cloud Office rooms - Combined with an Avaya Collaboration Unit, Avaya Cloud Office turns any workspace into a conference room.

Four security vulnerabilities discovered in the Microsoft Office suite, including Excel and Office online, could be potentially abused by bad actors to deliver attack code via Word and Excel documents. "Rooted from legacy code, the vulnerabilities could have granted an attacker the ability to execute code on targets via malicious Office documents, such as Word, Excel and Outlook," researchers from Check Point research said in a report published today.

Microsoft today will release a patch for a vulnerability affecting the Microsoft Office MSGraph component, responsible for displaying graphics and charts, that could be exploited to execute code on a target machine. According to the researchers, the issue is in a MSGraph file parsing function, which "Is commonly used across multiple different Microsoft Office products, such as Excel, Office Online Server and Excel for OSX.".

Synopsys Cybersecurity Research Centre has warned of easily triggered denial-of-service vulnerabilities in three popular open-source Internet of Things message brokers: RabbitMQ, EMQ X, and VerneMQ. The message brokers, responsible for handling data sent to or from IoT devices like smart home hubs and door locks, all share a common protocol: Message Queuing Telemetry Transport, first released in 1999 for monitoring oil pipelines and since repurposed for a variety of home and industrial automation tasks. Any disruption in MQTT messaging could potentially leave users locked out of their homes and offices.

Cisco and AT&T are making it easier for businesses to adapt to the future of work, whatever it may be. "Our Webex solutions transformed the cloud calling experience and combine enterprise-calling features with market-leading virtual meetings and collaboration technology - all within the Webex App. And we're proud to work with AT&T to provide its customers and employees with the tools and technologies they require to thrive in the new hybrid workplace."