Security News
A former IT contractor has been sentenced to two years in prison after hacking into a company's server and deleting the majority of its employees' Microsoft Office 365 accounts. On Aug. 8, 2018, Kher then hacked into the company's server and deleted over 1,200 of its 1,500 O365 user accounts.
A California federal court has sentenced a "Vengeful" techie to two years in the clink after he deleted 1,200 Microsoft user accounts belonging to a client. Deepanshu Kher, a Delhi-based employee of an unnamed IT outsourcing firm, was tasked with helping a company in the coastal city of Carlsbad, California, migrate its Office 365 environment.
Phishers have been exploiting people's fear and curiosity regarding breakthroughs and general news related to the COVID-19 pandemic from the very start, and will continue to do it for as long it affects out private and working lives. Cybercriminals continually exploit public interest in COVID-19 relief, vaccines, and variant news, spoofing the Centers for Disease Control, U.S. Internal Revenue Service, U.S. Department of Health and Human Services, World Health Organization, and other agencies and businesses.
A new phishing scam is on the rise, targeting executives in the insurance and financial services industries to harvest their Microsoft 365 credentials and launch business email compromise attacks, according to a new report from Area 1 Security. These new, sophisticated attacks are aimed at C-suite executives, their assistants and financial departments, and can work around email security and Office 365 defenses.
A sophisticated and highly targeted Microsoft Office 365 phishing campaign is being aimed at C-suite executives, executive assistants and financial departments across numerous industries. The threat actors are leveraging phishing kits and a number of sophisticated methods at every step of the attack.
88% of malware was delivered by email into users' inboxes, in many cases having bypassed gateway filters. Delivery-themed lures tempting users into letting the RATs in: A new Office malware builder called APOMacroSploit was used to target victims in delivery-themed spam campaigns, tricking them into opening weaponized XLS attachments, ultimately leading to the BitRAT remote access Trojan being deployed on their computers.
A quick shift toward Microsoft Office 365 and Azure AD in the cloud has expanded the attack surface for many organizations, says Vectra AI. The coronavirus pandemic has forced many organizations to transition their applications and other assets to the cloud. This increased reliance on Office 365 has naturally caught the eye of cybercriminals who have been ramping up their attacks against Microsoft's cloud-based Office environment for many customers.
The USA's Office of National Intelligence today released its previously classified assessment of "Foreign Threats to the 2020 US Federal Elections" and found "Some successful compromises of state and local government networks prior to Election Day-as well as a higher volume of unsuccessful attempts". It's described as the intelligence community's collective assessment of attempts to disrupt the 2020 election and to contain "Analytic judgments identical to those in the classified version" but without "Full supporting information" or information on "Specific intelligence reports, sources , or methods."
Microsoft has addressed a known issue causing memory or disk space errors when opening some documents using Microsoft Word, Microsoft Excel, or other Microsoft Office apps. This known issue only affects customers who have installed Microsoft Office apps from the Microsoft Store and are trying to open an Office document that triggers the Protected View feature.
At the 1 year mark of quarantine, 85% of office workers are looking forward to returning to the office in some capacity, according to Eden Workplace. The survey was conducted by Wakefield Research and involved 1,000 nationally representative U.S. full- and part-time office workers ages 18+ between February 9th and February 17th 2021.