Security News

For the brave - or perhaps foolhardy - senior IT jobs hunters there is an opening at the UK Home Office for a Deputy Director of IT Operations in a lovely '70s era highrise in Croydon. In September, as chief digital, data and technology officer at the Home Office, Joanna Davinson told Parliamentary spending watchdog the Public Accounts Committee that delays to the troubled Emergency Services Network would create additional annual costs "In the ballpark" of £550m "Across the whole of the legacy estate".

Designed as cloud-native software, BitDam ATP+ is the only solution that protects Office 365 users from unknown threats at first sight. Office 365 ATP, which is considered to have high detections rates, misses more than 25% of the unknown content-borne threats each day.

Jason Nurse, an associate professor in cybersecurity at the University of Kent, and a visiting academic at the University of Oxford, cautioned that personal photos and information shared via various online platforms used by remote workers can expose not only the employee, but also corporate networks, to threats from savvy attackers who are looking to exploit personal data. With more workers online than ever due to the COVID-19 pandemic, people have gotten so comfortable with sharing photos and other personal information online that they may not be aware of how it can be misused, Nurse said.

In response to a security breach that exposed personal information from around 1.6 million unemployment claims filed last year, the Washington Senate has unanimously passed a measure that creates a state Office of Cybersecurity. The measure, passed by the chamber on Wednesday, creates the new office within the Office of the Chief Information Officer.

Microsoft announced the launch of Microsoft Office Long Term Servicing Channel and Office 2021 later this year for clients who don't want to get an Office 365 cloud subscription service. These are the company's next perpetual and one-time purchase Office releases, respectively, both of them to get a five-year support lifecycle after Microsoft reduced Office LTSC and Windows 10 LTSC lifecycles from 10 to 5 years.

Microsoft is adding new security warnings to the Security and Compliance Center default alert policies to inform IT admins of detected phishing attempts abusing Microsoft Forms in their tenants. It has recently been made available for personal use to anyone with a Microsoft account after previously being available only to business users with Microsoft 365 Personal and Microsoft 365 Family subscriptions.

Microsoft has addressed important severity remote code execution vulnerabilities affecting multiple Office products in the January 2021 Office security updates. Microsoft also released non-security Office updates last week addressing bugs that may lead to PowerPoint crashes and other issues affecting Windows Installer editions of Office 2016, Office 2013, and Office 2010 products.

Microsoft will make it easier for Defender for Office 365 customers to identify users and domains targeted in impersonation-based phishing attacks as recently revealed on the Microsoft 365 roadmap. Defender for Office 365 protects the emails of Office 365 enterprise accounts from various threats including but not limited to credential phishing and business email compromise.

Microsoft will soon notify Office 365 of suspected nation-state hacking activity detected within their tenants according to a new listing on the company's Microsoft 365 roadmap. Microsoft Defender for Office 365 provides Office 365 enterprise accounts with email protection against several types of threats including credential phishing and business email compromise, as well as automated attack remediation.

Microsoft has warned of an increasing number of consent phishing attacks targeting remote workers during recent months, BleepingComputer has learned. Consent phishing is an application-based attack variant where the attackers attempt to trick targets into providing malicious Office 365 OAuth apps with access to their Office 365 accounts.