Security News
A newly-uncovered phishing kit, dubbed LogoKit, eliminates headaches for cybercriminals by automatically pulling victims' company logos onto the phishing login page. These targeted services range from generic login portals to false SharePoint, Adobe Document Cloud, OneDrive, Office 365, and cryptocurrency exchange login portals.
Microsoft has announced that Application Guard for Office is now generally available for all Microsoft 365 users with supported licenses. Application Guard for Office was launched in limited preview in November 2019 and it is only available to organizations that have Microsoft 365 E5 or Microsoft 365 E5 Security licenses.
An ongoing campaign powered by a phishing kit sold on underground forums is explicitly targeting high-ranking executives in a variety of sectors and countries with fake Office 365 password expiration notifications, Trend Micro researchers warn. The compromised accounts can be used to send out even more convincing phishing emails, perpetrate BEC scams, or collect sensitive information.
The British government has denied being "Complacent" over the Solarwinds hack as a fed-up peer of the realm urged a minister to "Answer the question". Lord True, the government's Cabinet Office spokesman in the House of Lords, described the attack as "a complex and global cyber incident" and said UK.gov was "Working with international partners to fully understand its scale and any UK impact."
An ongoing phishing campaign delivering fake Office 365 password expiration reports has managed to compromise tens of C-Suite email accounts to date, according to a warning from anti-malware vendor Trend Micro. The phishers were able to compromise 40 legitimate email addresses of CEOs, directors, company founders, and owners, as well as those of other enterprise employees.
Security company Malwarebytes suspects a breach of its Office 365 and Azure tenancies is by the same attacker behind the SolarWinds hack, but reckons flaws in Azure Active Directory security are also to blame. Malwarebytes, whose products include widely used anti-malware tools for consumers and businesses, said that it does not use SolarWinds but believes that the same attacker used "Another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments".
Security company Malwarebytes suspects a breach of its Office 365 and Azure tenancies is by the same attacker behind the SolarWinds hack, but reckons flaws in Azure Active Directory security are also to blame. Malwarebytes, whose products include widely used anti-malware tools for consumers and businesses, said that it does not use SolarWinds but believes that the same attacker used "Another intrusion vector that works by abusing applications with privileged access to Microsoft Office 365 and Azure environments".
My Office Apps announced the availability of Kechie 2021 Enterprise Resource Planning software, a cloud-based solution, enabling quick access to business-critical information in real time. With over thirty years of business solutions, Kechie is a proven leader in business transformation software with the use of one or more of its software packages - inventory and warehouse management, manufacturing, finance - or a fully configured ERP system to include all the available modules.
Prosperoware announces data protection features for Office 365 including OneDrive, SharePoint Online, Teams, and support Azure for storage location as part of its CAM platform. Faced with increasing data loss concerns and regulatory oversight, organizations are looking for improved capabilities to protect data and comply with privacy and cybersecurity regulations.
The Ministry of Defence's multibillion budget overrun has been caused in part because of its spending splurge on flashy new "Cyber" capabilities, according to the National Audit Office. The MoD faces a budget black hole measured in billions thanks to its profligacy - and even the announcement of a cash top-up of £4bn per year between now and 2024, on top of its £41.2bn annual budget, won't be enough to plug it, according to the auditors.