Security News

Researchers are warning of an ongoing Office 365 credential-phishing attack that's targeting the hospitality industry - and using visual CAPTCHAs to avoid detection and appear legitimate. Though the use of CAPTCHAS in phishing attacks is nothing groundbreaking, this attack shows that the technique works - so much so that the attackers in this campaign used three different CAPTCHA checks on targets, before finally bringing them to the phishing landing page, which poses as a Microsoft Office 365 log-in page.

According to researchers from Proofpoint, targets receive a well-crafted lures asking them to click a link which carries them to the legitimate Microsoft third-party apps consent page. "The ability to perform reconnaissance on an O365 account supplies an actor with valuable information that can later be weaponized in business email compromise attacks or account takeoversThe minimal [read-only] permissions requested by these apps also likely help them appear inconspicuous if an organization's O365 administrator audits connected apps for their users' accounts."

The Russia-linked threat group known as APT28 has changed up its tactics to include Office 365 password-cracking and credential-harvesting. The attacks utilized a daily average of 1,294 IPs associated with 536 netblocks and 273 ASNs; and, organizations typically see more than 300 authentication attempts per hour per targeted account over the course of several hours or days.

Researchers have uncovered a phishing attack using a new technique: Attackers are making use of authentication APIs to validate victims' Office 365 credentials - in real time - as they enter them into the landing page. Office 365 requires app registrations to use APIs - but registrations require only an email address, making them seamless for attackers to leverage.

Top-tier enterprises were 2.6 times as likely to have grown revenue, 2.5 times as likely to have reached profit goals and 2.1 times as likely to have high employee satisfaction numbers during the COVID-19 pandemic, according to a Catchpoint survey of 200 enterprise CIOs and 200 enterprise work-from-home managers. Top tier are organizations that performed the best in terms of business and IT metrics and bottom tier performed the worst.

The Orbi Pro WiFi 6 Tri-band Mesh System is an industry leading tri-band WiFi 6 multi-node mesh system designed to grow with small businesses and home offices as the need to expand their area of network coverage increases. Featuring the latest WiFi data security standard, WPA3, along with 4 SSIDs and VLAN support, the Orbi Pro WiFi 6 Mesh System provides a secure network while also isolating connections for separate activities, making it the ideal solution for today's work from home paradigm.

Advanced building controls can help keep air clean to reduce the risk of the spreading coronavirus indoors while sensors can send an alert if a room goes over capacity.

Microsoft informed administrators on Monday that Application Guard for Office, a feature designed to protect users against malicious documents, is now available in public preview. Application Guard for Office has been available in private preview.

Alcatel-Lucent Enterprise and RingCentral announced that they have entered into a strategic partnership to introduce a new co-branded cloud solution - Rainbow Office powered by RingCentral - making it unique and exclusive for Alcatel-Lucent Enterprise. RingCentral and Alcatel-Lucent Enterprise will jointly develop programs enabling both companies to lead the cloud communications services for the enterprise market.

A new "Zero-click" MacOS exploit chain could allow attackers to deliver malware to MacOS users using a Microsoft Office document with macros. The exploit chain, revealed by Patrick Wardle, principal security researcher with Jamf, at Black Hat USA 2020, runs macros without an alert or prompt from the Microsoft Office application that prompts explicit user approval - meaning that when a user opens the document, the macro is automatically executed.