Security News
Amid Uncle Sam's dire warnings, Microsoft said there is no evidence of the flaw being targeted in the wild and its severity level is listed as "Important," a step below the critical remote code execution bugs in RDP,.NET and Internet Explorer. The American spying agency wants everyone to know - to the point of even holding a press conference about CVE-2020-0601 - that it privately found and reported this diabolical cert flaw to Microsoft, and that it is a totally friendly mass-surveillance system that has turned a new leaf, wants to be on the good side of infosec researchers, and cares about your ongoing ability to verify the origin and integrity of executable files and network connections.
The latest example of this involves Office 365 users being directed to phishing and malicious pages hosted on Office Sway, a web application for content creation that's part of Microsoft Office. "The Sway page will include trusted brand names. Most commonly, the spoofed brands are Microsoft-affiliated, just like the SharePoint logo shown in the example above," Avanan explained.
Three Louisiana parish sheriff's offices were targeted by hackers over the weekend in a suspected cyberattack, officials confirmed. read more
Russian law enforcement officers have raided the Moscow offices of Nginx—the company behind the world's second most popular web server software—over a copyright infringement complaint filed by...
Microsoft this week announced a new feature in Office 365 Advanced Threat Protection (ATP) meant to provide more visibility into cyber-attacks targeting organizations via email. read more
A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices,...
A U.S. Department of Defense unit has opened its first remote office outside the Pentagon with its new facility in east Georgia. Defense Digital Service works to find solutions for highly...
Using a real Office 365 account at a legitimate company to send out lures helps phishers evade email defenses.
White-hat hackers using never-before-seen zero days against popular applications and devices against competed at two-day gathering in Chengdu.
'Unnecessary scaremongering' but still some work to be done Reports that the Home Office's Brexit app contains "serious vulnerabilities" that could expose the phone numbers, addresses and passport...