Security News

Security researchers with Cisco's Talos Security Intelligence and Research Group discovered a new type of malware, which is able to attack a victim's devices through malicious Microsoft Office documents. "We don't know why specifically these countries, the attackers simply hardcoded these countries in the malware. The attackers had complete control of the compromised systems. The purpose of the campaigns were cyber espionage," Rascagneres said.

CloudNine launches CloudNine Collection Manager, a breakthrough data extraction solution from the global electronic discovery technology provider. Installed in minutes, Collection Manager defensibly performs native data collections from Office 365 email custodians, as well as Microsoft OneDrive cloud storage files.

Amid Uncle Sam's dire warnings, Microsoft said there is no evidence of the flaw being targeted in the wild and its severity level is listed as "Important," a step below the critical remote code execution bugs in RDP,.NET and Internet Explorer. The American spying agency wants everyone to know - to the point of even holding a press conference about CVE-2020-0601 - that it privately found and reported this diabolical cert flaw to Microsoft, and that it is a totally friendly mass-surveillance system that has turned a new leaf, wants to be on the good side of infosec researchers, and cares about your ongoing ability to verify the origin and integrity of executable files and network connections.

The latest example of this involves Office 365 users being directed to phishing and malicious pages hosted on Office Sway, a web application for content creation that's part of Microsoft Office. "The Sway page will include trusted brand names. Most commonly, the spoofed brands are Microsoft-affiliated, just like the SharePoint logo shown in the example above," Avanan explained.

Three Louisiana parish sheriff's offices were targeted by hackers over the weekend in a suspected cyberattack, officials confirmed. read more

Russian law enforcement officers have raided the Moscow offices of Nginx—the company behind the world's second most popular web server software—over a copyright infringement complaint filed by...

Microsoft this week announced a new feature in Office 365 Advanced Threat Protection (ATP) meant to provide more visibility into cyber-attacks targeting organizations via email. read more

A Colorado company that specializes in providing IT services to dental offices suffered a ransomware attack this week that is disrupting operations for more than 100 dentistry practices,...

A U.S. Department of Defense unit has opened its first remote office outside the Pentagon with its new facility in east Georgia. Defense Digital Service works to find solutions for highly...

Using a real Office 365 account at a legitimate company to send out lures helps phishers evade email defenses.