SecurityWeek
Microsoft Publishes Office Symbols to Improve Bug Hunting
Microsoft starts publishing Office symbols to help bug hunters find and report security issues in Office products.
SecurityWeek
Microsoft starts publishing Office symbols to help bug hunters find and report security issues in Office products.
Bleeping Computer
After 32 years, Microsoft has begun to kill off the Microsoft Office brand, with plans to rebrand its Office.com and Office cloud-based apps to Microsoft 365 in the near future.
Latest Hacking News
Researchers discovered a security issue affecting Microsoft Office that could allow remote code execution attacks. The vulnerability caught the attention as a zero-day as researchers noticed it under attack, targeting Microsoft Office apps. Microsoft Office Zero-Day A
Bleeping Computer
A preview of Microsoft Office LTSC 2024, a volume-licensed and perpetual version of Office for commercial customers, is now available for Windows and macOS users.
Bleeping Computer
Microsoft released the July 2021 non-security Microsoft Office updates with improvements and fixes for crashes and issues affecting Windows Installer (MSI) editions of Office 2016 products.
Bleeping Computer
Get a lifetime license to Microsoft Office Professional 2021 for Windows or Microsoft Office Home & Business for Mac 2021 for $29.97.
Bleeping Computer
Microsoft announced that Office LTSC 2024, the next Office LTSC release, will enter a commercial preview phase starting next month and will be generally available later this year.
Cyber Security News
Microsoft Corporation has announced its decision to sell its chat and video app Teams separately from its Office suite on a global scale.
Bleeping Computer
Microsoft today started rolling out Office LTSC (Long Term Servicing Channel) for Windows and macOS, the non-subscription Office version for commercial and government customers.
CyberSecurity Dive
The office will bring a multidisciplinary approach to cyber risk just as the global insurance industry sees signs of clarity amid a turbulent market for cyber.
Cyber Security News
WPS Office is a office suite developed by Kingsoft that supports spreadsheets, presentations, documents and others. It has been used
Bleeping Computer
Microsoft disclosed today an unpatched zero-day security bug in multiple Windows and Office products exploited in the wild to gain remote code execution via malicious Office documents.
Bleeping Computer
Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites.
Bleeping Computer
Get Microsoft Office Professional Plus 2019 for Windows and Microsoft Office Home & Business 2019 for $31.99.
Security Affairs
A bug in the message encryption mechanism used by Microsoft in Office 365 can allow to access the contents of the messages. Researchers at the cybersecurity firm WithSecure discovered a bug in the message encryption mechanism used by Microsoft in Office 365 that can allow to access message contents due. The experts pointed out that Microsoft Office […]
Cyber Security News
A sophisticated malware campaign has been identified, specifically targeting Windows and Microsoft Office users through cracked software.
CyberNews
OpenAI has announced its expansion to Asia with a new office in Tokyo, Japan, and a custom GPT-4 model for the Japanese language.
Infosecurity News
Microsoft released an advisory on Monday regarding the zero-day Office flaw dubbed ‘Follina’
The Hacker News
Researchers warn of a new malware, dubbed ZuoRAT, targeting small office/home office routers (SOHO) as part of a sophisticated campaign.
DataBreaches
Jaz Mendez reports: Hackers broke into the Orange County District Attorney’s office’s information technology system last week, the DA’s...
DataBreaches
Shelly Bradbury reports: A cyberattack on the Office of the Colorado State Public Defender forced the agency to shut down its computer network, locking public...
Bleeping Computer
Microsoft today shared mitigation for a remote code execution vulnerability in Windows that is being exploited in targeted attacks against Office 365 and Office 2019 on Windows 10.
Bleeping Computer
Get Microsoft Office Professional Plus 2019 for Windows and Microsoft Office Home & Business 2019 for Mac for $29.977, $200 off the $230 MSRP, through 11:59pm PST on April 2nd.
The Record
The congressionally-mandated Office of the Assistant Secretary of Defense for Cyber Policy is meant to improve the Pentagon’s focus on cybersecurity matters.
SecurityWeek
Patch Tuesday August 2023: A month after confirming exploitation of Office code execution flaws, Microsoft issued patches for multiple products.
The Record
As mandated by Congress, the Office of the Assistant Secretary of Defense for Cyber Policy is coming this month.
Bleeping Computer
Microsoft Office is a crucial tool for any professional. This direct download of the 2021 version of Office for Windows upgrades your laptop for $55.99, $163 off the $219 MSRP with code ENJOY20 at checkout.
Bleeping Computer
Get Microsoft Office Professional Plus 2019 for Windows and Microsoft Office Home & Business 2019 for Mac for $29.97, $200 off the $229 MSRP, through the end of May 12th, 2024.
Bleeping Computer
US universities are being targeted in multiple phishing attacks designed to impersonate college login portals to steal valuable Office 365 credentials.
Bleeping Computer
Microsoft is offering discounts of up to 50% on Microsoft 365 subscriptions to those using pirated versions of Microsoft Office willing to switch to a genuine version.
Bleeping Computer
Microsoft is deprecating Defender Application Guard for Office and the Windows Security Isolation APIs, and it recommends Defender for Endpoint attack surface reduction rules, Protected View, and Windows Defender Application Control as an alternative.
DarkReading
The cyber campaign uses social engineering and sophisticated evasion tactics, including a novel malware-delivery method, to compromise hundreds of Microsoft Office users.
Bleeping Computer
Microsoft is updating Defender for Office 365 to protect customers from embedded email threats while previewing quarantined emails.
DataBreaches
Fikayo Olowolagba reports: The National Population Commission (NPC) Badagry office located at Town Hall near Topo Garage, in Lagos State has been attacked by...
SecurityWeek
Canon announces patches for seven critical-severity remote code execution flaws impacting small office printer models.
Cyber Security News
SentinelLabs recently discovered a series of malicious Office files spreading the notorious Crimson RAT malware.
The Hacker News
Microsoft has released workarounds for a newly discovered zero-day vulnerability in its Office productivity suite that is being exploited in the wild
Bleeping Computer
The Australian Federal Police arrested a woman in Werrington, Sydney, for allegedly email bombing the office of a Federal Member of Parliament.
SecurityWeek
Rapid7 announced a restructuring plan that will result in an 18% reduction in employee headcount and closing of office locations.
Security Affairs
Office of South Korean President Yoon Suk Yeol said North Korea-linked actors breached the personal emails of one of his staff members.
Bleeping Computer
During this year's first Patch Tuesday, Microsoft has addressed a critical severity Office vulnerability that can let attackers execute malicious code remotely on vulnerable systems.
SecurityWeek
Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.
CyberNews
The US Government Accountability Office said the personal information of 6,000 GAO employees was compromised in a January breach of IT contractor CGI Federal.
The Hacker News
Chinese APT hackers aligned with Chinese state interests have been observed weaponizing the new zero-day vulnerability in Microsoft Office.
Ars Technica
We've got some 101-level tips on essential gear for your home office.
Cyber Security News
Recently discovered that hackers have been actively weaponizing Microsoft Office documents to deploy malware in business environments.
DataBreaches
Valerie Gonzalez reports: The Hidalgo County Adult Probation Office is recovering from a ransomware attack over the weekend. The incident happened Saturday but...
Bleeping Computer
Windows admins were hit today by a wave of Microsoft Defender for Endpoint false positives where Office updates were tagged as malicious in alerts pointing to ransomware behavior detected on their systems.
Bleeping Computer
Microsoft has improved the account settings in the latest Windows 11 preview build, a settings page that now lists Office subscriptions linked to the user's Microsoft 365 account.
Bleeping Computer
A new phishing campaign impersonating the United States Department of Labor asks recipients to submit bids to steal Office 365 credentials.
Bleeping Computer
Microsoft has added SMTP MTA Strict Transport Security (MTA-STS) support to Exchange Online to ensure Office 365 customers' email communication integrity and security.
Bleeping Computer
Microsoft has updated the security baseline for Microsoft 365 Apps for enterprise (formerly Office 365 Professional Plus) to include protection from JScript code execution attacks and unsigned macros.
DataBreaches
On July 25, Forsyth County deputies responded to reports that the computer system of a medical office had been hacked. According to a report, a practice...
Bleeping Computer
British outsourcing services provider Capita announced today that a cyberattack on Friday prevented access to its internal Microsoft Office 365 applications.
DataBreaches
The Ottuma Courier reports that a dental office is notifying patients whose information may have been exposed in a ransomware incident. They report, in part:...
Bleeping Computer
Microsoft today will release a patch for a vulnerability affecting the Microsoft Office MSGraph component, responsible for displaying graphics and charts, that could be exploited to execute code on a target machine.
Bleeping Computer
A persuasive and ongoing series of phishing attacks are using fake Office 365 notifications asking the recipients to review blocked spam messages, with the end goal of stealing their Microsoft credentials.
Bleeping Computer
Microsoft is pushing the KB5021751 update to find out how many of its customers are using an Office version that has reached its end of support or will soon be out of support.
Bleeping Computer
Microsoft is working on updating Microsoft Defender for Office 365 to allow Microsoft Teams users to alert their organization's security team of any dodgy messages they receive.
Bleeping Computer
Get this lifetime license to Microsoft Office Pro 2021 for $55.99 (reg. $219). Using coupon code: ENJOY20 for a limited time.
Bleeping Computer
Microsoft announced today that it will make it difficult to enable VBA macros downloaded from the Internet in several Microsoft Office apps starting in early April, effectively killing a popular distribution method for malware.
Security Affairs
The Uptycs threat research team has been observing an increase in utilization of regsvr32.exe heavily via various types of Microsoft Office documents. The full report that includes Indicators of Compromise (IOCs) is available here: https://www.uptycs.com/blog/attackers-increasingly-adopting-regsvr32-utility-execution-via-office-documents During our analysis of these malware samples, we have identified that some of the malware samples belonged to Qbot and […]
Bleeping Computer
Microsoft says that a year-long and highly evasive spear-phishing campaign has targeted Office 365 customers in multiple waves of attacks starting with July 2020.
Bleeping Computer
Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks.
Infosecurity News
The Home Office failed to assess the privacy intrusion of the continuous collection of migrants’ location information in breach of UK data protection law, according to the ICO
The Hacker News
Microsoft has officially resumed blocking VBA macros by default in all Office applications, weeks after temporarily announcing plans to roll back the
Bleeping Computer
Office is one of the most useful programs you can keep on your drive, no matter where you are. This instant download and lifetime license for Microsoft Office Professional 2021 for $55.99, $164 off the $219 MSRP with code ENJOY20 at checkout for a limited time.
Bleeping Computer
Security researchers at WithSecure have discovered it's possible to partially or fully infer the contents of encrypted messages sent through Microsoft Office 365, highlighting an intrinsic weakness in the encryption scheme used.
DataBreaches
Sergiu Gatlan reports: The UK’s Criminal Records Office (ACRO) has finally confirmed, after weeks of delaying issuing a statement, that online portal...
ThreatPost
Threat actors are creating accounts within the Adobe Cloud suite and sending images and PDFs that appear legitimate to target Office 365 and Gmail users, researchers from Avanan discovered.
The Record
The Pentagon has christened its new office to coordinate data and artificial intelligence resources and efforts across the massive department and named an acting chief to helm the organization.
Bleeping Computer
Microsoft is showing ads for Microsoft 365 Family subscriptions to its Office 2021 customers, offering them discounts of over $28 to get a 3-month Family plan subscription.
SecurityWeek
Researchers have issued a warning after spotting what appears to be a new Microsoft Office zero-day vulnerability exploited in the wild (dubbed Follina).
Bleeping Computer
Microsoft plans to allow Office 365 admins ensure that end-users can't ignore organization-wide policies set up to block active content on Trusted Documents.
DataBreaches
Jonathan Greig reports: The LockBit ransomware group has leaked data it stole from Washington County Sheriff’s Office in northeastern Florida. The Record did...
Bleeping Computer
Get Microsoft Office 2019 for Mac and Windows for $29.97, $200 off the $229 MSRP, a price only available this week.
Security Affairs
A hacking campaign targeted Ukraine exploiting a seven-year-old vulnerability in Microsoft Office to deliver Cobalt Strike.
Bleeping Computer
Microsoft is investigating an Office 365 issue causing Outlook and Exchange Online emails to skip recipients' inboxes and being sent their junk folders instead.
Bleeping Computer
Microsoft is working on addressing an Office 365 issue that has resulted in legitimate emails sent from multiple domains (including Google and LinkedIn) getting tagged as malicious and quarantined.
DataBreaches
The ICO has issued a formal reprimand to the Home Office, after sensitive documents were found at a public London venue. The documents, which were handed by...
SecurityWeek
The Colombia office of the U.S. government agency that oversees foreign aid and development funding said its Facebook page was hacked
Security Affairs
Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware
Bleeping Computer
Get Microsoft Office Home & Business 2019 for Mac for $29.97 from StackCommerce through the end of January 14th, 2024.
CyberNews
The UK's AI Safety Institute is opening its first overseas office in San Francisco’s Bay Area to strengthen US ties and enhance global AI safety efforts.
The Hacker News
Microsoft will disable VBA macros obtained from the Internet by default in Office apps to prevent phishing and malware attacks.
The Hacker News
CISA & FBI warn of a growing AndroxGh0st botnet targeting AWS, Microsoft Office 365, SendGrid, and Twilio credentials.
Bleeping Computer
An unknown Chinese-speaking threat actor has been targeting betting companies in Taiwan, Hong Kong, and the Philippines, leveraging a vulnerability in WPS Office to plant a backdoor on the targeted systems.
DataBreaches
Odia Kagan of Fox Rothschild writes: The Office of the Privacy Commissioner for Bermuda has issued a helpful guide on the various types of harm that could be...
Security Affairs
Microsoft released workarounds for a recently discovered zero-day vulnerability, dubbed Follina, in the Microsoft Office productivity suite. Microsoft has released workarounds for a recently discovered zero-day vulnerability, dubbed Follina and tracked as CVE-2022-30190 (CVSS score 7.8), in the Microsoft Office productivity suite. “On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding the Microsoft Support Diagnostic Tool (MSDT) in Windows […]
DataBreaches
The Department of Information Technology’s (DoIT) Cybersecurity office is investigating unauthorized access at the state’s Regulation and Licensing...
Bleeping Computer
Security researchers are warning that threat actors could hijack Office 365 accounts to encrypt for a ransom the files stored in SharePoint and OneDrive services that companies use for cloud-based collaboration, document management and storage.
Bleeping Computer
Cybersecurity firm Trellix has addressed an incompatibility issue causing Endpoint Security Agent's Exploit Guard module to block some Microsoft Office and third-party apps from opening after installing June 2023 cumulative updates.
Naked Security
News has emerged of a “feature” in Office that has been abused as a zero-day bug to run evil code. Turning off macros doesn’t help!
The Hacker News
Cybersecurity researchers have uncovered a targeted cyber attack against Ukraine that leveraged a 7-year-old Microsoft Office flaw to deploy Cobalt St
Bleeping Computer
Microsoft has reminded customers this week that Microsoft Office 2013 is approaching its end of support next year, advising to switch to a newer version to reduce their exposure to security risks.
CSO
The phishing web pages that this adversary-in-the-middle phishing campaign uses act as a proxy and pull content from the legitimate Office 365 login page.
Bleeping Computer
Microsoft has shared mitigation measures to block attacks exploiting a newly discovered Microsoft Office zero-day flaw abused in the wild to execute malicious code remotely.
Bleeping Computer
Kaspersky said today that a legitimate Amazon Simple Email Service (SES) token issued to a third-party contractor was recently used by threat actors behind a spear-phishing campaign targeting Office 365 users.
Security Affairs
Microsoft warned today that an unpatched zero-day in multiple Windows and Office products was actively exploited in the wild. Microsoft disclosed an unpatched zero-day vulnerability in multiple Windows and Office products that has been actively exploited in the wild. The issue, tracked as CVE-2023-36884, was exploited by nation-state actors and cybercriminals to gain remote code execution […]
Bleeping Computer
A recent phishing campaign used a clever trick to deliver the fraudulent web page that collects Microsoft Office 365 credentials by building it from chunks of HTML code stored locally and remotely.
Loading more articles....