SecurityWeek
Microsoft Publishes Office Symbols to Improve Bug Hunting
Microsoft starts publishing Office symbols to help bug hunters find and report security issues in Office products.
Bleeping Computer
Microsoft is rebranding 'Office' to Microsoft 365
After 32 years, Microsoft has begun to kill off the Microsoft Office brand, with plans to rebrand its Office.com and Office cloud-based apps to Microsoft 365 in the near future.
Latest Hacking News
A Severe Zero-Day Vulnerability Riddles Microsoft Office
Researchers discovered a security issue affecting Microsoft Office that could allow remote code execution attacks. The vulnerability caught the attention as a zero-day as researchers noticed it under attack, targeting Microsoft Office apps. Microsoft Office Zero-Day A
Bleeping Computer
Microsoft Office LTSC 2024 preview available for Windows, Mac
A preview of Microsoft Office LTSC 2024, a volume-licensed and perpetual version of Office for commercial customers, is now available for Windows and macOS users.
Bleeping Computer
Microsoft Office July updates fix Outlook crashes, performance issues
Microsoft released the July 2021 non-security Microsoft Office updates with improvements and fixes for crashes and issues affecting Windows Installer (MSI) editions of Office 2016 products.
Bleeping Computer
Get Microsoft Office for $200 off with this StackCommerce deal
Get a lifetime license to Microsoft Office Professional 2021 for Windows or Microsoft Office Home & Business for Mac 2021 for $29.97.
Bleeping Computer
Microsoft announces Office LTSC 2024 preview starting next month
Microsoft announced that Office LTSC 2024, the next Office LTSC release, will enter a commercial preview phase starting next month and will be generally available later this year.
.webp)
Cyber Security News
Microsoft to Separate Office & Teams Globally
Microsoft Corporation has announced its decision to sell its chat and video app Teams separately from its Office suite on a global scale.
Bleeping Computer
Microsoft rolls out Office LTSC 2021 for Windows and Mac
Microsoft today started rolling out Office LTSC (Long Term Servicing Channel) for Windows and macOS, the non-subscription Office version for commercial and government customers.
CyberSecurity Dive
Liberty Mutual launches global cyber office
The office will bring a multidisciplinary approach to cyber risk just as the global insurance industry sees signs of clarity amid a turbulent market for cyber.
.webp)
Cyber Security News
WPS Office For Android Vulnerability Puts Over 500 Million+ Users At Risk
WPS Office is a office suite developed by Kingsoft that supports spreadsheets, presentations, documents and others. It has been used
Bleeping Computer
Microsoft: Unpatched Office zero-day exploited in NATO summit attacks
Microsoft disclosed today an unpatched zero-day security bug in multiple Windows and Office products exploited in the wild to gain remote code execution via malicious Office documents.
Bleeping Computer
Pirated Microsoft Office delivers malware cocktail on systems
Cybercriminals are distributing a malware cocktail through cracked versions of Microsoft Office promoted on torrent sites.
Bleeping Computer
Add Office to your Mac or Windows laptop for an extra 20% off
Get Microsoft Office Professional Plus 2019 for Windows and Microsoft Office Home & Business 2019 for $31.99.
Security Affairs
Microsoft Office 365 Message Encryption (OME) doesn’t ensure confidentiality
A bug in the message encryption mechanism used by Microsoft in Office 365 can allow to access the contents of the messages. Researchers at the cybersecurity firm WithSecure discovered a bug in the message encryption mechanism used by Microsoft in Office 365 that can allow to access message contents due. The experts pointed out that Microsoft Office […]
.webp)
Cyber Security News
New Malware Attacking Windows & MS Office Users
A sophisticated malware campaign has been identified, specifically targeting Windows and Microsoft Office users through cracked software.
CyberNews
OpenAI confirms first Asia office in Tokyo
OpenAI has announced its expansion to Asia with a new office in Tokyo, Japan, and a custom GPT-4 model for the Japanese language.
Infosecurity News
Microsoft Acknowledges Zero-Day, Follina Office Vulnerability, Suggests Fix
Microsoft released an advisory on Monday regarding the zero-day Office flaw dubbed ‘Follina’
The Hacker News
ZuoRAT Malware Hijacking Home-Office Routers to Spy on Targeted Networks
Researchers warn of a new malware, dubbed ZuoRAT, targeting small office/home office routers (SOHO) as part of a sophisticated campaign.
DataBreaches
Orange County’s DA’s Office experiences data breach
Jaz Mendez reports: Hackers broke into the Orange County District Attorney’s office’s information technology system last week, the DA’s...
DataBreaches
Cyberattack shuts down Colorado public defender’s office
Shelly Bradbury reports: A cyberattack on the Office of the Colorado State Public Defender forced the agency to shut down its computer network, locking public...
Bleeping Computer
Microsoft shares temp fix for ongoing Office 365 zero-day attacks
Microsoft today shared mitigation for a remote code execution vulnerability in Windows that is being exploited in targeted attacks against Office 365 and Office 2019 on Windows 10.
Bleeping Computer
Work better with $200 off Microsoft Office for Windows and Mac
Get Microsoft Office Professional Plus 2019 for Windows and Microsoft Office Home & Business 2019 for Mac for $29.977, $200 off the $230 MSRP, through 11:59pm PST on April 2nd.
The Record
New Defense Department cyber policy office has opened
The congressionally-mandated Office of the Assistant Secretary of Defense for Cyber Policy is meant to improve the Pentagon’s focus on cybersecurity matters.
SecurityWeek
Patch Tuesday: Microsoft (Finally) Patches Exploited Office Zero-Days
Patch Tuesday August 2023: A month after confirming exploitation of Office code execution flaws, Microsoft issued patches for multiple products.
The Record
New DOD cyber policy office opening soon, sources say
As mandated by Congress, the Office of the Assistant Secretary of Defense for Cyber Policy is coming this month.
Bleeping Computer
Get Microsoft Office Pro 2021 with 20% off this instant download
Microsoft Office is a crucial tool for any professional. This direct download of the 2021 version of Office for Windows upgrades your laptop for $55.99, $163 off the $219 MSRP with code ENJOY20 at checkout.
Bleeping Computer
Add Microsoft Office to your Windows or Mac laptop for $200 off
Get Microsoft Office Professional Plus 2019 for Windows and Microsoft Office Home & Business 2019 for Mac for $29.97, $200 off the $229 MSRP, through the end of May 12th, 2024.
Bleeping Computer
US universities targeted by Office 365 phishing attacks
US universities are being targeted in multiple phishing attacks designed to impersonate college login portals to steal valuable Office 365 credentials.
Bleeping Computer
Microsoft offers 50% subscription discounts to Office pirates
Microsoft is offering discounts of up to 50% on Microsoft 365 subscriptions to those using pirated versions of Microsoft Office willing to switch to a genuine version.
Bleeping Computer
Microsoft deprecates Defender Application Guard for Office
Microsoft is deprecating Defender Application Guard for Office and the Windows Security Isolation APIs, and it recommends Defender for Endpoint attack surface reduction rules, Protected View, and Windows Defender Application Control as an alternative.
DarkReading
'PhantomBlu' Cyberattackers Backdoor Microsoft Office Users via OLE
The cyber campaign uses social engineering and sophisticated evasion tactics, including a novel malware-delivery method, to compromise hundreds of Microsoft Office users.
Bleeping Computer
Microsoft will add secure preview for Office 365 quarantined emails
Microsoft is updating Defender for Office 365 to protect customers from embedded email threats while previewing quarantined emails.
DataBreaches
Ng: Robbers attack NPC office, steal birth certificates
Fikayo Olowolagba reports: The National Population Commission (NPC) Badagry office located at Town Hall near Topo Garage, in Lagos State has been attacked by...
SecurityWeek
Canon Patches 7 Critical Vulnerabilities in Small Office Printers
Canon announces patches for seven critical-severity remote code execution flaws impacting small office printer models.
Cyber Security News
Pakistan Hackers Attack Indian Edu Sectors Using Weaponised Office Documents
SentinelLabs recently discovered a series of malicious Office files spreading the notorious Crimson RAT malware.
The Hacker News
Microsoft Releases Workarounds for Office Vulnerability Under Active Exploitation
Microsoft has released workarounds for a newly discovered zero-day vulnerability in its Office productivity suite that is being exploited in the wild
Bleeping Computer
Australian woman arrested for email bombing a government office
The Australian Federal Police arrested a woman in Werrington, Sydney, for allegedly email bombing the office of a Federal Member of Parliament.
SecurityWeek
Rapid7 Announces Layoffs, Office Closings Under Restructuring Plan
Rapid7 announced a restructuring plan that will result in an 18% reduction in employee headcount and closing of office locations.
Security Affairs
North Korea breached emails of a Presidential Office member
Office of South Korean President Yoon Suk Yeol said North Korea-linked actors breached the personal emails of one of his staff members.
Bleeping Computer
Microsoft fixes critical Office bug, delays macOS security updates
During this year's first Patch Tuesday, Microsoft has addressed a critical severity Office vulnerability that can let attackers execute malicious code remotely on vulnerable systems.
SecurityWeek
Microsoft Warns of Office Zero-Day Attacks, No Patch Available
Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.
CyberNews
US Government Accountability Office breached by CGI Federal
The US Government Accountability Office said the personal information of 6,000 GAO employees was compromised in a January breach of IT contractor CGI Federal.
The Hacker News
Chinese Hackers Begin Exploiting Latest Microsoft Office Zero-Day Vulnerability
Chinese APT hackers aligned with Chinese state interests have been observed weaponizing the new zero-day vulnerability in Microsoft Office.
Ars Technica
Basic home office hacks: 8 things you need to elevate your workspace
We've got some 101-level tips on essential gear for your home office.
Cyber Security News
Hackers Weaponizing Microsoft Office Documents to Deploy Malware in Business Environments
Recently discovered that hackers have been actively weaponizing Microsoft Office documents to deploy malware in business environments.
DataBreaches
Hidalgo County Adult Probation Office hit by ransomware attack
Valerie Gonzalez reports: The Hidalgo County Adult Probation Office is recovering from a ransomware attack over the weekend. The incident happened Saturday but...
Bleeping Computer
Microsoft Defender tags Office updates as ransomware activity
Windows admins were hit today by a wave of Microsoft Defender for Endpoint false positives where Office updates were tagged as malicious in alerts pointing to ransomware behavior detected on their systems.
Bleeping Computer
Microsoft adds Office subscriptions to Windows 11 account settings
Microsoft has improved the account settings in the latest Windows 11 preview build, a settings page that now lists Office subscriptions linked to the user's Microsoft 365 account.
Bleeping Computer
Office 365 phishing attack impersonates the US Department of Labor
A new phishing campaign impersonating the United States Department of Labor asks recipients to submit bids to steal Office 365 credentials.
Bleeping Computer
Office 365 boosts email security against MITM, downgrade attacks
Microsoft has added SMTP MTA Strict Transport Security (MTA-STS) support to Exchange Online to ensure Office 365 customers' email communication integrity and security.
Bleeping Computer
Office 365 security baseline adds macro signing, JScript protection
Microsoft has updated the security baseline for Microsoft 365 Apps for enterprise (formerly Office 365 Professional Plus) to include protection from JScript code execution attacks and unsigned macros.
DataBreaches
GA: Hacker disrupts systems at Forsyth County medical office
On July 25, Forsyth County deputies responded to reports that the computer system of a medical office had been hacked. According to a report, a practice...
Bleeping Computer
Capita cyberattack disrupted access to its Microsoft Office 365 apps
British outsourcing services provider Capita announced today that a cyberattack on Friday prevented access to its internal Microsoft Office 365 applications.
DataBreaches
IA: Ottumwa dental office notifies patients of 2020 ransomware attack
The Ottuma Courier reports that a dental office is notifying patients whose information may have been exposed in a ransomware incident. They report, in part:...
Bleeping Computer
Microsoft Office MSGraph vulnerability could lead to code execution
Microsoft today will release a patch for a vulnerability affecting the Microsoft Office MSGraph component, responsible for displaying graphics and charts, that could be exploited to execute code on a target machine.
Bleeping Computer
Convincing Microsoft phishing uses fake Office 365 spam alerts
A persuasive and ongoing series of phishing attacks are using fake Office 365 notifications asking the recipients to review blocked spam messages, with the end goal of stealing their Microsoft credentials.
Bleeping Computer
Microsoft pushes KB5021751 to check for outdated Office installs
Microsoft is pushing the KB5021751 update to find out how many of its customers are using an Office version that has reached its end of support or will soon be out of support.
Bleeping Computer
Microsoft to let Office 365 users report Teams phishing messages
Microsoft is working on updating Microsoft Defender for Office 365 to allow Microsoft Teams users to alert their organization's security team of any dodgy messages they receive.
Bleeping Computer
Upgrade your workstation with MS Office Pro for less than $70
Get this lifetime license to Microsoft Office Pro 2021 for $55.99 (reg. $219). Using coupon code: ENJOY20 for a limited time.
Bleeping Computer
Microsoft plans to kill malware delivery via Office macros
Microsoft announced today that it will make it difficult to enable VBA macros downloaded from the Internet in several Microsoft Office apps starting in early April, effectively killing a popular distribution method for malware.
Security Affairs
Attackers Increasingly Adopting Regsvr32 Utility Execution Via Office Documents
The Uptycs threat research team has been observing an increase in utilization of regsvr32.exe heavily via various types of Microsoft Office documents. The full report that includes Indicators of Compromise (IOCs) is available here: https://www.uptycs.com/blog/attackers-increasingly-adopting-regsvr32-utility-execution-via-office-documents During our analysis of these malware samples, we have identified that some of the malware samples belonged to Qbot and […]
Bleeping Computer
Microsoft: Evasive Office 365 phishing campaign active since July 2020
Microsoft says that a year-long and highly evasive spear-phishing campaign has targeted Office 365 customers in multiple waves of attacks starting with July 2020.
Bleeping Computer
Microsoft Office update breaks actively exploited RCE attack chain
Microsoft today released a defense-in-depth update for Microsoft Office that prevents exploitation of a remote code execution (RCE) vulnerability tracked as CVE-2023-36884 that threat actors have already leveraged in attacks.
Infosecurity News
UK Home Office Breached Data Protection Law with Migrant Tracking
The Home Office failed to assess the privacy intrusion of the continuous collection of migrants’ location information in breach of UK data protection law, according to the ICO
The Hacker News
Microsoft Resumes Blocking Office VBA Macros by Default After 'Temporary Pause'
Microsoft has officially resumed blocking VBA macros by default in all Office applications, weeks after temporarily announcing plans to roll back the
Bleeping Computer
Add Microsoft Office 2021 to your PC for an extra 20% off
Office is one of the most useful programs you can keep on your drive, no matter where you are. This instant download and lifetime license for Microsoft Office Professional 2021 for $55.99, $164 off the $219 MSRP with code ENJOY20 at checkout for a limited time.
Bleeping Computer
Microsoft Office 365 email encryption could expose message content
Security researchers at WithSecure have discovered it's possible to partially or fully infer the contents of encrypted messages sent through Microsoft Office 365, highlighting an intrinsic weakness in the encryption scheme used.
DataBreaches
UK criminal records office confirms cyber incident behind portal issues
Sergiu Gatlan reports: The UK’s Criminal Records Office (ACRO) has finally confirmed, after weeks of delaying issuing a statement, that online portal...
ThreatPost
Adobe Cloud Abused to Steal Office 365, Gmail Credentials
Threat actors are creating accounts within the Adobe Cloud suite and sending images and PDFs that appear legitimate to target Office 365 and Gmail users, researchers from Avanan discovered.
The Record
New DoD Chief Digital and AI Office begins work
The Pentagon has christened its new office to coordinate data and artificial intelligence resources and efforts across the massive department and named an acting chief to helm the organization.
Bleeping Computer
Microsoft is showing ads for Microsoft 365 in Office 2021
Microsoft is showing ads for Microsoft 365 Family subscriptions to its Office 2021 customers, offering them discounts of over $28 to get a 3-month Family plan subscription.
SecurityWeek
Document Exploiting New Microsoft Office Zero-Day Seen in the Wild
Researchers have issued a warning after spotting what appears to be a new Microsoft Office zero-day vulnerability exploited in the wild (dubbed Follina).
Bleeping Computer
Office 365 to let admins block Active Content on Trusted Docs
Microsoft plans to allow Office 365 admins ensure that end-users can't ignore organization-wide policies set up to block active content on Trusted Documents.
DataBreaches
Data stolen from Florida sheriff’s office leaked by LockBit ransomware group
Jonathan Greig reports: The LockBit ransomware group has leaked data it stole from Washington County Sheriff’s Office in northeastern Florida. The Record did...
Bleeping Computer
Get Office for Windows PC or Mac this week and save $200
Get Microsoft Office 2019 for Mac and Windows for $29.97, $200 off the $229 MSRP, a price only available this week.
Security Affairs
Targeted operation against Ukraine exploited 7-year-old MS Office bug
A hacking campaign targeted Ukraine exploiting a seven-year-old vulnerability in Microsoft Office to deliver Cobalt Strike.
Bleeping Computer
Office 365 bug: Exchange Online, Outlook emails sent to junk folder
Microsoft is investigating an Office 365 issue causing Outlook and Exchange Online emails to skip recipients' inboxes and being sent their junk folders instead.
Bleeping Computer
Microsoft: Office 365 is blocking emails from Google, LinkedIn domains
Microsoft is working on addressing an Office 365 issue that has resulted in legitimate emails sent from multiple domains (including Google and LinkedIn) getting tagged as malicious and quarantined.
DataBreaches
UK: Home Office warned after sensitive documents left at London venue
The ICO has issued a formal reprimand to the Home Office, after sensitive documents were found at a public London venue. The documents, which were handed by...
SecurityWeek
US Aid Office in Colombia Reports Its Facebook Page Was Hacked
The Colombia office of the U.S. government agency that oversees foreign aid and development funding said its Facebook page was hacked
Security Affairs
Phishing attacks use an old MS Office flaw to spread Agent Tesla
Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware
Bleeping Computer
Start the new year with $200 off Microsoft Office for Windows or Mac
Get Microsoft Office Home & Business 2019 for Mac for $29.97 from StackCommerce through the end of January 14th, 2024.
CyberNews
UK’s AI Safety Institute to open office in Silicon Valley
The UK's AI Safety Institute is opening its first overseas office in San Francisco’s Bay Area to strengthen US ties and enhance global AI safety efforts.
The Hacker News
Microsoft Disables Internet Macros in Office Apps by Default to Block Malware Attacks
Microsoft will disable VBA macros obtained from the Internet by default in Office apps to prevent phishing and malware attacks.
The Hacker News
Feds Warn of AndroxGh0st Botnet Targeting AWS, Azure, and Office 365 Credentials
CISA & FBI warn of a growing AndroxGh0st botnet targeting AWS, Microsoft Office 365, SendGrid, and Twilio credentials.
Bleeping Computer
Hackers exploit new WPS Office flaw to breach betting firms
An unknown Chinese-speaking threat actor has been targeting betting companies in Taiwan, Hong Kong, and the Philippines, leveraging a vulnerability in WPS Office to plant a backdoor on the targeted systems.
DataBreaches
Office of the Privacy Commissioner for Bermuda Issues Data Breach Guide
Odia Kagan of Fox Rothschild writes: The Office of the Privacy Commissioner for Bermuda has issued a helpful guide on the various types of harm that could be...
Security Affairs
Microsoft shared workarounds for the Microsoft Office zero-day dubbed Follina
Microsoft released workarounds for a recently discovered zero-day vulnerability, dubbed Follina, in the Microsoft Office productivity suite. Microsoft has released workarounds for a recently discovered zero-day vulnerability, dubbed Follina and tracked as CVE-2022-30190 (CVSS score 7.8), in the Microsoft Office productivity suite. “On Monday May 30, 2022, Microsoft issued CVE-2022-30190 regarding the Microsoft Support Diagnostic Tool (MSDT) in Windows […]
DataBreaches
New Mexico’s Cybersecurity Office Investigating Unauthorized Access To Information Systems At State Agency
The Department of Information Technology’s (DoIT) Cybersecurity office is investigating unauthorized access at the state’s Regulation and Licensing...
Bleeping Computer
Microsoft Office 365 feature can help cloud ransomware attacks
Security researchers are warning that threat actors could hijack Office 365 accounts to encrypt for a ransom the files stored in SharePoint and OneDrive services that companies use for cloud-based collaboration, document management and storage.
Bleeping Computer
Trellix fixes bug breaking Office apps after June Windows updates
Cybersecurity firm Trellix has addressed an incompatibility issue causing Endpoint Security Agent's Exploit Guard module to block some Microsoft Office and third-party apps from opening after installing June 2023 cumulative updates.
Naked Security
Mysterious “Follina” zero-day hole in Office – here’s what to do!
News has emerged of a “feature” in Office that has been abused as a zero-day bug to run evil code. Turning off macros doesn’t help!
The Hacker News
Ukraine Targeted in Cyberattack Exploiting 7-Year-Old Microsoft Office Flaw
Cybersecurity researchers have uncovered a targeted cyber attack against Ukraine that leveraged a 7-year-old Microsoft Office flaw to deploy Cobalt St
Bleeping Computer
Microsoft: Office 2013 will reach end of support in April 2023
Microsoft has reminded customers this week that Microsoft Office 2013 is approaching its end of support next year, advising to switch to a newer version to reduce their exposure to security risks.
CSO
Office 365 phishing campaign that can bypass MFA targets 10,000 organizations
The phishing web pages that this adversary-in-the-middle phishing campaign uses act as a proxy and pull content from the legitimate Office 365 login page.
Bleeping Computer
Microsoft shares mitigation for Office zero-day exploited in attacks
Microsoft has shared mitigation measures to block attacks exploiting a newly discovered Microsoft Office zero-day flaw abused in the wild to execute malicious code remotely.
Bleeping Computer
Kaspersky's stolen Amazon SES token used in Office 365 phishing
Kaspersky said today that a legitimate Amazon Simple Email Service (SES) token issued to a third-party contractor was recently used by threat actors behind a spear-phishing campaign targeting Office 365 users.
Security Affairs
Unpatched Office zero-day CVE-2023-36884 actively exploited in targeted attacks
Microsoft warned today that an unpatched zero-day in multiple Windows and Office products was actively exploited in the wild. Microsoft disclosed an unpatched zero-day vulnerability in multiple Windows and Office products that has been actively exploited in the wild. The issue, tracked as CVE-2023-36884, was exploited by nation-state actors and cybercriminals to gain remote code execution […]
Bleeping Computer
Microsoft Office 365 phishing evades detection with HTML Lego pieces
A recent phishing campaign used a clever trick to deliver the fraudulent web page that collects Microsoft Office 365 credentials by building it from chunks of HTML code stored locally and remotely.
Loading more articles....