office
Microsoft’s August Security Update on High-Risk Vulnerabilities in Multiple Products
Overview On August 14, NSFOCUS CERT detected that Microsoft released a security update patch for August, which fixed 90 security issues involving widely used products such as Windows, Microsoft Office, Visual Studio ...
Cybercriminals Leverage File-Based Attacks to Infiltrate Critical Networks
According to Verizon’s 2022 Data Breach Investigations Report, office docs and emails continue to be proven ways that cybercriminals deliver harmful payloads to gain access into organizations’ networks. Threat actors can conceal ...
‘Wormable’ Flaw Leads July Microsoft Patches
Microsoft today released updates to plug a whopping 123 security holes in Windows and related software, including fixes for a critical, "wormable" flaw in Windows Server versions that Microsoft says is likely ...
Court Lets Microsoft Seize Web Domains Used in COVID-19 Phishing/BEC Scams and Fraud
A U.S. court order has allowed Microsoft to seize control of key domains controlled by fraudsters to halt criminal activity after an increase in scams targeting users of Office 365. The U.S ...
New COVID-19-themed Malware Campaign Spreading through Emails
Microsoft warns of a new COVID 19-related malware campaign spreading by email and using Excel 4.0 macros and NetSupport Manager to compromise systems. The email is a favorite method for attackers to ...
Analysing a massive Office 365 phishing campaign
Last week, a friend of mine reached out with a query: a contact in his address book had sent him a suspicious email. As it turns out, it was. In this blog ...
Deeper Down the Rabbit Hole: Second-Stage Attack and a Fileless Finale
In our last blog, “Following a Trail of Confusion: PowerShell in Malicious Office Documents”, we systematically unraveled multiple layers of obfuscation initiated by a weaponized first-stage Microsoft Word document to reveal a ...
New macro-less technique to distribute malware
The latest macro-less technique to distribute malware via Office documents does not involve exploits. Just a little bit of social engineering. Categories: Threat analysis Tags: deeplinkmacro-lessmalwareOfficesettingcontent-ms (Read more...) The post New macro-less ...
Flash to be stopped in Office 365
If you are one of the few Office 365 users who embeds Silverlight, Shockwave, or Flash content in your documents, your pastime will soon be a thing of the past. Over a ...
Blocks for Flash and others coming to Office 365
If you make use of Flash or Silverlight in your day-to-day activities, you may need to have a word with IT. For everyone else, your Office 365 experience is about to become ...
