The lurking danger of hacked email reply chains
Although phishing has been around in various forms since the 1990s, recent news has shown that it continues to evolve – and remains a major threat. These days, phishing …
MS Office
Microsoft 365 security: Protecting users from an ever-evolving threat landscape
In this age of frequent security and data breaches, the statement “We take our customers’ privacy and security very seriously” has been heard from breached …
April Patch Tuesday Forecast: Be aware of end-of-service issues and browser exploits
April Patch Tuesday is nearly here with two significant topics of concern. The first relates to end-of-service milestones and the second issue is browser exploits. Let’s start …
Phishers’ new trick for bypassing email URL filters
Phishers have come up with another trick to make Office documents carrying malicious links undetectable by many e-mail security services: they delete the links from the …
January 2019 Patch Tuesday: 49 security patches, 7 critical
Microsoft’s first Patch Tuesday of 2019 includes 49 security patches, seven of which are listed as Critical. Of all the plugged security holes, none are reported as …
Word documents seemingly carrying videos can deliver malicious code instead
A feature that allows anyone to embed a video directly in a Word document can be easily misused to trick target users into downloading and running malware, Cymulate …
August Patch Tuesday forecast: Looking ahead after a frustrating July
Approaching August Patch Tuesday, we are supposed to be in the ‘dog days’ of summer where everything slows down. Unfortunately, July was full of CVEs and stability fixes with …
Microsoft plugs 56 vulns, including Office flaw exploited in attacks
As part of the January 2018 Patch Tuesday, Microsoft has released fixes for 56 CVE-listed vulnerabilities, including the Meltdown and Spectre flaws, and an Office bug actively …
Microsoft offers mitigation advice for DDE attacks scenarios
Microsoft has published a security advisorty containing DDE attack mitigation instructions for both users and admins. What’s a DDE attack? For a while now, attackers …
October Patch Tuesday: 61 bugs and one zero-day fixed
For its October Patch Tuesday, Microsoft has patched 61 vulnerabilities (27 of them critical) and one Office zero-day labeled as “important.” The zero-day The …
Spoofed IRS notice delivers RAT through link updating trick
The malware delivery trick involving updating links in Word documents is apparently gaining some traction: the latest campaign to use it likely takes the form of fake emails …
Patch Tuesday: 80+ vulnerabilities fixed, one exploited in the wild
As part of its regular, monthly Patch Tuesday update, Microsoft has released patches for 81 new vulnerabilities, including a zero-day in the .NET Framework. The September …