Tag: office
-
Texas AG Investigating Conduent, BCBS Texas in Hack
Will the Back-Office Services’ Firm Incident Shatter US Data Breach Records?. The Texas attorney general office has launched an investigation into the Conduent Business Services hacking incident, which affected about 15.5 million Texans, including about 4 million Blue Cross Blue Shield of Texas members. Will the nationwide victim tally shatter data breach records in the…
-
MSP Strategic Defense: Where Prevention Meets Compliance
<div cla Imagine a modern office building. Not everyone who works there can go everywhere. Employees can access the building entrance, their own floor, and the meeting rooms they need, but they can’t (and shouldn’t be able to) walk into the server room, access executive offices, or wander freely across every floor. This may seem…
-
MSP Strategic Defense: Where Prevention Meets Compliance
<div cla Imagine a modern office building. Not everyone who works there can go everywhere. Employees can access the building entrance, their own floor, and the meeting rooms they need, but they can’t (and shouldn’t be able to) walk into the server room, access executive offices, or wander freely across every floor. This may seem…
-
Microsoft’s February Patch Tuesday Fixes 6 Zero-Days Under Attack
Microsoft patches 58 vulnerabilities, including six actively exploited zero-days across Windows, Office, and RDP, as CISA sets a March 3 deadline. The post Microsoft’s February Patch Tuesday Fixes 6 Zero-Days Under Attack appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-patch-tuesday-six-zero-days-february-2026/
-
‘Dead’ Outlook add-in hijacked to phish 4,000 Microsoft Office Store users
Tags: banking, breach, browser, chrome, control, credentials, credit-card, data, finance, google, infrastructure, malicious, marketplace, microsoft, office, password, phishingoutlook-one.vercel.app, hosted on the Vercel development platform, from which users download the software.”Microsoft reviews the manifest, signs it, and lists the add-in in their store. But the actual content the UI, the logic, everything the user interacts with is fetched live from the developer’s server every time the add-in opens,” said Koi Security’s researchers. By…
-
ORB Networks Leverages Compromised IoT Devices and SOHO Routers to Mask Cyberattacks
Operational Relay Box (ORB) networks are covert, mesh-based infrastructures used by advanced threat actors to hide the true origin of their cyberattacks. Built from compromised Internet-of-Things (IoT) devices, Small Office/Home Office (SOHO) routers, and rented Virtual Private Servers (VPS), these networks act like private residential proxy systems that blend malicious traffic with legitimate user activity.…
-
Phishing campaign chains old Office flaw with fileless XWorm RAT to evade detection
Fileless .NET stage and a modular XWorm core: Beyond initial access, Fortinet observed a fileless .NET stage loaded directly into memory, followed by process hollowing into msbuild.exe, a legitimate Microsoft build tool capable of executing .NET code. The choice of msbuild.exe aligns with the malware’s runtime requirements while helping it blend into normal system activity.”A…
-
Phishing campaign chains old Office flaw with fileless XWorm RAT to evade detection
Fileless .NET stage and a modular XWorm core: Beyond initial access, Fortinet observed a fileless .NET stage loaded directly into memory, followed by process hollowing into msbuild.exe, a legitimate Microsoft build tool capable of executing .NET code. The choice of msbuild.exe aligns with the malware’s runtime requirements while helping it blend into normal system activity.”A…
-
Phishing campaign chains old Office flaw with fileless XWorm RAT to evade detection
Fileless .NET stage and a modular XWorm core: Beyond initial access, Fortinet observed a fileless .NET stage loaded directly into memory, followed by process hollowing into msbuild.exe, a legitimate Microsoft build tool capable of executing .NET code. The choice of msbuild.exe aligns with the malware’s runtime requirements while helping it blend into normal system activity.”A…
-
Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card Numbers
Tags: breach, credentials, credit-card, cyber, data-breach, flaw, login, malicious, microsoft, officeA dormant Microsoft Outlook add-in has been weaponized by attackers to steal thousands of login credentials and credit card numbers. The incident, identified by security researchers as the first known malicious Office add-in found in the wild, exposed a critical flaw in how Microsoft distributes third-party tools. The >>Zombie<< App In 2022, a developer published…
-
Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card Numbers
Tags: breach, credentials, credit-card, cyber, data-breach, flaw, login, malicious, microsoft, officeA dormant Microsoft Outlook add-in has been weaponized by attackers to steal thousands of login credentials and credit card numbers. The incident, identified by security researchers as the first known malicious Office add-in found in the wild, exposed a critical flaw in how Microsoft distributes third-party tools. The >>Zombie<< App In 2022, a developer published…
-
Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card Numbers
Tags: breach, credentials, credit-card, cyber, data-breach, flaw, login, malicious, microsoft, officeA dormant Microsoft Outlook add-in has been weaponized by attackers to steal thousands of login credentials and credit card numbers. The incident, identified by security researchers as the first known malicious Office add-in found in the wild, exposed a critical flaw in how Microsoft distributes third-party tools. The >>Zombie<< App In 2022, a developer published…
-
Microsoft Outlook Add-In Stolen 4000 Accounts and Credit Card Numbers
Tags: breach, credentials, credit-card, cyber, data-breach, flaw, login, malicious, microsoft, officeA dormant Microsoft Outlook add-in has been weaponized by attackers to steal thousands of login credentials and credit card numbers. The incident, identified by security researchers as the first known malicious Office add-in found in the wild, exposed a critical flaw in how Microsoft distributes third-party tools. The >>Zombie<< App In 2022, a developer published…
-
Microsoft says hackers are exploiting critical zero-day bugs to target Windows and Office users
Critical security flaws targeting Windows and Office users allow hackers to take complete control of a victim’s computer by clicking a malicious link or opening a file. Patch now. First seen on techcrunch.com Jump to article: techcrunch.com/2026/02/11/microsoft-says-hackers-are-exploiting-critical-zero-day-bugs-to-target-windows-and-office-users/
-
Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-days
Microsoft Patch Tuesday security updates for February 2026 fix six actively exploited zero-day vulnerabilities. Microsoft Patch Tuesday security updates for February 2026 fix 58 new security flaws across Windows, Office, Azure, Edge, Exchange, Hyper-V, WSL, and other components, rising to 62 CVEs when third-party updates are included. Five vulnerabilities are Critical, two Moderate, and most…
-
Germany warns of state-linked phishing campaign targeting journalists, government officials
Tags: access, advisory, communications, cybersecurity, germany, government, intelligence, office, phishingIn a joint advisory issued late last week, Germany’s domestic intelligence agency (BfV) and federal cybersecurity office (BSI) said attackers are attempting to gain access to private messaging accounts in order to monitor confidential communications and potentially compromise broader networks. First seen on therecord.media Jump to article: therecord.media/germany-warns-phishing-campaign-signal-gov-officials-journalists
-
Senegal shuts National ID office after ransomware attack
Senegal closed its national ID card office after a ransomware cyberattack disrupted ID, passport, and biometric services. Senegal confirmed a cyberattack on the Directorate of File Automation, the government office that manages national ID cards, passports, and biometric data. After ransomware claims surfaced, authorities temporarily closed the office to contain the incident. The agency warned…
-
Senegal confirms breach of national ID card department after ransomware claims
A cybersecurity incident affecting the government of Senegal has forced the closure of an office tasked with managing sensitive information, including national ID cards, passports and other biometric data. First seen on therecord.media Jump to article: therecord.media/senegal-breach-national-id-agency
-
State-Backed Hackers Target Military Officials, Journalists via Signal
A suspected state-sponsored hacking group is actively targeting high-profile individuals across Europe. The Federal Office for the Protection of the Constitution (BfV) and the Federal Office for Information Security (BSI) have identified a coordinated espionage campaign aimed at military officials, diplomats, politicians, and investigative journalists.”‹ Instead, they are using >>social engineering<< to weaponize the legitimate…
-
APT28 Weaponizes Office Flaw to Spy on NATO Military
The post APT28 Weaponizes Office Flaw to Spy on NATO Military appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/apt28-weaponizes-office-flaw-to-spy-on-nato-military/
-
German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists
Germany’s Federal Office for the Protection of the Constitution (aka Bundesamt für Verfassungsschutz or BfV) and Federal Office for Information Security (BSI) have issued a joint advisory warning of a malicious cyber campaign undertaken by a likely state-sponsored threat actor that involves carrying out phishing attacks over the Signal messaging app.”The focus is on high-ranking…
-
Russian hackers attacking European maritime and transport orgs using Microsoft Office exploit
Russian state-linked hackers are exploiting a Microsoft Office vulnerability to target maritime organizations across Europe as part of a “sophisticated espionage campaign,” researchers said. First seen on therecord.media Jump to article: therecord.media/russian-hackers-microsoft-office-europe
-
Pro-Russian group Noname057(16) launched DDoS attacks on Milano Cortina 2026 Winter Olympics
Italy stopped Russian-linked cyberattacks targeting Foreign Ministry offices and Winter Olympics websites and hotels, Foreign Minister Tajani said. Italy has thwarted a series of Russian-linked cyberattacks aimed at Foreign Ministry offices, including one in Washington, as well as Winter Olympics websites and hotels in Cortina d’Ampezzo, according to Foreign Minister Antonio Tajani. >>We have foiled…
-
Italy blames Russia-linked hackers for cyberattacks ahead of Winter Olympics
Multiple Italian foreign ministry offices and facilities associated with the Winter Games were targeted by attacks. First seen on therecord.media Jump to article: therecord.media/italy-blames-russia-linked-hackers-winter-games-cyberattack
-
APT28 Hackers Exploit Microsoft Office Vulnerability to Target Government Agencies
Tags: attack, cyber, cyberattack, espionage, exploit, government, hacker, microsoft, military, office, phishing, russia, spear-phishing, theft, vulnerabilityRussian state-sponsored hackers, known as APT28 or Fancy Bear, have launched a new wave of cyberattacks targeting government and military organizations across Europe. This sophisticated espionage campaign, observed in late January 2026, targets the theft on secrets from maritime and transport agencies in countries such as Poland, Greece, and Ukraine. The attacks start with spear-phishing…
-
Microsoft releases urgent Office patch. Russian-state hackers pounce.
The window to patch vulnerabilities is shrinking rapidly. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/02/russian-state-hackers-exploit-office-vulnerability-to-infect-computers/
-
When Documents Become the Attack Vector: Inside APT28’s Latest Microsoft Office Exploit
Email attachments remain one of the most trusted entry points into enterprise environments. Despite years of awareness training and secure email gateways, attackers continue to rely on documents because they blend seamlessly into everyday workflows. New reporting from The Hacker News details how APT28, a Russia-linked threat actor, is actively exploiting a newly disclosed Microsoft…