Tag: office
-
U.S. Treasury removed sanctions against the crypto mixer service Tornado Cash
by
in SecurityNewsThe U.S. Treasury is lifting sanctions on Tornado Cash, a crypto mixer accused of helping North Korea’s Lazarus Group launder illicit funds. The U.S. Treasury Department removed sanctions against the cryptocurrency mixer service Tornado Cash. In August 2022, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned the crypto mixer service Tornado Cash used by…
-
Ransomware Group Claims Attack on Virginia Attorney General’s Office
by
in SecurityNewsThe Cloak ransomware group has claimed responsibility for a February cyberattack on Virginia Attorney General’s Office. The post Ransomware Group Claims Attack on Virginia Attorney General’s Office appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ransomware-group-claims-attack-on-virginia-attorney-generals-office/
-
Cyberangriff auf eine County-Verwaltung in Kansas, USA
by
in SecurityNewsCyber-attack closes County offices on Monday and Tuesday First seen on atchisonglobenow.com Jump to article: www.atchisonglobenow.com/
-
FBI: Free file converter sites and tools deliver malware
by
in SecurityNewsMalware peddlers are increasingly targeting users who are searching for free file converter services (websites) and tools, the FBI’s Denver Field Office has warned … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/18/fbi-free-file-converter-sites-and-tools-deliver-malware/
-
Beware! Malware Hidden in Free WordPDF Converters
The FBI has issued a warning about a growing threat involving free file conversion tools, which are being used to spread malware. This scam, described as >>rampant
-
UK Cybersecurity Weekly News Roundup 16 March 2025
by
in SecurityNews
Tags: access, apple, attack, backdoor, backup, compliance, control, cyber, cyberattack, cybercrime, cybersecurity, data, encryption, finance, firewall, government, group, hacking, insurance, law, lockbit, malicious, network, office, privacy, ransomware, regulation, risk, russia, service, software, virusWelcome to this week’s edition of our cybersecurity news roundup, bringing you the latest developments and insights from the UK and beyond. UK Government’s Stance on Encryption Raises Global Concerns The UK government has ordered Apple to provide backdoor access to iCloud users’ encrypted backups under the Investigatory Powers Act of 2016. This secret order…
-
FCC creates national security council to counter cyber threats from China
by
in SecurityNews
Tags: 5G, access, ai, attack, breach, china, communications, computing, cyber, cyberattack, cybersecurity, data, espionage, government, group, hacking, incident, infrastructure, Internet, microsoft, office, strategy, supply-chain, technology, threat, vulnerabilityThree-pronged strategy: The council will pursue a tripartite strategy focusing on reducing dependency, mitigating vulnerabilities, and ensuring American technological leadership.First, it aims to reduce American technology and telecommunications sectors’ trade and supply chain dependencies on foreign adversaries. This goal aligns with broader government efforts to “friend-shore” critical technology supply chains and decrease reliance on potentially…
-
Invisible C2″Š”, “Šthanks to AI-powered techniques
by
in SecurityNews
Tags: ai, api, attack, breach, business, chatgpt, cloud, communications, control, cyberattack, cybersecurity, data, defense, detection, dns, edr, email, encryption, endpoint, hacker, iot, LLM, malicious, malware, ml, monitoring, network, office, openai, powershell, service, siem, soc, strategy, threat, tool, update, vulnerability, zero-trustInvisible C2″Š”, “Šthanks to AI-powered techniques Just about every cyberattack needs a Command and Control (C2) channel”Š”, “Ša way for attackers to send instructions to compromised systems and receive stolen data. This gives us all a chance to see attacks that are putting us at risk. LLMs can help attackers avoid signature based detection Traditionally, C2…
-
The most notorious and damaging ransomware of all time
by
in SecurityNews
Tags: access, android, attack, backdoor, backup, banking, botnet, breach, communications, computer, control, credentials, cryptography, cyber, cybercrime, dark-web, data, defense, detection, email, encryption, endpoint, exploit, extortion, finance, flaw, framework, germany, google, government, group, hacker, hacking, healthcare, infection, infrastructure, international, jobs, korea, law, lazarus, leak, linux, malicious, malware, microsoft, mobile, msp, network, north-korea, office, open-source, oracle, password, phishing, phone, powershell, ransom, ransomware, russia, service, software, spam, switch, technology, threat, tool, ukraine, update, usa, virus, vulnerability, windowsConti: History: First appearing in May 2020, the Conti RaaS platform is considered the successor to the Ryuk ransomware. As of January 2021, Conti is believed to have infected over 150 organizations and earned millions of dollars for its criminal developers and their affiliates. At least three new versions have been found since its inception.How it works: Conti uses the…
-
CIOs and CISOs take on NIS2: Key challenges, security opportunities
by
in SecurityNews
Tags: access, cio, ciso, compliance, cybersecurity, data, GDPR, group, healthcare, ISO-27001, jobs, monitoring, nis-2, office, organized, privacy, regulation, risk, skills, software, strategy, supply-chain, technology, trainingCompliance will be easier for some: There are CIOs and CISOs who have found NIS2 compliance relatively easy: those who have worked toward ISO/IEC 27001:2022 certification, whether they remained in the preparation phase or actually got certified.Those who have the certification report having found themselves with “80% of the work done”: the company is ready…
-
Driving licence data could be used for police facial recognition
by
in SecurityNewsThe government’s Crime and Policing Bill could allow police to access the UK driving licence database for use in facial recognition watchlists, but the Home Office denies biometric data would be repurposed in this way First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620582/Driving-licence-data-could-be-used-for-police-facial-recognition
-
Patchday: Microsoft Office Updates (11. März 2025)
by
in SecurityNewsAm 11. März 2025 (zweiter Dienstag im Monat, Microsoft Patchday) hat Microsoft mehrere sicherheitsrelevante Updates für Microsoft Office 2016, sowie die C2R-Varianten (Office 2016-2021 und 365) und andere Produkte veröffentlicht. Zum 4. März 2025 wurden keine Updates freigegeben. Nachfolgend finden … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/13/patchday-microsoft-office-updates-11-maerz-2025/
-
Microsoft Patch Tuesday security updates for March 2025 fix six actively exploited zero-days
by
in SecurityNewsMicrosoft Patch Tuesday security updates for March 2025 address 56 security vulnerabilities in its products, including six actively exploited zero-days. Microsoft Patch Tuesday security updates for March 2025 addressed 56 vulnerabilities in Windows and Windows Components, Office and Office Components, Azure, .NET and Visual Studio, Remote Desktop Services, DNS Server, and Hyper-V Server. This Patch…
-
Schadcodeausführung möglich: Sicherheitslücke in Microsoft Office gefährdet Nutzer
by
in SecurityNewsEin Pufferüberlauf in Microsoft Office lässt Angreifer Schadcode einschleusen. Patches stehen bereit. Die lohnen sich auch wegen anderer Lücken. First seen on golem.de Jump to article: www.golem.de/news/jetzt-patchen-schadcode-luecke-gefaehrdet-unzaehlige-office-nutzer-2503-194215.html
-
Microsoft Security Update Summary (11. März 2025)
by
in SecurityNewsMicrosoft hat am 11. März 2025 Sicherheitsupdates für Windows-Clients und -Server, für Office sowie für weitere Produkte veröffentlicht. Die Sicherheitsupdates beseitigen 56 Schwachstellen (CVEs), sieben davon wurden als 0-day klassifiziert. Sechs Schwachstellen werden bereits angegriffen. Nachfolgend findet sich … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/12/microsoft-security-update-summary-11-maerz-2025/
-
UK government under-prepared for catastrophic cyber attack, hears PAC
by
in SecurityNewsThe Commons Public Accounts Committee heard government IT leaders respond to recent National Audit Office findings that the government’s cyber resilience is under par First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620361/UK-government-under-prepared-for-catastrophic-cyber-attack-hears-PAC
-
Post Office scandal data leak interim compensation offers made
by
in SecurityNewsSome subpostmasters affected by Post Office data breach offered interim compensation payments First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620384/Post-Office-scandal-data-leak-interim-compensation-offers-made
-
White House cyber director’s office set for more power under Trump, experts say
by
in SecurityNewsThe Trump administration appears to be positioning the Office of the National Cyber Director to operate as the executive branch cybersecurity policy lead that Congress envisioned when establishing it in 2021, experts say. First seen on therecord.media Jump to article: therecord.media/trump-white-house-office-national-cyber-director
-
Critical DrayTek Router Vulnerabilities Expose Devices to RCE Attacks
by
in SecurityNews
Tags: attack, conference, cyber, firmware, office, rce, remote-code-execution, risk, router, vulnerabilityA recent security analysis of Draytek Vigor routers has uncovered severe vulnerabilities that could allow attackers to hijack devices, execute arbitrary code, and bypass critical security controls. These findings, disclosed by researchers at DEFCON 32 HHV and Ekoparty 2024, highlight systemic risks in widely used small office/home office (SOHO) routers due to outdated firmware, weak…
-
Apple withdraws encrypted iCloud storage from UK after government demands ‘backdoor’ access
by
in SecurityNewsAfter the Home Office issued a secret order for Apple to open up a backdoor in its encrypted storage, the tech company has instead chosen to withdraw the service from the UK First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366619614/Apple-withdraws-encrypted-iCloud-storage-from-UK-after-government-demands-back-door-access
-
UK cyber security damaged by ‘clumsy Home Office political censorship’
by
in SecurityNewsBritain’s National Cyber Security Centre secretly censors computer security guidance and drops references to encryption First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366620475/UK-cyber-security-damaged-by-clumsy-Home-Office-political-censorship
-
Women Faced the Brunt of Cybersecurity Cutbacks in 2024
by
in SecurityNewsMany women are finding that they are unhappy in their cybersecurity roles, largely due to the layoffs their companies are experiencing, cutbacks, and return to in-office work policies. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/women-cyber-cutbacks-2024
-
Authorities Seize $31 Million Linked to Crypto Exchange Hack
by
in SecurityNewsU.S. authorities announced the seizure of $31 million tied to the 2021 Uranium Finance decentralized finance (DeFi) exploits. The coordinated effort between the U.S. Attorney’s Office for the Southern District of New York (SDNY) and Homeland Security Investigations (HSI) San Diego, aided by blockchain intelligence firm TRM Labs, represents one of the largest recoveries in…
-
Privacy Roundup: Week 9 of Year 2025
by
in SecurityNews
Tags: access, android, apple, attack, backdoor, breach, browser, cctv, control, cyber, cybersecurity, data, data-breach, encryption, endpoint, exploit, firmware, flaw, government, group, hacker, Internet, jobs, law, leak, malware, office, password, phishing, privacy, regulation, router, scam, service, software, switch, technology, threat, tool, update, vpn, vulnerabilityThis is a news item roundup of privacy or privacy-related news items for 23 FEB 2025 – 1 MAR 2025. Information and summaries provided here are as-is for warranty purposes. Note: You may see some traditional “security” content mixed-in here due to the close relationship between online privacy and cybersecurity – many things may overlap;…
-
U.K. ICO Investigates TikTok, Reddit, and Imgur Over Children’s Data Protection Practices
by
in SecurityNewsThe U.K.’s Information Commissioner’s Office (ICO) has opened an investigation into online platforms TikTok, Reddit, and Imgur to assess the steps they are taking to protect children between the ages of 13 and 17 in the country.To that end, the watchdog said it’s probing how the ByteDance-owned video-sharing service uses the personal data of children…
-
ICO Launches TikTok Investigation Over Use of Children’s Data
by
in SecurityNewsThe Information Commissioner’s Office is now investigating how TikTok uses 1317-year-olds’ personal information First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ico-tiktok-investigation-use/
-
Die besten XDR-Tools
by
in SecurityNews
Tags: attack, business, cloud, computing, container, crowdstrike, cyberattack, detection, edr, endpoint, firewall, google, Hardware, ibm, identity, incident response, infrastructure, mail, malware, marketplace, microsoft, ml, network, office, okta, risk, security-incident, service, siem, soar, software, tool, vulnerabilityLesen Sie, worauf Sie in Sachen XDR achten sollten und welche Lösungen sich in diesem Bereich empfehlen.Manuelles, siloartiges Management ist in der modernen IT-Welt unangebracht. Erst recht im Bereich der IT-Sicherheit: Der Umfang von modernem Enterprise Computing und State-of-the-Art-Application-Stack-Architekturen erfordern Sicherheits-Tools, die:Einblicke in den Sicherheitsstatus von IT-Komponenten ermöglichen,Bedrohungen in Echtzeit erkennen, undAspekte der Bedrohungsabwehr automatisieren.Diese…
-
Microsoft Office 365 MFA-Schlenker …
by
in SecurityNewsNette Geschichte, die ein Administrator die Tage auf Facebook aufgespießt hat. Es geht um die Multifaktor-Authentifizierung in Microsoft 365, die unter anderem mittels der Microsoft Authenticator App erfolgen kann. Da bauen sich aber Hürden auf, wenn man möglichst wenig Abhängigkeiten … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/03/02/microsoft-office-365-mfa-schlenker/