Microsoft

Smashing Security #136: Oops, we created Iran’s hacking exploit

Mac users of the Zoom video conferencing app are warned their webcams could be hijacked, security firms warn of how scammers are deepfaking audio to steal from businesses, and our guest owns up to the role he played in an Iranian cyberattack against US organisations.

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by Charl van der Walt.


1 min read

bitdefender.com

US Cyber Command warns nation-state hackers are exploiting old Microsoft Outlook bug. Make sure you’re patched!

US Cyber Command has issued an alert about an unnamed foreign country’s attempt to spread malware through the exploitation of a vulnerability in Microsoft Outlook, as concerns are raised of a rise in an Iranian-backed hacking group’s activities.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Office 365 proves popular with phishers

With 180 million active users it’s no wonder that Microsoft Office 365 has caught the attention of online criminals.

Read more in my article on the Bitdefender Business Insights blog.


0 sec read

BlueKeep – everyone agrees, you should patch PCs running legacy versions of Windows

I have this horrible feeling that the only way we’re going to wake the world up to the need to patch their ageing versions of Windows against the BlueKeep vulnerability is to wait until a malicious worm begins to spread around the world.

Prove me wrong. Patch now.


1 min read

Smashing Security #131: Zap yourself from the net, and patch now against BlueKeep

Microsoft issues warning to unpatched Windows users about worm risk, and how do you delete all traces of yourself off the internet after you murder your podcast co-host?

All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault.


1 min read

bitdefender.com

Microsoft worm warning: Windows users urged to patch now

Microsoft is urging computer users to patch their systems now against a critical vulnerability that could be exploited by a fast-moving worm.

Read more in my article on the Hot for Security blog.


0 sec read

A third-party patch for Microsoft’s Internet Explorer zero-day vulnerability

Don’t want to wait for Microsoft to fix the problem in how Internet Explorer handles .MHT files? Other security researchers come to the rescue.


36 sec read

bitdefender.com

It doesn’t matter if you don’t use Internet Explorer, you could still be at risk from this IE zero-day vulnerability

Even if you don’t use Internet Explorer any more, it may still be posing a potential risk by being installed on your Windows PCs.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Hackers could read users’ Outlook, Hotmail, and MSN email via compromised Microsoft support account

Microsoft says that it had identified that one of its support agents had had their username and password stolen, which allowed hackers to access information stored within users’ email accounts.

Read more in my article on the Hot for Security blog.


0 sec read

Multi-factor failure locks out Microsoft Office 365 and Azure users

Users of Microsoft Azure and Office 365 are struggling to access their accounts today, due to a multi-factor authentication malfunction.


45 sec read

Videos and MS Office documents – ingredients for a malware attack

Security researchers say that they have uncovered a new way to serve up malware to computer users, by exploiting the way in which videos are embedded inside Microsoft Office documents.

And Microsoft has no plans to fix it.


1 min read

bitdefender.com

Search for Chrome on Bing, and you might get a nasty surprise

It’s 2018, and you can still end up with your computer compromised by searching for Google Chrome in Microsoft Bing.

Read more in my article on the Hot for Security blog.


0 sec read

bitdefender.com

Microsoft offers up to $100,000 to identity bug finders

Want to earn $100,000? You could win as much as that if you manage to uncover a serious vulnerability in Microsoft’s various identity services.

Read more in my article on the Hot for Security blog.


0 sec read

tripwire.com

Zero-day flaw exploited in targeted attacks is fixed by Microsoft

This month’s Patch Tuesday bundle of updates from Microsoft included a fix for a critical vulnerability that has been actively exploited by at least one hacking gang in targeted attacks.

Read more in my article on the Tripwire State of Security blog.


0 sec read

Cryptomining with JavaScript in an Excel spreadsheet

It didn’t take long at all for a security researcher to demonstrate how easy it was to turn an Excel spreadsheet into a cryptomining machine.


52 sec read

Bad guys have something new to play with! Microsoft Excel adds support for JavaScript

Microsoft has launched some new features in its Excel spreadsheet software that will boost its power. But will that only be for the benefit of users?


33 sec read