Microsoft Is Disabling Default ActiveX Controls in Office 2024 to Improve Security
Microsoft has been on the warpath against legacy Office features that are providing entry points for bad actors since 2018.
Microsoft 365
15 free Microsoft 365 security training modules worth your time
Microsoft 365 is a cloud-based productivity suite. Beyond just tools like Word and Excel, it integrates productivity applications with cloud functionalities, device administration, and enhanced security, all within a unified experience. Managing Micros…
Microsoft 365 email senders urged to implement SPF, DKIM and DMARC
In the wake of Google’s announcement of new rules for bulk senders, Microsoft is urging Microsoft 365 email senders to implement SPF, DKIM and DMARC email authentication methods. “These Domain Name Service (DNS) email authentication records…
EvilProxy Phishing Targets Microsoft 365 Accounts Via Indeed.com Redirects
Researchers have found a new EvilProxy phishing campaign that targets Microsoft 365 accounts. To trick…
EvilProxy Phishing Targets Microsoft 365 Accounts Via Indeed.com Redirects on Latest Hacking News | Cyber Security News, Hacking Tools and Pen…
Microsoft Teams users targeted in phishing attack delivering DarkGate malware
A new phishing campaign taking advantage of an easily exploitable issue in Microsoft Teams to deliver malware has been flagged by researchers. Delivering malware to Microsoft Teams users Late last month, Truesec researchers spotted two compromised Micr…
How Chinese hackers got their hands on Microsoft’s token signing key
The mystery of how Chinese hackers managed to steal a crucial signing key that allowed them to breach Microsoft 365’s email service and access accounts of employees of 25 government agencies has been explained: they found it somewhere where it shouldn&…
Abnormal Security: Microsoft Tops List of Most-Impersonated Brands in Phishing Exploits
A new study found that 4.31% of phishing attacks mimicked Microsoft, far ahead of the second most-spoofed brand PayPal.
Microsoft 365 accounts of execs, managers hijacked through EvilProxy
A phishing campaign leveraging the EvilProxy phishing-as-a-service (PhaaS) tool has been spotted targeting Microsoft 365 user accounts of C-level executives and managers at over 100 organizations around the world. The rise of phishing-as-a-service As o…
Teach a Man to Phish and He’s Set for Life
One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a traditional, clean email message, or leveraging link redirects on LinkedIn, or abusing an encoding method that makes it easy to disguise booby-trapped Microsoft Windows files as relatively harmless documents.
Develop High-Demand Cybersecurity Skills for Just $60 Through 10/23
Protect your company by learning maximum security practices in this bundle, while it’s available at $59.97.