Microsoft office | Breaking Cybersecurity News | The Hacker News

Yesterday Night Microsoft has faced another targeted attack by the Syrian Electronic Army (SEA), a group supposed to be aligned with Syrian President Bashar al-Assad . The SEA group is popular for its advance phishing attack and using the same technique they also hacked into the Official Twitter account of Microsoft News, Xbox Support, Skype and also defaced the Microsoft, Skype Official Blog pages in the past few weeks. Yesterday, Just after the Microsoft uploaded the newly designed website of it ' Microsoft Office ' blog, the Syrian Electronic Army gang again compromised it successfully. SEA uploaded the hacked blog screenshots on their twitter account, with a defacement article titled " Hacked by the Syrian Electronic Army ", as shown. Before, they also taunted Microsoft that " changing the CMS will not help you if your employees are hacked and they don't know about that ." The Group kept their promise to continue their attacks

Microsoft has released advanced notification for the November 2013 security updates that are scheduled to be released on November 12, 2013. The company plans to deliver eight security bulletins for Windows 8.1, three of them are rated critical and five are important. But there's no relief in sight for a zero-day vulnerability ( CVE-2013-3906 ) in how Office handles .TIFF graphics files . The bulletins listed in Microsoft's advanced notification as critical are for remote code execution vulnerabilities in Windows operating system and the remaining vulnerabilities listed as important are said to be remote code execution, elevation of privilege, information disclosure and denial of service flaws affecting Windows operating system, as well as Microsoft Office. A malicious zero day attack capable of hijacking your PC via a vulnerability found in Windows, Office, and Lync is being exploited more widely than originally thought. Some new reports of the security resea

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Microsoft has issued a temporary fix for a 0day vulnerability that can be exploited to install malware via infected Word documents. A Zero-day Remote code execution flaw, which has been dubbed CVE-2013-3906 , exploits a vulnerability in a Microsoft graphics component, to target Microsoft Office users running Windows Vista and Windows Server 2008. " The vulnerability is a remote code execution vulnerability that exists in the way affected components handle specially crafted TIFF images ," it said in the post .  Vulnerability was reported to Microsoft by McAfee Labs senior security researcher Haifei Li. A successful infection can give an attacker complete control over a system. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Currently the company is only aware of targeted attacks mostly in the Middle East and South Asia, with attackers sending unsuspecting v