The Latest in IT Security

1

Researchers have uncovered a new way to abuse a workflow automation feature in Microsoft 365 to exfiltrate data. Eric Saraga from cybersecurity firm Varonis discovered how Power Automate, a feature found in Microsoft 365 for Outlook, SharePoint, and OneDrive, can be abused to automatically share or send files, or forward emails, to unauthorized third parties. […]

Read more ...

1

A threat actor, likely Chinese in origin, is actively attempting to exploit a zero-day vulnerability in the Zimbra open-source email platform as part of spear-phishing campaigns that commenced in December 2021. The espionage operation — codenamed “EmailThief” — was detailed by cybersecurity company Volexity in a technical report published Thursday, noting that successful exploitation of […]

Read more ...

1

Phishers are trying to harvest credentials for Office 365 or other business email accounts by impersonating the U.S. Department of Labor (DOL), Inky‘s researchers have warned. The ploy? The DOL is ostensibly inviting companies to submit “proposals from qualified contractors for ongoing government projects”, and helpfully explaining the various steps of the process: Read More

Read more ...


Categories

SATURDAY, MAY 21, 2022
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments