News – Page 5 – BU-CERT

Microsoft 365, Office users hit by wave of ‘30088-27’ update errors

Posted on 11 July 2024

From bleepingcomputer.com

Over the last month, Microsoft 365 and Microsoft Office users have been experiencing “30088-27” errors when attempting to update the application.

Based on widespread user reports, the update problems plague Microsoft 365 users and those who use Click-To-Run (C2R) versions of Office 2016, 2019, and 2021.

“Something went wrong. We’re sorry, we ran into a problem while looking for updates. Please check your network connection and try again later,” the update errors read.

Some affected users report being told by Microsoft support that this issue also impacts the latest Office release, Version 2406 (Build 17726.20126).

A Microsoft community moderator advised those impacted to revert to the previous version and turn off automatic updates until the next Office release.

“Network reasons have been ruled out as possible causes. This problem has now become a hot topic in the community. In other threads, some users mentioned that this problem occurred after updating to Office version 17726.20126,” the Redmond agent told them.

“The problem is solved by disabling updates and rolling back the version of Office.”

When scientific citations go rogue: Uncovering ‘sneaked references’

Posted on 11 July 2024

From theconversation.com

A researcher working alone – apart from the world and the rest of the wider scientific community – is a classic yet misguided image. Research is, in reality, built on continuous exchange within the scientific community: First you understand the work of others, and then you share your findings.

Reading and writing articles published in academic journals and presented at conferences is a central part of being a researcher. When researchers write a scholarly article, they must cite the work of peers to provide context, detail sources of inspiration and explain differences in approaches and results. A positive citation by other researchers is a key measure of visibility for a researcher’s own work.

But what happens when this citation system is manipulated? A recent Journal of the Association for Information Science and Technology article by our team of academic sleuths – which includes information scientists, a computer scientist and a mathematician – has revealed an insidious method to artificially inflate citation counts through metadata manipulations: sneaked references.

EU ends Apple Pay antitrust probe with binding commitments to open up contactless payments

Posted on 11 July 2024

From techcrunch.com

The European Union has accepted commitments from Apple over how it operates Apple Pay to settle a long running competition investigation. Commission EVP Margrethe Vestager, who heads up the EU’s competition division, announced the development in a press conference Thursday.

Apple has until July 25 to implement changes that will allow developers of rival mobile wallets to offer contactless payment by the predominant technology used in the EU (NFC) — enabling them to offer their users “tap and go” payments, she said. They will also be able to access key iOS features, such as double click to launch their apps as well as Face ID, Touch ID and passcodes for authentication.

Apple will also let users set a third-party wallet app as their default, rather than its own Apple Wallet.

Microsoft’s July 2024 Patch Tuesday Addresses 138 CVEs (CVE-2024-38080, CVE-2024-38112)

Posted on 11 July 2024

From tenable.com

Microsoft released 138 CVEs in July 2024 Patch Tuesday release, with five rated critical, 132 rated important and one rated moderate. Our counts omitted four vulnerabilities, two reported by GitHub, and one reported by CERT/CC and Arm each.

Remote Code Execution (RCE) vulnerabilities accounted for 42.8% of the vulnerabilities patched this month, followed by Elevation of Privilege (EoP) and Security Feature Bypass vulnerabilities at 17.4%.

Roblox Data Breach: Email & IP address Details Exposed

Posted on 8 July 2024

From gbhackers.com

Roblox, the globally renowned online gaming platform, has suffered a data breach.

According to a tweet from cybersecurity expert H4ckManac, the breach has exposed sensitive information, including email addresses and IP addresses of millions of users.

Apple Removes VPN Apps from Russian App Store Amid Government Pressure

Posted on 8 July 2024

From thehackernews.com

Apple removed a number of virtual private network (VPN) apps in Russia from its App Store on July 4, 2024, following a request by Russia’s state communications watchdog Roskomnadzor, Russian news media reported.

This includes the mobile apps of 25 VPN service providers, including ProtonVPN, Red Shield VPN, NordVPN and Le VPN, according to MediaZona. It’s worth noting that NordVPN previously shut down all its Russian servers in March 2019.

“Apple’s actions, motivated by a desire to retain revenue from the Russian market, actively support an authoritarian regime,” Red Shield VPN said in a statement. “This is not just reckless but a crime against civil society.”

CloudSorcerer – A new APT targeting Russian government entities

Posted on 8 July 2024

From securelist.com

In May 2024, we discovered a new advanced persistent threat (APT) targeting Russian government entities that we dubbed CloudSorcerer. It’s a sophisticated cyberespionage tool used for stealth monitoring, data collection, and exfiltration via Microsoft Graph, Yandex Cloud, and Dropbox cloud infrastructure. The malware leverages cloud resources as its command and control (C2) servers, accessing them through APIs using authentication tokens. Additionally, CloudSorcerer uses GitHub as its initial C2 server.

CloudSorcerer’s modus operandi is reminiscent of the CloudWizard APT that we reported on in 2023. However, the malware code is completely different. We presume that CloudSorcerer is a new actor that has adopted a similar method of interacting with public cloud services.