News


Microsoft Warns of Active Attacks Using Malicious Office Documents

The Microsoft Security Response Center warned of active attacks leveraging a remote code execution vulnerability in Internet Explorer's Trident engine (MSHTML), per a Tuesday Twitter post.

FBI and CISA Warn Ransomware Attacks More Prevalent on Holidays

Organizations could be more subject to ransomware attacks on weekends and holidays, according to an alert issued this week by the FBI and the Cybersecurity and Infrastructure Security Agency. 

Microsoft Releases 'Commercial Previews' of Windows 11 and Windows 10 Version 21H2

Microsoft on Thursday announced that "commercial previews" of Windows 11 and Windows 10 version 21H2 are available for testing by organizations opting into the Windows Insider Program for Business.

Windows Server 2022 Announced at General Availability

Windows Server 2022 was announced by Microsoft as reaching the "general availability" stage, meaning it's deemed ready for deployment in production environments.

Microsoft Schedules Windows 11 Release for Oct. 5

Windows 11, Microsoft's next-gen desktop operating system, will begin rolling out on Oct. 5, Microsoft announced Tuesday.

Microsoft to Azure Cosmos DB Users: Your Data May Have Been Exposed

Microsoft warned thousands of Azure Cosmos DB users last week that their data may have been exposed through a recently discovered security flaw in Jupyter Notebook.

Microsoft Clarifies Windows 11 Processor Requirements

Microsoft further described Windows 11 hardware requirements, providing an update on questions about possible seventh-generation processor support.

Microsoft Defender for Endpoint on Mac Getting Native M1-Chip Support

The Microsoft Defender for Endpoint on Mac security solution is now starting to get "native" agent support for running on Apple M1 chip-based devices, Microsoft announced this week.

Microsoft Pledges $20B Cybersecurity Investment After White House Talk

Big tech companies pledged money and efforts following an Aug. 25 Biden administration meeting on U.S. cybersecurity initiatives, as described in this White House announcement.

Microsoft Embracing Native QUIC in Newer Windows OSes and Edge Browser

Microsoft this week described QUIC, an Internet transport layer protocol alternative to the venerable Transmission Control Protocol (TCP), in an announcement.

Microsoft Urges Patching Exchange Server To Avoid ProxyShell Attacks

The Exchange team at Microsoft posted an announcement on Wednesday acknowledging "ProxyShell" threats and urging organizations to keep Exchange Server up to date with the latest cumulative updates and security updates.

Power Apps Users Inadvertently Exposed 38M Personal Info Records

Business and government application developers inadvertently exposed a total of 38 million records because of Microsoft's design of its Power Apps application-building service.

ProxyShell Exchange Server Flaw Getting Used for Ransomware Attacks

Security researchers are seeing the appearance of LockFile ransomware deployments after attackers gained access to Exchange Server via a so-called "ProxyShell" vulnerability.

Windows Server 2022 Quietly Reaches 'General Availability' Release Stage

Windows Server 2022 reached the "general availability" (GA) commercial-release stage on Aug. 18, and a possibly working ISO is now at the Microsoft Volume License Service Center.

Microsoft Cloud Katana Released as Open Source for Testing Cloud Security

Microsoft announced on Thursday that it is releasing Cloud Katana as an open source code project for assessing "security controls in the cloud and hybrid cloud environments."

Azure Virtual Desktop Adds Windows 11 Preview Option

The Azure Virtual Desktop service now offers the choice of using the Windows 11 operating system at the preview stage.

Office 365 and Microsoft 365 Subscription Costs Going Up Next March

Microsoft on Thursday announced plans to increase subscription costs for Office 365 and Microsoft 365 business users, starting on March 1, 2022.

PetitPotam NTLM Relay Attacks Flagged by Microsoft Defender for Identity

Microsoft explained "PetitPotam" NTLM relay attacks in a Wednesday announcement, while also suggesting that its Microsoft Defender for Identity product was capable of identifying such attack attempts.

Microsoft 'Azure Government Top Secret' Goes GA

Microsoft's unique cloud instance for U.S. government agencies and their solution providers known as Azure Government Top Secret became generally available this week, the company announced.

Windows Print Spooler Flaws Leveraged in Ransomware Attacks

Security researchers last week described ransomware perpetrators incorporating Windows "PrintNightmare" exploits in their attacks.