Security


Microsoft Mostly Fixes Azure Active Directory 'BingBang' App Misconfigurations

Microsoft on Wednesday confirmed that it has addressed a so-called "BingBang" security issue that affected "small number of our internal applications" due to Azure Active Directory authorization misconfigurations.

AI-Powered Microsoft Security Copilot Revealed

Microsoft on Tuesday announced a new predictive language chat tool for security experts called Microsoft Security Copilot.

CISA Releases Untitled Goose Tool for Tracking Microsoft Azure and Microsoft 365 Security Incidents

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) this week announced the release of a publicly available and free post-incident hunting tool for organizations using Microsoft Azure, Azure Active Directory and Microsoft 365 applications.

Azure Firewall Basic Commercially Released

Microsoft this week announced that Azure Firewall Basic is now at the "general availability" commercial-release stage.

Microsoft March 2023 Patch Tuesday: 2 Zero-Day Flaws Fixed

Microsoft on Tuesday released 80 targeted fixes for its monthly security update, including fixes for two flaws that are currently being exploited.

Microsoft 365 Defender Real-Time Custom Detection Rules Previewed

Microsoft 365 Defender users are getting a public preview of the ability to set custom detection rules for near real-time security events, according to a Monday announcement.

Microsoft and Mitre Collaborating on AI and Machine Learning Security Tools

Microsoft and Mitre Corp. last week outlined their collaborative efforts to shore up the security of machine learning models and artificial intelligence (AI) platforms.

3 Zero Day Flaw Fixes for Microsoft's February Security Patch

Microsoft's February security update comes packed for three important fixes aimed at addressing currently exploitable vulnerabilities across the company's product and services.

Swirl

'What Does It Actually Excel At?' A Conversation with an AI Expert About ChatGPT

To hear one applied AI specialist explain it, the reason there are so many questions around ChatGPT is that it makes us ask questions about ourselves.

Microsoft Previews Automatic Blocking of Sensitive Info Leak Attempts

Microsoft this week announced a preview of an automated way to block employees from spilling sensitive company information.

Consent-Phishing Attack Passed Microsoft's 'Verified Publisher' Checks

Cybersecurity company Proofpoint on Tuesday described attacks that lulled users into authorizing permissions for malicious cloud apps because they may have trusted Microsoft's "Verified Publisher" screening.

Microsoft Defender Vulnerability Management Adds 'Authenticated Scan for Windows' Capability

Microsoft this week announced that its Microsoft Defender Vulnerability Management solution can now scan Windows devices that are lacking certain agent support.

Government Agencies 'Dismantle' Hive Ransomware Operations

The U.S. Department of Justice announced on Thursday that the Hive ransomware group's international network has been "dismantled."

0Patch Promises Two More Years of Patch Support for Windows 7 and Windows Server 2008 R2

Microsoft this week ended its patch support for Windows 7 and other venerable Windows products, but one company, 0patch, is saying that it'll provide fixes for "Critical" security issues for another two years.

Microsoft Kicks off 2023 with a 98 Flaw Security Patch

The first Patch Tuesday arrived this week, featuring 98 fixes for security issues across Microsoft's wide line of products and services.

Microsoft's Security Update Guide To Report on CBL-Mariner Linux Vulnerabilities

Microsoft's Security Update Guide, which chronicles Microsoft's patch releases each month, is getting two relatively new additions.

Exchange Online TLS 1.0 and 1.1 Support Ending for POP 3 and IMAP 4 Clients

Microsoft gave notice this week that it's planning to disable the use of the Transport Layer Security (TLS) 1.0 and TLS 1.1 security protocols for Exchange Online customers that use Post Office Protocol 3 (POP 3) and/or Internet Message Access Protocol 4 (IMAP 4) clients, starting next month.

Microsoft Adds More User Phishing Details to Attack Simulation Training Service

Microsoft's Attack Simulation Training product now shows more information about how users interacted with simulated phishing attacks, per a Tuesday announcement.

Matrix

Breakdown of the Rackspace Ransomware Incident

What caused the issue and what, as customers, we can do to keep our data secure.

Report Predicts Rise of AI Based Cyberattacks in Next 5 Years

Artificial intelligence (AI)-based cyberattacks on organizations could start to ramp up over the next five years, according to a recently published report.

Subscribe on YouTube

Upcoming Training Events