Security


Microsoft Adds Azure AD Security and Compliance Perks

Microsoft this week announced Azure Active Directory enhancements for organizations that likely will better address some security and compliance issues.

Microsoft Permits 3-Month Reprieve Before Ending Basic Authentication for Exchange Online Users

Microsoft still intends to turn off Basic Authentication for Exchange Online users on Oct. 1, but it is offering a possible grace period of about three months before ending it altogether.

Microsoft Describes 'MagicWeb' Attacks Using Active Directory Federation Services

Microsoft on Wednesday described "MagicWeb" attacks by an advanced persistent threat group called "Nobelium," advising organizations using Active Directory Federation Services (ADFS) to take hardening steps.

Network and Web Protections in Microsoft Defender for Endpoint Now Available at Preview for Linux and macOS Devices

Microsoft this week announced public previews of Network Protection and Web Protection capabilities for Linux and macOS devices in its Microsoft Defender for Endpoint solution.

Microsoft Disrupts Major Russian Phishing Group

Microsoft this week announced it had taken actions to cripple the Russia-based SEABORGIUM cybercriminal group.

Examining Microsoft 365 Privacy Options

You might not be able to stay hidden from your employer's watchful eye, but you do have some control on the amount of visibility.

Microsoft Awards $13.7 Million in Bug Bounty Program

Microsoft announced last week that it has paid out $13.7 million to 335 researchers in the last year through Microsoft Bug Bounty Programs.

Microsoft's Delay in Patching 'Dogwalk' Flaw Baffles Security Researchers

Microsoft took more than two years after disclosure to patch a vulnerability in the Windows Support Diagnostic Tool, dubbed "Dogwalk," which was described this week as being under active exploit.

Microsoft Sentinel Can Now Detect 'Low and Slow' Password Spray Attacks

Microsoft has created a new "guided hunting notebook" for Microsoft Sentinel users that's designed to detect so-called "low and slow" password spray attacks, according to a Thursday announcement.

August Patch Tuesday: Microsoft Plugs 121 Flaws

After a lighter-than-usual past few months, Microsoft is back in the triple digits for its monthly security update, with 121 common vulnerabilities and exposures (CVE) fixes.

Microsoft Entra Verified ID Service Now Available

Microsoft Entra Verified ID, a new service that promises a more deliberate way for individuals and organizations to share identity information, is now released at the "general availability" stage, Microsoft announced on Monday.

Windows 11 To Block Brute Force Ransomware Attacks by Default

Microsoft recently rolled out a new security policy for Windows 11 that aims to curb the growing ransomware threat by blocking some brute-force attacks.

Rocks

Managing Multicloud Environments Amid the Cloud Boom

From cloud security to multicloud management, this IT industry expert provides great insights into where the cloud is and where it's headed.

Microsoft Unveils Alternative to Mitre's Documentation of Azure Attack Methods

Microsoft this week described an Azure Threat Research Matrix for documenting tactics, techniques or procedures (TTPs) used against Azure services, including the Azure Active Directory service.

Windows Update for Business Deployment Service Will Apply Safeguard Holds Automatically for Suspect Patches

Microsoft this week began further explaining its Windows Update for Business Deployment Service, with a focus on Safeguard Holds.

New Microsoft Defender Experts for Hunting Service Now Commercially Available

Microsoft on Wednesday announced the "general availability" commercial release of the Microsoft Defender Experts for Hunting service.

Microsoft Releases New Microsoft Defender Security Services, Plus Microsoft Sentinel Solution for SAP

Microsoft on Tuesday announced three new enterprise-grade security products, which are now commercially released.

Attackers Evolve Strategy After Microsoft Office Macro Blocking

Threat actors are adjusting their tactics and moving away from macro-based attacks after Microsoft's policy of blocking VBA macros in Office, according to a report released this week.

Microsoft Ending the Windows Information Protection Service

Microsoft on Thursday announced the gradual end of its Windows Information Protection (WIP) service, which is designed to keep users of Microsoft 365 apps from inadvertently disclosing organizational information.

Microsoft Access Fixes Coming Soon To Remedy Patch Tuesday Update Troubles

Microsoft this week indicated that fixes for Microsoft Access problems, which were caused by a botched July 12 "patch Tuesday" security patch release, will be arriving soon.

Subscribe on YouTube

Upcoming Training Events