Security


Microsoft Enhances Phishing Protections for Windows 11, but Not Windows 10

Microsoft offered more details this week about its enhanced phishing protection technology that kicked off with the newly released Windows 11 version 22H2.

Microsoft September Patch Bundle Addresses 64 Vulnerabilities

Microsoft has released its September bundle of security patches, addressing about 64 common vulnerabilities and exposures (CVEs).

Why Immutable Backup Storage Isn't Enough Protection Against Ransomware

To truly protect your data from attackers, take some time to follow these additional safeguards.

Google Cloud Now Bolstered by Mandiant Security Services

Google announced on Monday that it has completed its acquisition of security solutions company Mandiant.

Los Angeles Unified School District Hit by Ransomware Attack

The Los Angeles Unified School District reported on Monday that a ransomware attack had occurred.

Microsoft Adds Azure AD Security and Compliance Perks

Microsoft this week announced Azure Active Directory enhancements for organizations that likely will better address some security and compliance issues.

Microsoft Permits 3-Month Reprieve Before Ending Basic Authentication for Exchange Online Users

Microsoft still intends to turn off Basic Authentication for Exchange Online users on Oct. 1, but it is offering a possible grace period of about three months before ending it altogether.

Microsoft Describes 'MagicWeb' Attacks Using Active Directory Federation Services

Microsoft on Wednesday described "MagicWeb" attacks by an advanced persistent threat group called "Nobelium," advising organizations using Active Directory Federation Services (ADFS) to take hardening steps.

Network and Web Protections in Microsoft Defender for Endpoint Now Available at Preview for Linux and macOS Devices

Microsoft this week announced public previews of Network Protection and Web Protection capabilities for Linux and macOS devices in its Microsoft Defender for Endpoint solution.

Microsoft Disrupts Major Russian Phishing Group

Microsoft this week announced it had taken actions to cripple the Russia-based SEABORGIUM cybercriminal group.

Examining Microsoft 365 Privacy Options

You might not be able to stay hidden from your employer's watchful eye, but you do have some control on the amount of visibility.

Microsoft Awards $13.7 Million in Bug Bounty Program

Microsoft announced last week that it has paid out $13.7 million to 335 researchers in the last year through Microsoft Bug Bounty Programs.

Microsoft's Delay in Patching 'Dogwalk' Flaw Baffles Security Researchers

Microsoft took more than two years after disclosure to patch a vulnerability in the Windows Support Diagnostic Tool, dubbed "Dogwalk," which was described this week as being under active exploit.

Microsoft Sentinel Can Now Detect 'Low and Slow' Password Spray Attacks

Microsoft has created a new "guided hunting notebook" for Microsoft Sentinel users that's designed to detect so-called "low and slow" password spray attacks, according to a Thursday announcement.

August Patch Tuesday: Microsoft Plugs 121 Flaws

After a lighter-than-usual past few months, Microsoft is back in the triple digits for its monthly security update, with 121 common vulnerabilities and exposures (CVE) fixes.

Microsoft Entra Verified ID Service Now Available

Microsoft Entra Verified ID, a new service that promises a more deliberate way for individuals and organizations to share identity information, is now released at the "general availability" stage, Microsoft announced on Monday.

Windows 11 To Block Brute Force Ransomware Attacks by Default

Microsoft recently rolled out a new security policy for Windows 11 that aims to curb the growing ransomware threat by blocking some brute-force attacks.

Rocks

Managing Multicloud Environments Amid the Cloud Boom

From cloud security to multicloud management, this IT industry expert provides great insights into where the cloud is and where it's headed.

Microsoft Unveils Alternative to Mitre's Documentation of Azure Attack Methods

Microsoft this week described an Azure Threat Research Matrix for documenting tactics, techniques or procedures (TTPs) used against Azure services, including the Azure Active Directory service.

Windows Update for Business Deployment Service Will Apply Safeguard Holds Automatically for Suspect Patches

Microsoft this week began further explaining its Windows Update for Business Deployment Service, with a focus on Safeguard Holds.

Subscribe on YouTube