Security


Man and Arrows

Microsoft Once Again Blocks Malicious Macros in Office

Microsoft this week said they are once again reverting back to blocking Visual Basic Application (VBA) macros in Office.

Microsoft Touts HyperClear Protection Against RETbleed and Other New Side-Channel Attacks

Microsoft announced on Tuesday that its HyperClear technology used with its Hyper-V hypervisor offers protections against new speculative execution side-channel attack methods that were disclosed last week by AMD and Intel.

Decentralized Identifiers Finalized as W3C Recommendation

The nonprofit World Wide Web Consortium (W3C) on Tuesday announced that its collaborative work on Decentralized Identifiers (DIDs) is now a W3C Recommendation, which is at version 1.0.

Thousands of Orgs Hit by Massive AiTM Phishing Campaign

Microsoft disclosed details this week of a large-scale phishing campaign that has targeted more than 10,000 organizations since September 2021.

Microsoft Adds DNS over TLS to Windows 11 Test Release

Microsoft on Wednesday announced features in Windows 11, build 25158, for its Windows Insider Program testers that includes a new Domain Name System (DNS) over Transport Layer Security (TLS) encryption option.

Microsoft Defender for Business Adds Server Protections Preview

Microsoft Defender for Business now has the ability to protect servers, which is at the preview stage, according to a Wednesday Microsoft announcement.

July (Auto) Patch Tuesday: One Zero-Day Flaw Fixed

Microsoft's monthly security patches for July are here and, despite the 86 flaws fixed, it might go smoother for some thanks to Windows Autopatch.

Microsoft Entra Permissions Management Service Now Commercially Available

The Microsoft Permissions Management service, used for ensuring proper access permissions across cloud services, is now commercially available, according to a Thursday Microsoft announcement.

Microsoft Commercially Releases Windows Autopatch

Microsoft on Monday announced that its new Windows Autopatch service is now commercially available.

Microsoft Reverses Office Macro Blocking Decision

Microsoft has quietly reversed an earlier decision to block Internet macros by default in Office.

Microsoft Highlights Protections Against NTLM Relay Attack Variant DFSCoerce

Microsoft on Friday noted that a new "PetitPotam" NT LAN Manager (NTLM) relay attack variant called "DFSCoerce" is addressed if organizations followed its earlier advice in Knowledge Base article KB5005413.

AMD Data Held by Cyber Criminal Group RansomHouse

According to claims made by the cybercriminal group RansomHouse, the group is in possession of data stolen from Santa Clara, Calif.-based chip maker AMD.

Microsoft Defender Vulnerability Management Now Reports CVEs Lacking Fixes

Microsoft is previewing the ability for organizations to see when software lacks fixes for common vulnerability and exposures (CVEs), as described in a Monday announcement.

Survey: Support for Zero Knowledge Proofs in Web3 Growing

The cryptography practice of proving and validating information without revealing the data behind the information -- known as zero knowledge proofs (ZKP) -- is the key to securing and growing Web3 and the metaverse, a recent survey found.

CISA, NSA and Other Agencies Recommend Hardening PowerShell

Government cybersecurity organizations on Tuesday announced guidelines for using Microsoft's built-in PowerShell scripting language with Windows, without having it also be leveraged by attackers.

Microsoft Adds New Capabilities to Verified ID Preview

Microsoft on Tuesday announced improvements to the preview of the Microsoft Entra Verified ID service.

Microsoft Secured-Core IoT and Edge Devices Now Available

Microsoft has brought its Secured-core security design to Internet of Things (IoT) and edge devices, according to a Monday announcement.

Exchange Tenancies Should Prep for iOS Device 'Modern Authentication' Shift

Microsoft and Apple are working together to eliminate Basic Authentication use with the Mail app for organizations using the Microsoft Exchange Online e-mail service, according to a Thursday Microsoft announcement.

Microsoft Defender for Individuals App Released to Consumer Users

Microsoft has released a new security application for consumer subscribers to the Microsoft 365 Personal or Microsoft 365 Family product suites, as described in a Thursday announcement.

Q&A with Nestori Syynimaa: Don't Neglect On-Prem Security

Cloud security in a growing work-from-home landscape should not be IT's only focus.

Subscribe on YouTube

Upcoming Training Events