Security


Windows Print Spooler Flaws Leveraged in Ransomware Attacks

Security researchers last week described ransomware perpetrators incorporating Windows "PrintNightmare" exploits in their attacks.

Attackers Now Scanning for 'ProxyShell' Vulnerabilities in Exchange Server

Recent scanning for a "Critical" remote code execution vulnerability (CVE-2021-34473) in Exchange Server, dubbed "ProxyShell," has been detected by security researchers.

Another Windows Print Spooler Vulnerability Disclosed by Microsoft

Microsoft on Wednesday published a "Security Update Guide" notice on another Windows print spooler vulnerability, namely CVE-2021-36958.

Microsoft Addresses June Patch Glitch, and Starts Bundling SSUs with LCUs for Windows 10

Microsoft on Tuesday announced the release of a "standalone" servicing stack update (SSU) for Windows 10 systems to address a patching problem that had affected some organizations trying to apply a June security update.

August Microsoft Security Patch Bundle Addresses 44 Vulnerabilities

Microsoft released August security updates to address 44 common vulnerabilities and exposures (CVEs) in various Microsoft software products.

Microsoft Previews Early Ransomware Detection in Azure Sentinel

Microsoft is previewing early detection capabilities for spotting ransomware campaigns using its Azure Sentinel security information event management (SIEM) solution.

Ivanti Buys RiskSense To Boost Risk Assessment and Patch Intelligence Capabilities

Ivanti on Monday announced the acquisition of risk assessment solutions company RiskSense with the aim of enhancing the Ivanti Neurons for Patch Intelligence product. 

Security Tops IT Pro Concerns with Shift to Remote Work, Study Finds

IT pros were most worried about possible increases in cybersecurity attacks with the shift toward remote work in 2020, according to a survey conducted by Netwrix.

Azure Firewall Premium Becomes Generally Available

Microsoft has announced the general availability of the Premium edition of Azure Firewall, its managed, cloud-based network security service.

Microsoft Releases Safe Links for Teams and Other Security Solutions

Microsoft is continuing to advance its cloud-based security services with a couple of previews announced this week, plus a product release.

Kaseya Using Universal Key to Unlock REvil-Encrypted Customer Data

Kaseya announced this week that it is using a "universal decryptor key" for customers that were affected by a REvil ransomware attack reported on July 2.

Microsoft Issues Security Advisory on 'SeriousSAM' Elevation of Privilege Flaw in Windows Client Systems

Microsoft on Tuesday issued a security advisory about an elevation-of-privilege vulnerability (CVE-2021-36934) present in Windows 10 client operating systems.

Microsoft Buys CloudKnox Security to Boost Azure Active Directory Service

Microsoft on Wednesday announced the acquisition of CloudKnox Security, a maker of "cloud infrastructure entitlement management" solutions for organizations using various cloud services.

White House Says China's APT40 Responsible for Exchange Hacks, Ransomware Attacks

The Biden administration released a statement on Monday naming the People's Republic of China as responsible for widespread cyberattacks that notably targeted Exchange Server users.

Microsoft Suggests Disabling Windows Print Spooler After New Bug Discovered

Microsoft is investigating a new vulnerability in the Windows print spooler service and is recommending that IT pros disable it, if possible, as an interim measure, although doing so eliminates the ability to print.

Microsoft Delivers Hefty July Patch Bundle for 117 Vulnerabilities

The July security patch tally seems like a rerun of the hefty bundles that were seen last year.

Microsoft Buying RiskIQ To Boost Cloud Security Solutions

Microsoft announced on Monday that it is acquiring RiskIQ, a San Francisco-based provider of software-as-a-service security solutions for organizations.

Microsoft Clarifies Its 'PrintNightmare' Patch Advice

Microsoft on Thursday issued "clarified guidance" for organizations addressing a zero-day Windows printer spooler vulnerability dubbed "PrintNightmare."

Microsoft Issues Out-of-Band 'PrintNightmare' Windows Print Spooler Patch

Microsoft on Tuesday announced the release of an "out-of-band" fix for a Windows print spooler vulnerability dubbed "PrintNightmare."

REvil Ransomware Attacks Used Zero-Day Vulnerability in Kaseya's IT Management Software

A ransomware attack leveraging a zero-day vulnerability in Kaseya's VSA management solution may have affected about 60 managed service providers (MSPs) and almost 1,500 of their business customers.

Subscribe on YouTube

Upcoming Training Events