Security


Attackers Using Excel Read-Only Files To Obscure Malware

Attackers can attempt to hide malicious payloads in Excel files sent by e-mail by using a standard Excel feature, according to a Tuesday post by Mimecast researchers.

The Challenges of Securing All Those Newly Remote Workers

Security expert Dale Meredith identifies cybersecurity challenges, best practices and major concerns resulting from all the employees forced into home offices by COVID-19.

Azure Active Directory Getting Custom Roles and MFA Improvements

Microsoft this month announced a couple of Azure Active Directory improvements with regard to custom roles and multifactor authentication support that are available now and on the horizon.

Azure Security Center Can Now Monitor Azure Kubernetes Service Containers

Microsoft announced this week that the Azure Security Center management portal now works with the Azure Kubernetes Service (AKS) to ensure the security of Docker containers running on Linux systems or virtual machines.

Microsoft Warns of 'Critical' Flaw in Windows Preview Pane

Microsoft on Monday issued Security Advisory ADV200006 for a "Critical"-rated remote code execution vulnerability in both supported and unsupported Windows systems.

Microsoft Touts Secured-Core PCs To Block Driver Exploits

The Windows platform security team explained this week in an announcement that PC devices are subject to possible driver exploits, and recommended the use of Secured-core PCs as a defensive measure.

CISA Outlines VPN Best Practices for Supporting Teleworkers

The Cybersecurity and Infrastructure Security Agency (CISA) issued an alert on Friday outlining virtual private network (VPN) best practices for organizations supporting remote workforces.

Microsoft Issues Out-of-Band Security Patches for Windows SMB 3 Flaw

Microsoft on Thursday published an "out-of-band" security bulletin describing patches for newer Windows systems that are subject to a "Critical"-rated vulnerability in Server Message Block (SMB) 3.1.1.

Microsoft Issues Security Advisory on 'Critical' SMB 3 Flaw in Windows Systems

Microsoft issued Security Advisory ADV200005 on late Tuesday about a "Critical"-rated Server Message Block (SMB) 3.1.1 vulnerability.

March Microsoft Security Patches Address 26 Critical Vulnerabilities

Microsoft released its March security patches on Tuesday, which address about 115 common vulnerabilities and exposures (CVEs) in total.

Researchers Suggest AMD Chips Subject to Cache Side-Channel Attacks

AMD processors have "cache way predictors" that can leak information when subjected to attacks, according a paper (PDF) by university researchers.

Microsoft Bringing SMB Over QUIC to Windows

Microsoft is working on Server Message Block (SMB) over QUIC technology for use with "Windows, Windows Server, and Azure Files," according to a Monday announcement.

New Edge Browser Getting Ability To Block Unwanted Apps

The new Chromium-based Microsoft Edge browser is getting the ability to block potentially unwanted applications (PUAs), Microsoft announced on Thursday.

Microsoft Didn't Remove the SMB1 Protocol from Windows

Microsoft explained in a Wednesday announcement that it didn't actually remove Server Message Block 1 (SMB1) from Windows releases.

Exchange Online Users Get More Caveats on Basic Authentication's End in October

Microsoft on Tuesday offered more details on its plans to end Basic Authentication in Exchange Online, which will cause pain for some organizations.

Space Image

Microsoft's Azure Sphere for IoT Devices Now Commercially Available

Microsoft announced that its Azure Sphere solutions for Internet of Things (IoT) devices have reached the "general availability" (GA) commercial-release stage.

Dell Sells RSA Assets for $2 Billion

Dell's RSA security solutions businesses, including the RSA Conference, were bought by a consortium of companies for about $2 billion, according to Tuesday announcements.

Old Fashioned Mics

Microsoft Preps for RSA Conference with Multiple Security Product Announcements

The announcements included a few "general availability" announcements, product enhancements and some partner collaborations.

Microsoft's February Security Patches Bring Lots of Problems

Microsoft's February security updates came with plenty of technical bumps.

Study Finds IT Inadequacies in Key and Certificate Management

Mismanaged security certificates have resulted in "unplanned downtime and outages," per 73 percent of respondents in a recently published Ponemon Institute study, which polled IT security personnel.

Subscribe on YouTube

Upcoming Training Events