The Open Source Security Foundation (OpenSSF) announced on Wednesday that it has adopted the Secure Supply Chain Consumption Framework (S2C2F) for ensuring the secure use of open source software (OSS) by developers.
Microsoft indicated last week that it'll be bringing a SANS Institute training series to Microsoft 365 Defender for Office 365 users of its Attack Simulation Training service.
Microsoft has chimed in on the highly visible OpenSSL security risks that emerged last week, and advises users start applying fixes based on OpenSSL's recent patches.
Microsoft on Wednesday announced a preview of Azure Active Directory Certificate-Based Authentication (CBA) support for Android and iOS devices using hardware security keys.
Microsoft has provided the tools for you to ditch the outdated and unsecure log in tech. It's up to you to actually take advantage of it.
- By Joey D'Antoni
- 10/28/2022
Microsoft said that a cybercriminal group has deployed Clop encryption malware on those previously affected by the Raspberry Robin worm.
The Microsoft Authenticator app now has a number-matching security feature at the "general availability" (GA) commercial release stage, Microsoft announced on Tuesday.
Microsoft this week announced a preview of "Authentication Strength," a new control for organizations using the Azure Active Directory Conditional Access service.
The Authenticate 2022 keynote talk highlighted passwordless efforts by the FIDO Alliance and called for increased multifactor authentication transparency by industry sectors.
Microsoft on Wednesday confirmed that a misconfiguration with a Microsoft server endpoint has potentially exposed some customer data, including personal information and emails.
Despite a smaller floor presence, Microsoft jumped out of the gate with some big announcements for IT and database managers.
- By Joey D'Antoni
- 10/12/2022
A lot of products were announced at the "general availability" (GA) commercial-release stage during this week's Microsoft Ignite event, which kicked off on Wednesday.
This month's Microsoft monthly security update, which comes packed with 85 flaw fixes, is notable for what's not included – a fix for last month's publicly disclosed Exchange vulnerabilities, known as "NotProxyShell."
Microsoft this week announced the ability to manage Android Open Source Project (AOSP) devices via Microsoft Intune, which is available as a "premium" add-on to Microsoft Endpoint Manager (MEM) subscribers.
Microsoft this week announced that a new Identity Theft Monitoring service is available to U.S. subscribers to the Microsoft 365 Personal or Microsoft 365 Family editions.
Exchange Server products are potential subject two newly disclosed "zero-day" vulnerabilities that are under exploit, Microsoft acknowledged, in a Thursday announcement.
Microsoft is urging organizations using the Microsoft Authenticator app to activate additional security functionality to protect against possible "multifactor authentication fatigue attacks," according to a Wednesday announcement.
Microsoft offered more details this week about its enhanced phishing protection technology that kicked off with the newly released Windows 11 version 22H2.
Microsoft has released its September bundle of security patches, addressing about 64 common vulnerabilities and exposures (CVEs).
To truly protect your data from attackers, take some time to follow these additional safeguards.