More than two thirds of enterprises experienced at least one ransomware incident last year, according to security vender Veeam.
This week Microsoft released a warning that it's seeing an increased number of phishing attempts aimed at web3 -- a term used to describe the decentralized environment created on the blockchain.
Microsoft on Monday announced the availability of Azure Active Directory certificate-based authentication at the public preview stage.
The time is ripe for organizations to implement "phishing-resistant multifactor authentication" via FIDO standards, says advocate Andrew Shikiar.
The Microsoft 365 Defender portal now supports some lagging Microsoft Defender for Identity capabilities that have reached the "general availability" (GA) commercial-release stage, Microsoft announced this week.
Microsoft released February security patches on Tuesday, addressing perhaps around 50 or so common vulnerabilities and exposures (CVEs).
Microsoft reiterated on Friday that a flaw in an application installer component used with its MSIX app packager has been abused by malware, and temporary measures should be followed until there's a fix.
Microsoft announced on Monday that it will be bringing a new default for Windows Office users that is said to "block Internet macros by default."
The new security benefits will be much appreciated for us who live in Microsoft's communication platform more and more these days.
Microsoft explained last week that it is seeing multiphase phishing attacks getting tried that could be successful against organizations that haven't implemented multifactor authentication (MFA).
Exchange Online users soon will be getting some security enhancements that will enforce the use of Transport Layer Security (TLS) encryption for e-mails and ward off so-called "man-in-the-middle" attacks.
Microsoft announced on Wednesday that it's now possible to use Microsoft Sentinel to continuously monitor GitHub developer repositories for possible adverse activities.
A recent security report found that the threat of ransomware attacks aimed at organizations resulting in critical operational technology (OT) information being leaked is on the rise.
Take a look back at the best columns from our experts that broke down some of the bigger Microsoft stories and provided invaluable IT tips and advice.
- By Redmondmag.com Editors
- 12/28/2021
Let's take a look back and see how I did with my tech predictions made 12 months ago.
Even during a year where Microsoft dropped a new OS, security issues, highlighted by the "PrintNightmare" spooler vulnerability, dominated the conversation.
- By Redmondmag.com Editors
- 12/21/2021
Let's take a look back at our year of vulnerability exposures, reactionary patches and losing sleep over what security hole would emerge tomorrow.
- By Redmondmag.com Editors
- 12/20/2021
Microsoft added a preview solution in Microsoft Sentinel that helps IT pros find signs of Log4j exploits, according to a Thursday announcement and Twitter post.
CrowdStrike on Thursday presented advice for organizations attempting to address a security vulnerability in the Log4j Java logging framework used in Apache Web servers, currently undergoing widespread exploitation.
Log4j, a widely used open-source Java logging library, has a critical-remote code execution (RCE) vulnerability that is currently being leveraged in malicious attacks.
- By John K. Waters, Kurt Mackie
- 12/15/2021