Security


Microsoft Offering New Defender Vulnerability Management Standalone Product

Microsoft this week announced multiple improvements across its enterprise-grade security products.

Microsoft August Patch Tuesday: 1 Zero-Day Security Flaw Addressed

In the wake of last month's massive security update, Microsoft has released a smaller number of fixes for August.

Microsoft Edge for Business Arriving this Month for Entra ID Users

Microsoft Edge for Business will be arriving during the week of Aug. 17, Microsoft announced on Friday.

Microsoft Declares Power Platform Flaw, Found by Tenable, To Be Fixed

Microsoft on Friday announced that it had fixed security issues with "Power Platform Custom Connectors using Custom Code" that had been identified by security solutions firm Tenable back in March 2023.

CISA Outlines 3-Year Plan To Address Cybersecurity Issues

The U.S. Cybersecurity and Infrastructure Security Agency on Friday announced the publication of its "Strategic Plan" for the next three years.

Microsoft Switching Windows 11 to the Azure Attestation Service This Month

Microsoft gave public notice this week that boot attestation reporting for Windows 11 clients is getting switched to the Microsoft Azure Attestation service, "starting in mid-August 2023."

Microsoft Criticized for 'Grossly Irresponsible' Security Practices

Tenable CEO Amit Yoran argues that Microsoft's handling of security vulnerabilities is far from adequate in keeping the public safe.

Microsoft Targets TLS 1.0 and TLS 1.1 Disablement in Windows

Microsoft on Tuesday announced plans to disable the use of the Transport Layer Security 1.0 and TLS 1.1 security protocols in Windows.

White House Initiative Aims To Boost Cyber Employment

The Biden-Harris administration on Monday announced a new National Cyber Workforce and Education Strategy.

Microsoft Previews Strict Location Enforcement To Thwart Stolen Token Access

Microsoft on Friday announced a preview of a continuous access evaluation setting for the Entra ID Conditional Access service that will let organizations strictly enforce location polices for network access.

Microsoft Defender Vulnerability Management Now Includes Firmware Security Advisories

Microsoft announced on Wednesday that firmware security advisories are now available within the Microsoft Defender Vulnerability Management service.

Microsoft Defender for IoT Gets Firmware Analysis Preview

Microsoft Defender for IoT now has a firmware analysis capability that's at the preview stage, per a Microsoft announcement this week.

Microsoft Concurs with CISA, Expands Audit Capabilities in Purview Product

Microsoft last week announced that it is expanding some baseline security aspects for its cloud-based services in response to "nation-state cyberthreats" as part of a communication with the U.S. government's Cybersecurity and Infrastructure Security Agency.

Veeam Software and Rubrik Announce Integration with Microsoft 365 Backup

Microsoft partners Rubrik and Veeam Software announced during this week's Microsoft Inspire conference that their solutions now have integrations with Microsoft 365 Backup.

Strategies for Using Microsoft's Attack Simulation Training

Make sure your organizational phishing test doesn't fail before getting in the hands of end users.

Microsoft Adds Two New Entra Products, Renames Entra Azure Active Directory

Microsoft on Tuesday announced an expansion of its Microsoft Entra identity and access management product line, and also indicated that it is ending its Entra Azure Active Directory product name.

Speed Logo

Microsoft Scorches 132 Flaws in July's Security Patch

In a massive security update, Microsoft has released 130 new patches for July, targeting many critical vulnerabilities across its products and services, including Windows, Office, .NET, Visual Studio, Azure Active Directory, Microsoft Dynamics, and more.

Microsoft and Rubrik Partner for AI-Powered Enterprise Security Recovery

Security vendor Rubrik announced on Wednesday a team up with Microsoft to bring its Security Cloud to Microsoft Sentinel and Azure OpenAI Service.

Microsoft Advises App Developers About 'nOAuth' Attack Route

Microsoft this week addressed findings by security researchers at Descope, who reported a "nOAuth" attack route that's present in some applications leveraging the Azure Active Directory service.

Azure Firewall Gets Easier Product Upgrades and Structured Logs

Microsoft this week announced a couple of Azure Firewall improvements.

Subscribe on YouTube