Security researchers are seeing the appearance of LockFile ransomware deployments after attackers gained access to Exchange Server via a so-called "ProxyShell" vulnerability.
Microsoft explained "PetitPotam" NTLM relay attacks in a Wednesday announcement, while also suggesting that its Microsoft Defender for Identity product was capable of identifying such attack attempts.
Security researchers last week described ransomware perpetrators incorporating Windows "PrintNightmare" exploits in their attacks.
Recent scanning for a "Critical" remote code execution vulnerability (CVE-2021-34473) in Exchange Server, dubbed "ProxyShell," has been detected by security researchers.
Microsoft on Wednesday published a "Security Update Guide" notice on another Windows print spooler vulnerability, namely CVE-2021-36958.
Microsoft on Tuesday announced the release of a "standalone" servicing stack update (SSU) for Windows 10 systems to address a patching problem that had affected some organizations trying to apply a June security update.
Microsoft released August security updates to address 44 common vulnerabilities and exposures (CVEs) in various Microsoft software products.
Microsoft is previewing early detection capabilities for spotting ransomware campaigns using its Azure Sentinel security information event management (SIEM) solution.
Ivanti on Monday announced the acquisition of risk assessment solutions company RiskSense with the aim of enhancing the Ivanti Neurons for Patch Intelligence product.
IT pros were most worried about possible increases in cybersecurity attacks with the shift toward remote work in 2020, according to a survey conducted by Netwrix.
Microsoft has announced the general availability of the Premium edition of Azure Firewall, its managed, cloud-based network security service.
- By John K. Waters
- 07/29/2021
Microsoft is continuing to advance its cloud-based security services with a couple of previews announced this week, plus a product release.
Kaseya announced this week that it is using a "universal decryptor key" for customers that were affected by a REvil ransomware attack reported on July 2.
Microsoft on Tuesday issued a security advisory about an elevation-of-privilege vulnerability (CVE-2021-36934) present in Windows 10 client operating systems.
Microsoft on Wednesday announced the acquisition of CloudKnox Security, a maker of "cloud infrastructure entitlement management" solutions for organizations using various cloud services.
The Biden administration released a statement on Monday naming the People's Republic of China as responsible for widespread cyberattacks that notably targeted Exchange Server users.
Microsoft is investigating a new vulnerability in the Windows print spooler service and is recommending that IT pros disable it, if possible, as an interim measure, although doing so eliminates the ability to print.
The July security patch tally seems like a rerun of the hefty bundles that were seen last year.
Microsoft announced on Monday that it is acquiring RiskIQ, a San Francisco-based provider of software-as-a-service security solutions for organizations.
Microsoft on Thursday issued "clarified guidance" for organizations addressing a zero-day Windows printer spooler vulnerability dubbed "PrintNightmare."