-
News
An advanced persistent threat actor associated with the SolarWinds Orion attacks used their ability to create credentials to compromise a victim's Microsoft 365 and Azure services, but they didn't always tap the so-called "Solorigate" vulnerability to do so.
01/08/2021
-
News
The U.S. National Security Agency this month published an advisory on detecting and blocking old and insecure Transport Layer Security (TLS) protocol use by organizations.
01/08/2021
-
News
Microsoft this week announced the commercial release of a feature that simulates phishing attacks, which is now available to certain subscribers to the Microsoft Defender for Office 365 service.
01/07/2021
-
News
Microsoft is planning to turn on a one-time passcode feature in March that will grant temporary network access to business collaborators for organizations that use the Azure Active Directory B2B service.
01/05/2021
-
News
Microsoft described security measures for IT pros to consider in the wake of the SolarWinds Orion-based software attack.
01/05/2021
-
Posey's Tips & Tricks
To be fair, who could have predicted any of this?
12/21/2020
-
News
Microsoft this week announced a preview of a user name and password autofill capability in the Microsoft Authenticator app.
12/16/2020
-
News
The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive this week for federal agencies using SolarWinds Orion management software, which has been compromised in a sophisticated attack.
12/14/2020
-
News
Microsoft on Tuesday released its December security bundle of software fixes, consisting of just 58 patches, according to the counts of security researchers.
12/08/2020
-
News
Microsoft has introduced Pluton, a security solution aiming to make the current root of trust between the central processing unit and the trusted platform module in devices more resistant to physical tampering.
11/17/2020
-
News
Microsoft this week announced that the Windows 7 and Windows Server 2008 Extended Security Update (ESU) program is approaching Year 2.
11/13/2020
-
News
The Microsoft Endpoint Data Loss Prevention service, used to protect data accessed on devices, reached "general availability" commercial-release status, Microsoft announced this week.
11/12/2020
-
News
Microsoft released its November bundle of security patches on Tuesday, addressing 112 common vulnerabilities and exposures (CVEs).
11/10/2020
-
News
Microsoft on Monday described the format of its newly improved "Security Update Guide," which is used to see monthly security patch details.
11/09/2020
-
News
Microsoft Research has changed the name of its "differential privacy" platform from "WhiteNoise" to "SmartNoise," according to a Wednesday announcement.
10/28/2020
-
During our Office 365 Security Virtual Summit today, Howard M. Cohen and I ran a joint session about recent Office 365 security incidents and reports in the news.
10/23/2020
-
News
Microsoft on Tuesday provided an update about its efforts, along with partners, to take down the Trickbot criminal network, which uses servers and devices to spread ransomware.
10/21/2020
-
News
Microsoft issued two "out-of-band" security updates late last week.
10/19/2020
-
News
Microsoft this week described the launch of a so-called "Zero Trust Deployment Center," which essentially is a Web page landing point for accessing Microsoft documents on its zero-trust security approach.
10/16/2020
-
News
Microsoft's October bundle of security patches, released on Tuesday, brings fixes for just 87 common vulnerabilities and exposures (CVEs) across Windows, Office, SharePoint and many other software products.
10/13/2020
-
News
Microsoft described its years-long effort working with the courts, software security firms and telcos to eliminate the Trickbot criminal network.
10/13/2020
-
News
A preview of Microsoft's Continuous Access Evaluation (CAE) security solution is now available for Azure Active Directory users that have configured Conditional Access policies, Microsoft announced on Friday.
10/12/2020
-
News
Azure Active Directory Conditional Access support for the Office 365 suite of applications is now at the "general availability" commercial-release stage, Microsoft announced on Thursday.
10/08/2020
-
News
Microsoft plans to turn on a new Azure Active Directory "Publisher Verification" security feature that will block end user consent to unverified app publishers starting next month.
10/07/2020
-
News
Microsoft has shelled out $374,300 in security bounties as part of its Azure Sphere Security Research Challenge, the company said this week.
10/06/2020