Security Topic Page -- Redmondmag.com

Advanced Search

Security

News

CISA Points to APT Attack Methods Besides 'Solorigate' that Affected Microsoft 365, Azure Services

An advanced persistent threat actor associated with the SolarWinds Orion attacks used their ability to create credentials to compromise a victim's Microsoft 365 and Azure services, but they didn't always tap the so-called "Solorigate" vulnerability to do so. 01/08/2021
News

U.S. National Security Agency Offers Advice on Blocking Obsolete TLS

The U.S. National Security Agency this month published an advisory on detecting and blocking old and insecure Transport Layer Security (TLS) protocol use by organizations. 01/08/2021
News

Office 365 Attack Simulation Training Capability Now Commercially Available

Microsoft this week announced the commercial release of a feature that simulates phishing attacks, which is now available to certain subscribers to the Microsoft Defender for Office 365 service. 01/07/2021
News

Microsoft Activating One-Time Passcode Feature in March for Azure Users

Microsoft is planning to turn on a one-time passcode feature in March that will grant temporary network access to business collaborators for organizations that use the Azure Active Directory B2B service. 01/05/2021
News

Microsoft Offers Security Advice After 'Solorigate' Attacks

Microsoft described security measures for IT pros to consider in the wake of the SolarWinds Orion-based software attack. 01/05/2021
Posey's Tips & Tricks

Revisiting My Tech Predictions for 2020

To be fair, who could have predicted any of this? 12/21/2020
News

Microsoft Previews Password Storage via the Microsoft Authenticator App

Microsoft this week announced a preview of a user name and password autofill capability in the Microsoft Authenticator app. 12/16/2020
News

Emergency Directive Issued on SolarWinds Orion Software Compromise by Nation-State Actors

The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive this week for federal agencies using SolarWinds Orion management software, which has been compromised in a sophisticated attack. 12/14/2020
News

Microsoft Addresses 58 Vulnerabilities in December Patch Bundle

Microsoft on Tuesday released its December security bundle of software fixes, consisting of just 58 patches, according to the counts of security researchers. 12/08/2020
News

Microsoft Promises Greater PC Security with Coming Pluton Processors

Microsoft has introduced Pluton, a security solution aiming to make the current root of trust between the central processing unit and the trusted platform module in devices more resistant to physical tampering. 11/17/2020
News

Microsoft Extended Security Update Program Approaches Year 2

Microsoft this week announced that the Windows 7 and Windows Server 2008 Extended Security Update (ESU) program is approaching Year 2. 11/13/2020
News

Microsoft Endpoint Data Loss Protection Now Commercially Released

The Microsoft Endpoint Data Loss Prevention service, used to protect data accessed on devices, reached "general availability" commercial-release status, Microsoft announced this week. 11/12/2020
News

Microsoft's November Security Bundle Addresses 112 Vulnerabilities

Microsoft released its November bundle of security patches on Tuesday, addressing 112 common vulnerabilities and exposures (CVEs). 11/10/2020
News

Microsoft Launches Revamped Security Update Guide

Microsoft on Monday described the format of its newly improved "Security Update Guide," which is used to see monthly security patch details. 11/09/2020
News

Microsoft Changes Privacy Platform Name to SmartNoise

Microsoft Research has changed the name of its "differential privacy" platform from "WhiteNoise" to "SmartNoise," according to a Wednesday announcement. 10/28/2020
Office 365 Security Summit: Source Documents

During our Office 365 Security Virtual Summit today, Howard M. Cohen and I ran a joint session about recent Office 365 security incidents and reports in the news. 10/23/2020
News

Microsoft and Partners Continue To Block Trickbot To Protect Elections

Microsoft on Tuesday provided an update about its efforts, along with partners, to take down the Trickbot criminal network, which uses servers and devices to spread ransomware. 10/21/2020
News

Microsoft Issues Out-of-Band Security Patches for the Window Codec Library and Visual Studio Code

Microsoft issued two "out-of-band" security updates late last week. 10/19/2020
News

Microsoft Publishes Documents on Implementing Zero-Trust Networks

Microsoft this week described the launch of a so-called "Zero Trust Deployment Center," which essentially is a Web page landing point for accessing Microsoft documents on its zero-trust security approach. 10/16/2020
News

Microsoft Addressing 87 Vulnerabilities in October Security Patch Bundle

Microsoft's October bundle of security patches, released on Tuesday, brings fixes for just 87 common vulnerabilities and exposures (CVEs) across Windows, Office, SharePoint and many other software products. 10/13/2020
News

Microsoft Used Its Patents To Take Down Trickbot Network

Microsoft described its years-long effort working with the courts, software security firms and telcos to eliminate the Trickbot criminal network. 10/13/2020
News

Microsoft Previews Continuous Access Evaluation for Azure AD Conditional Access Users

A preview of Microsoft's Continuous Access Evaluation (CAE) security solution is now available for Azure Active Directory users that have configured Conditional Access policies, Microsoft announced on Friday. 10/12/2020
News

Conditional Access for Office 365 Apps Now Commercially Released

Azure Active Directory Conditional Access support for the Office 365 suite of applications is now at the "general availability" commercial-release stage, Microsoft announced on Thursday. 10/08/2020
News

Microsoft Turning on Azure Active Directory Publisher Verification Next Month

Microsoft plans to turn on a new Azure Active Directory "Publisher Verification" security feature that will block end user consent to unverified app publishers starting next month. 10/07/2020
News

Microsoft Rang Up Over $370K in Azure Sphere Bug Bounties

Microsoft has shelled out $374,300 in security bounties as part of its Azure Sphere Security Research Challenge, the company said this week. 10/06/2020

Office 365 Watch

Sign up for our newsletter.

Email Address*Country*

Please type the letters/numbers you see above.

Windows Update for Business Deployment Service Will Apply Safeguard Holds Automatically for Suspect Patches

Microsoft Unveils Alternative to Mitre's Documentation of Azure Attack Methods

Microsoft Add Windows 10 Universal Print Capabilities

Microsoft Releases New Microsoft Defender Security Services, Plus Microsoft Sentinel Solution for SAP

Microsoft 2013 Branded Servers To Reach End of Support Next Year

Free Whitepapers

More Tech Library

Free Webcasts