Security Topic Page -- Redmondmag.com

Advanced Search

Security

News

Microsoft Commercially Releases Azure Attestation Service

Microsoft announced on Friday that its Azure Attestation service is now commercially released, or "generally available." 02/12/2021
News

CISA Outlines IT Precautions After Florida Water Facility Attack

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published advisory AA21-042A regarding the Feb. 5 electronic intrusion into a Florida water treatment facility by an unknown attacker. 02/12/2021
News

Microsoft Addressing Windows Netlogon Flaw by Turning on Enforcement Mode This Month

CISA issued a reminder on Wednesday that Microsoft is implementing a "domain controller enforcement" mode this month to address a "Critical"-rated Windows Netlogon vulnerability that was initially patched last August. 02/10/2021
News

Microsoft Addresses 56 Vulnerabilities in February Security Patch Bundle

The February patch tally includes 11 CVEs deemed "Critical," 43 CVEs considered "Important" and two CVEs assessed as "Moderate" in severity. 02/09/2021
Posey's Tips & Tricks

How To Safely Use a Hyper-V VM for Ransomware Testing

Ransomware is a lot more sophisticated now, attacking data on network drives and in the cloud. Before physically interacting with ransomware, take these precautions to stop anything outside the VM from getting infected. 02/09/2021
News

Microsoft April Security Patch Will Remove 'Legacy' Edge Browser

Microsoft this week explained that its non-Chromium-based Microsoft Edge browser (based on earlier EdgeHTML technology) will get removed when April "update Tuesday" security patches get applied to Windows 10 systems. 02/05/2021
News

Microsoft Rethinks Plans To Block Basic Authentication in Exchange Online

Microsoft on Thursday announced an update to its plans to end "Basic Authentication" when used with the Exchange Online e-mail service. 02/04/2021
News

Microsoft Outlines Azure AD Best Practices and Rolls Out Conditional Access and Sync Improvements

Microsoft recently announced some Azure Active Directory improvements, including conditional access policy management enhancements and synchronization service additions. 02/02/2021
News

Google and Microsoft ID Group Targeting Security Researchers

Security researchers are under attack from a group thought to be associated with North Korea, according to announcements this week by Google and Microsoft. 01/29/2021
News

Microsoft Releases Application Guard for Office, Plus Azure Security Center and Azure Defender for IoT Products

Microsoft this week described a few security products that have reached "general availability" (GA) or commercial-release status, while also touting its overall security-market position. 01/28/2021
News

Phishing Tops Concerns in Microsoft Study of Remote Work

Potential phishing attacks were a top concern of most IT security professionals when organizations switched to remote-work conditions early last year. 01/26/2021
News

Microsoft Goes Deep on 'Solorigate' Secondary Attack Methods

Microsoft on Wednesday published an analysis of the second-stage "Solorigate" attack methods used by an advanced persistent threat (APT) attack group. 01/20/2021
News

Malwarebytes Affirms Other APT Attack Methods Used Besides 'Solorigate'

Security solutions company Malwarebytes affirmed on Monday that alternative methods besides tainted SolarWinds Orion software were used in the recent "Solorigate" advanced persistent threat (APT) attacks. 01/19/2021
News

Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives. 01/15/2021
News

Microsoft Offers More 'Solorigate' Advice Using Microsoft 365 Defender Tools

Microsoft issued yet another article with advice on how to use its Microsoft 365 Defender suite of tools to protect against "Solorigate" advanced persistent threat types of attacks in a Thursday announcement. 01/14/2021
News

Windows Server Update Services Users Getting Proxy-Use Change This Month

Microsoft on Tuesday notified Windows Server Update Services (WSUS) users that it's no longer going to automatically support "user proxies" to get patches from Microsoft's content delivery networks (CDNs), starting with this month's cumulative update release. 01/13/2021
News

Microsoft Delivers Fixes for 83 Vulnerabilities in January Security Patch Bundle

Microsoft released its January security patch bundle on Tuesday, delivering fixes for 83 common vulnerabilities and exposures (CVEs). 01/12/2021
News

Microsoft Defender for Endpoint Gets Linux Server Forensics Capabilities

Microsoft Defender for Endpoint now has an endpoint detection and response (EDR) capability for use with Linux servers that's deemed ready for use in production environments, Microsoft indicated on Monday. 01/11/2021
Security Q&A: A (Very Slight) Upside to Solorigate and Top Blue Team Attack Tools

Security expert Sergey Chubarov on the current security landscape and how the SolarWinds attack can change cybersecurity for the better. 01/11/2021
News

CISA Points to APT Attack Methods Besides 'Solorigate' that Affected Microsoft 365, Azure Services

An advanced persistent threat actor associated with the SolarWinds Orion attacks used their ability to create credentials to compromise a victim's Microsoft 365 and Azure services, but they didn't always tap the so-called "Solorigate" vulnerability to do so. 01/08/2021
News

U.S. National Security Agency Offers Advice on Blocking Obsolete TLS

The U.S. National Security Agency this month published an advisory on detecting and blocking old and insecure Transport Layer Security (TLS) protocol use by organizations. 01/08/2021
News

Office 365 Attack Simulation Training Capability Now Commercially Available

Microsoft this week announced the commercial release of a feature that simulates phishing attacks, which is now available to certain subscribers to the Microsoft Defender for Office 365 service. 01/07/2021
News

Microsoft Activating One-Time Passcode Feature in March for Azure Users

Microsoft is planning to turn on a one-time passcode feature in March that will grant temporary network access to business collaborators for organizations that use the Azure Active Directory B2B service. 01/05/2021
News

Microsoft Offers Security Advice After 'Solorigate' Attacks

Microsoft described security measures for IT pros to consider in the wake of the SolarWinds Orion-based software attack. 01/05/2021
Posey's Tips & Tricks

Revisiting My Tech Predictions for 2020

To be fair, who could have predicted any of this? 12/21/2020

« previous
1
2
3
4
5
6
7
8
9
10
next »

Office 365 Watch

Sign up for our newsletter.

Email Address*Country*

Please type the letters/numbers you see above.

Microsoft Releases Safe Links for Teams and Other Security Solutions

Microsoft Clarifies Its 'PrintNightmare' Patch Advice

Microsoft Issues Security Advisory on 'SeriousSAM' Elevation of Privilege Flaw in Windows Client Systems

Microsoft Outlines Windows Server 2022 Coming Features and Editions

So You Need To Move Off SQL Server 2016

Free Whitepapers

More Tech Library

Free Webcasts