Security Topic Page -- Redmondmag.com

Security

Google To Distrust 30k HTTPS Certs in Chrome Issued by Symantec

Google has admonished Symantec, accusing the large CA provider of improperly issuing 30,000 Extended Validation (EV) certificates and will distrust the SSL/TLS certs in Chrome browsers, impacting numerous HTTPS Web sites. 03/24/2017
News

Hybrid Exchange PowerShell Tool Now Has Multifactor Authentication

IT pros managing Exchange Server and Exchange Online accounts via remote PowerShell now have the ability to protect those sessions with multifactor authentication. 03/17/2017
AirWatch Upgrade Extends Windows 10 Management and Endpoint Security

VMware's has rolled out the first major update to the AirWatch component of its new Workspace One digital workspace platform. 03/17/2017
Okta IPO Will Measure Growth of Identity-as a-Service Market

Undeterred by the growth of Microsoft's Azure Active Directory, Okta files IPO. 03/15/2017
News

Microsoft Resumes Security Updates with 'Largest' Patch Tuesday Release

Microsoft resumed its monthly security update releases on Tuesday following a rare deferral last month. 03/14/2017
Posey's Tips & Tricks

Is Social Engineering the New Alternative to Ransomware?

As we increase our defenses against ransomware, attackers are shifting their scamming methods. 03/14/2017
News

Microsoft Previews Azure Active Directory Limited Access for SharePoint and OneDrive

Microsoft today announced a preview of a new Azure Active Directory management option that's designed to thwart "data leakage" scenarios. 03/09/2017
In-Depth

Prevent Data Leakage with Windows Information Protection

Windows Information Protection is among many new security features introduced in last year’s Windows 10 Anniversary Update release, bringing data loss prevention to the OS. 03/07/2017
Howard Schmidt's Legacy Shaped Cybersecurity Policy and Trustworthy Computing

The cybersecurity industry mourns the death of Howard Schmidt, a onetime Microsoft CSO who helped create the company's Trustworthy Computing initiative and was the nation's first cybersecurity czar. 03/06/2017
News

Microsoft Rolls Out Premium Assurance Plans for Windows Server and SQL Server

Microsoft this month started selling "Premium Assurance" coverage plans for both Windows Server and SQL Server. 03/02/2017
News

Google and Dutch Researchers Demonstrate Broken SHA-1 Web Security

Google this week announced that Shell Hashing Algorithm-1 (SHA-1) has been broken. 02/24/2017
News

Microsoft Releases Adobe Flash Player Security Updates

In a surprise move, Microsoft on Tuesday released security updates to the Adobe Flash Player that's integrated with Windows systems. 02/21/2017
Posey's Tips & Tricks

Microsoft Improves Office 365 Protection Against Phishing Attacks (for Some)

While the new capabilities to protect Office 365 users from malicious e-mails are welcome, they're only available for those who are paying for the more expensive subscription model. 02/21/2017
Most Organizations Still Lack Adequate Identity Management Controls

Only 17 percent of those responding to a Forrester survey said that they have implemented a mature approach to identity and access management. 02/17/2017
Posey's Tips & Tricks

How To Deal with a DNS Poisoning Attack

When antimalware software isn't up to the challenge, it's time to take care of the problem manually. 02/17/2017
News

Delayed Microsoft Security Updates Now Planned for March Arrival

Microsoft quietly updated a Feb. 14 announcement explaining the delay of its February security updates to state that the updates will now be arriving on March 14, or the next "update Tuesday." 02/16/2017
Microsoft: Proposed 'Digital Geneva Convention' Must Neutralize Nation-State Cyberattacks

Microsoft President Brad Smith called for the creation of a neutral collective effort that would bring the tech sector and international governments together to respond to nation-state cyberattacks. 02/15/2017
News

Microsoft Defers February Security Updates

Microsoft has delayed its "patch Tuesday" security update release that was expected to arrive today. 02/14/2017
News

Microsoft Launches Office 365 Secure Score

Microsoft has announced that Office 365 Secure Score API, the company's security analytics tool aimed at evaluating data risk levels in the cloud service, is now available for commercial Office 365 users. 02/13/2017
News

Microsoft Outlines Coming Windows 10 Security Improvements

Microsoft announced some Windows 10 security improvements and milestones today in advance of the RSA security conference, taking place next week. 02/10/2017
Microsoft Begins Rollout of Integrated EMS Console

Amid growth of Microsoft's Enterprise Mobility + Security service, the company has revamped the administrative experience into a single console to set both identity and mobile device policies, aiming to provide more flexibility such as conditional access. 02/10/2017
News

Users of Azure Site Caching Service Get HTTPS Custom Domain Support

Verizon, an Azure Content Delivery Network (CDN) service partner with Microsoft, now provides HTTPS support for custom domains, Microsoft announced this week. 02/09/2017
News

Microsoft Previews Azure Active Directory Policy Server Extension

Microsoft announced a public preview today of a new Azure Active Directory capability that could simplify identity and access networking issues for some organizations. 02/06/2017
News

US-CERT Gives Notice of SMB Security Flaw in Windows Systems

The U.S. Computer Emergency Readiness Team (US-CERT) published a vulnerability warning this week about a zero-day security exploit involving the Server Message Block (SMB) protocol in Windows systems. 02/03/2017
Posey's Tips & Tricks

How To Alter the Edge Browser's Ability To Access a Site

Here's how I fixed an issue when malware took down Edge's ability to connect to Google. 01/31/2017