Microsoft
March 2023 Patch Tuesday forecast: It’s not about luck
Every month I touch on a few hot topics related to security around patching and some important updates to look out for on the upcoming Patch Tuesday. Diligence to this ongoing …
Microsoft and MITRE developed a tool to prepare security teams for attacks on ML systems
A new plug-in, created by Microsoft and MITRE, integrates various open-source software tools to aid cybersecurity professionals in bolstering their defenses against attacks on …
BlackLotus UEFI bootkit disables Windows security mechanisms
ESET researchers have published the first analysis of a UEFI bootkit capable of circumventing UEFI Secure Boot, a critical platform security feature. The functionality of the …
Contrast Security adds Microsoft Azure Functions support to evaluate serverless risks
Contrast Security expands Contrast Serverless Application Security offering to support Microsoft Azure Functions and enable customers to scan for security vulnerabilities on …
Microsoft announces automatic BEC, ransomware attack disruption capabilities
Last year, Microsoft announced automatic attack disruption capabilities in Microsoft 365 Defender, its enterprise defense suite. On Wednesday, it announced that these …
Microsoft patches three exploited zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823)
The February 2023 Patch Tuesday is upon us, with Microsoft releasing patches for 75 CVE-numbered vulnerabilities, including three actively exploited zero-day flaws …
February 2023 Patch Tuesday forecast: A Valentine’s date
Patch Tuesday falls on Valentine’s Day this year but will it be a special date? While there have been ongoing cyber-attacks of all kinds, it has been relatively quiet on the …
SentryBay protects business data at the endpoint with Armored Client for AVD & W365
SentryBay adds to its family of Armored Client products with a solution specifically designed to address the client-side security gaps of Microsoft Azure Virtual Desktop and …
Attackers used malicious “verified” OAuth apps to infiltrate organizations’ O365 email accounts
Malicious third-party OAuth apps with an evident “Publisher identity verified” badge have been used by unknown attackers to target organizations in the UK and …
TD SYNNEX SMB Fraud Defense Click-to-Run reduces risks within cloud environments
TD SYNNEX has launched a new fraud defense solution, SMB Fraud Defense Click-to-Run, integrating Microsoft Azure services for small and medium business (SMB) customers during …
Google ads increasingly pointing to malware
The FBI has recently warned the public about search engine ads pushing malware diguised as legitimate software – an old tactic that has lately resulted in too many …
Cloudflare and Microsoft expand partnership to strengthen zero trust security
Cloudflare has expanded its relationship with Microsoft to help customers easily deploy, automate, and enhance their organization’s zero trust security. Working from anywhere …