Microsoft
Microsoft NTLM vulnerabilities could lead to full domain compromise
Preempt researchers have discovered two vulnerabilities that may allow attackers to bypass a number of protections and mitigations against NTLM relay attacks and, in some …
October 2019 Patch Tuesday: A small batch of updates from Microsoft, none from Adobe
As predicted by Ivanti’s Chris Goettl, October 2019 Patch Tuesday came with a relatively small number of Microsoft updates and, curiously enough, with no security …
Microsoft: Any form of MFA takes users out of reach of most attacks
The apparent ease with which SIM hijacking attacks are being perpetrated to get the targets’ second authentication factor for crucial accounts (online banking, …
October 2019 Patch Tuesday forecast: Be sure to apply service stack updates
School is back in session across most of the world, and here in the United States most students look forward to a school holiday called ‘fall break.’ While we never have a …
Microsoft drops emergency Internet Explorer fix for actively exploited zero-day
Microsoft has unexpectedly released out-of-band security updates to fix vulnerabilities in Internet Explorer and Microsoft Defender. The IE zero-day bug is deemed …
How organizations view and manage cyber risk
Amid a wider range of issues to handle, a majority of board members and senior executives responsible for their organization’s cyber risk management had less than a day in the …
A bug made some Windows Defender antivirus scans fail
Microsoft has released a fix for a bug that made its Windows Defender Antivirus fail after a few seconds when users opted for a Quick or Full scan of the system. Users are …
More than 4M customer systems worldwide now automated by Red Hat Ansible Automation
Red Hat, the world’s leading provider of open source solutions, announced that more than four million customer systems worldwide are now automated by Red Hat Ansible …
September 2019 Patch Tuesday: Microsoft plugs two actively exploited zero-days
For the September 2019 Patch Tuesday, Microsoft delivered fixes for 80 CVE-numbered security issues (including to actively exploited zero-days), Adobe fixed flaws in Flash …
Office 365 security: Automated incident response based on playbooks
Five months after introducing Automated Incident Response in Office 365 ATP, Microsoft has announced it’s making it more widely available. Customers who have opted for …
September 2019 Patch Tuesday forecast: Microsoft security update will be complete
Microsoft began an aggressive six-month campaign in March of this year to switch the digital signature on all operating system and product updates from using Secure Hash …
What can be done about the rising click interception threat?
Ad networks’ increasingly successful efforts to detect bot-based ad click fraud has forced attackers to focus more on intercepting and redirecting legitimate users’ …