Microsoft
Microsoft advises users to stop using SMS- and voice-based MFA
Multi-factor authentication (MFA) that depends on one of the authentication factors being delivered via SMS and voice calls should be avoided, Alex Weinert, Director of …
Encryption-based threats grow by 260% in 2020
New Zscaler threat research reveals the emerging techniques and impacted industries behind a 260-percent spike in attacks using encrypted channels to bypass legacy security …
November 2020 Patch Tuesday: Microsoft fixes actively exploited Windows Kernel flaw
On this November 2020 Patch Tuesday: Microsoft has plugged 112 security holes, including an actively exploited one Adobe has delivered security updates for Adobe Reader Mobile …
November 2020 Patch Tuesday forecast: Significant OS changes ahead
November Patch Tuesday and the end-of-year holidays are rapidly approaching. Microsoft gave us a late release or maybe an early gift depending upon how you look at the new …
In Q2 2020, there was an average of 419 new threats per minute
McAfee released a report examining cybercriminal activity related to malware and the evolution of cyber threats in Q2 2020. During this period, there was an average of 419 new …
Google discloses actively exploited Windows zero-day (CVE-2020-17087)
Google researchers have made public a Windows kernel zero day vulnerability (CVE-2020-17087) that is being exploited in the wild in tandem with a Google Chrome flaw …
A new threat matrix outlines attacks against machine learning systems
A report published last year has noted that most attacks against artificial intelligence (AI) systems are focused on manipulating them (e.g., influencing recommendation …
Attackers finding new ways to exploit and bypass Office 365 defenses
Over the six-month period from March to August 2020, over 925,000 malicious emails managed to bypass Office 365 defenses and well-known secure email gateways (SEGs), an Area 1 …
25 vulnerabilities exploited by Chinese state-sponsored hackers
The US Cybersecurity and Infrastructure Security Agency (CISA) has released a list of 25 vulnerabilities Chinese state-sponsored hackers have been recently scanning for or …
Preventing cybersecurity’s perfect storm
Zerologon might have been cybersecurity’s perfect storm: that moment when multiple conditions collide to create a devastating disaster. Thanks to Secura and …
eSentire launches automated detection and response solution for Microsoft Security products
eSentire unveiled eSentire Cloud Automation Security Assistant (CASA), the company’s automated detection and response solution for Microsoft Security products. With CASA, …
Critical infrastructure and industrial orgs can test Azure Defender for IoT for free
Azure Defender for IoT – Microsoft’s new security solution for discovering unmanaged IoT/OT assets and IoT/OT vulnerabilities – is now in public preview and …
Featured news
Resources
Don't miss
- Unpatched Windows Server vulnerability allows full domain compromise
- Signal blocks Microsoft Recall from screenshotting conversations
- The hidden gaps in your asset inventory, and how to close them
- CTM360 report: Ransomware exploits trust more than tech
- Lumma Stealer Malware-as-a-Service operation disrupted