Security

Microsoft has announced the general availability of Azure Firewall Basic. The affordable SKU launched in preview in October 2022 to help small and medium-sized businesses (SMBs) protect their Azure cloud environments. Azure Firewall is a cloud-based solution that provides an additional layer of security to protect Azure Virtual Network resources from external and internal threats….

Microsoft has released patches to address a critical security flaw in Outlook for Windows. The company confirmed that a Russian hacking group exploited the NTLM vulnerability to target several European and military organizations in 2022. The zero-day flaw (CVE-2023-23397) was first reported discovered by Ukraine’s Computer Emergency Response Team (CERT-UA). It’s a privilege escalation vulnerability…

Microsoft has warned customers about Adversary-in-the-Middle (AiTM) phishing kit available for sale on a popular cybercrime forum. The software is designed to make it easier for attackers to deploy phishing campaigns to target enterprise accounts. According to the Microsoft Threat Intelligence team, this phishing kit is an open-source tool that is developed by a hacking…

Microsoft has introduced support for near real-time custom detections in its Microsoft 365 Defender solution. The new Continuous (NRT) feature enables customers to create custom detection rules that run in near real-time to block sophisticated attacks. Microsoft 365 Defender allows customers to create custom detection rules to monitor specific threats, activities, and misconfigured endpoints. These…

Microsoft’s owned GitHub has recently announced that it will soon require two-factor authentication (2FA) for developers who contribute code on the platform. Starting today, the company will begin rolling out the 2FA requirement to all software developers worldwide. GitHub first unveiled its plans to enroll all contributors in 2FA by the end of 2023. The…

Microsoft has warned that threat actors are increasingly using business email compromise campaigns to target enterprise customers. The company has found that it could be challenging for the victims to identify and mitigate the attacks on time. Business email compromise (BEC) is a type of cyberattack that lets hackers use phishing emails to request payments…

Intel releases 27 10th generation CPUs for desktop and mobile with Hardware Shield to improve remote worker security.

Microsoft has released an update that brings new premium capabilities for Microsoft Defender Vulnerability Management. The new security features provide comprehensive assessments to help IT admins track and mitigate security risks in their most critical assets. Microsoft Defender Vulnerability Management is a security tool that uses AI to detect, analyze, prioritize, and fix vulnerabilities in…

Microsoft introduced a new automatic attack disruption feature in its Microsoft 365 Defender solution at Ignite 2022. The company announced yesterday that the feature can now protect enterprise customers against business email compromise (BEC) campaigns. Automatic attack disruption leverages extended detection and response (XDR) technology to contain ongoing ransomware campaigns or other sophisticated attacks across…

Azure Virtual Desktop (AVD) is a Platform-as-a-Service (PaaS) to provide access to Windows 10 and Windows 11 desktops and applications virtually anywhere. It’s a solution hosted by Microsoft, which makes it secure by design, even though there is a lot of responsibility on the customer to ensure services are secure. In this article, I will…