Security

We’ve come a long way since those days and have seen technology evolve to support data stored in business cloud platforms such as Microsoft 365. In recent years, the digital revolution has made data more portable and more accessible, but crucially it has also made that data more vulnerable in many ways. Fortunately, if your organization…

VMware has warned about a large-scale global ransomware campaign that is currently targeting vulnerable VMware ESXi servers worldwide. The hypervisor maker disclosed that threat actors are exploiting a two-year old vulnerability in its ESXi hypervisor and components to deploy ransomware. VMware ESXi is a service that enables companies to host multiple virtualized systems running different…

FireCompass, a SaaS platform for Continuous Automated Red Teaming (CART) and External Attack Surface Management (EASM) announced today that it was raising $7 million to expand to more international markets and hire more talent. This Series A investment comes four years after the creation of the company headquartered in Boston, Massachusetts, but FireCompass also has…

Microsoft yesterday announced the launch of Adaptive Protection support in Microsoft Purview. The new solution leverages machine learning to help organizations detect potential malicious activities and mitigate insider risks with data loss prevention (DLP) controls. Last year, Microsoft announced a new product rebranding to bring together its Azure Purview data governance service with Microsoft 365…

Atlassian has released fixes to patch a new critical vulnerability in Jira Service Management Server and Data Center. The security flaw could enable threat actors to impersonate Jira users and gain unauthorized access to affected instances. The security vulnerability is tracked as CVE-2023-22501, and it has a critical severity score(CVSS score) of 9.4. The company…

Microsoft has released a new guided hunting notebook for its Microsoft Sentinel solution. The notebook enables organizations to leverage machine learning to detect, investigate as well as block low and slow password spray campaigns. Password spraying is a type of brute force attack that allows malicious actors to gain unauthorized access to computer systems. Hackers…

Microsoft has announced some important updates for Microsoft Sentinel, its scalable cloud-native SIEM tool that provides AI-powered security analytics in enterprise environments. The Redmond giant has launched a new solution in public preview that should help IT Admins to detect Apache Log4j vulnerabilities. Last week, Microsoft acknowledged the emergence of an Apache Log4j vulnerability (CVE-2021-44228)…

Security researchers have discovered a phishing campaign that tricked users into authorizing permissions for malicious OAuth applications. Microsoft has disabled several fraudulent Microsoft Partner Network (MPN) accounts that breached organizations’ cloud environments. Microsoft explained in a security advisory that the security firm Proofpoint discovered the campaign in early December. The threat actors initially impersonated legitimate…

Microsoft Defender for Endpoint has introduced device isolation support in public preview on onboarded Linux machines. The security feature enables IT admins to isolate Linux machines manually via the Microsoft 365 Defender portal or API requests. According to Microsoft, the threat actors will no longer be able to remotely connect with the isolated Linux devices….

I’ve been using Bitwarden for the last couple of years and in this overview, I’ll look at why you might consider Bitwarden as an alternative to proprietary solutions like LastPass and 1Password. And I’ll give an outline of the pricing, architecture, and features for business and personal use. What is Bitwarden? Bitwarden is an open-source…