Security

LATEST

Cloud Computing

Inspire 2022: Microsoft Launches Cloud for Sovereignty to Protect Government Customers

Microsoft is launching today Microsoft Cloud for Sovereignty, a new cloud offering for the government sector. The new cloud solution is meant to help government and public sector customers build, move, and operate sensitive data and workloads in the cloud while supporting the highest security and compliance standards. A sovereign cloud is a cloud infrastructure…

View Article
Security – 4

DHS Review Board Warns Log4j Flaw to Affect Vulnerable Systems Until At Least 2032

The US Department of Homeland Security has issued a security advisory about the risks associated with Log4j vulnerabilities. The DHS’ Cyber Safety Review Board (CSRB) warned that the security flaw is expected to affect federal agencies and organizations until at least 2032. For those unfamiliar, Apache Log4j is a popular open-source Java-based logging framework. It…

View Article
Security

Cloudflare Issues Advisory About Mantis Botnet Behind the Most Powerful DDoS Attack

The internet infrastructure firm Cloudflare has released an advisory about a powerful botnet dubbed Mantis. The botnet was behind the largest-ever HTTPS-based distributed-denial-of-service (DDoS) attack in June 2022 and has targeted around 1,000 customers in the past few weeks. Cloudflare explained that its security team mitigated the record-breaking DDoS attack last month that reached a…

View Article
Datacenter networking servers

Microsoft Defender for Business Gets Protections for Windows and Linux Servers

Microsoft has released server protection capabilities for its Defender for Business solution. The new security feature is available in preview for small and medium businesses (SMBs) and supports both Windows and Linux servers. Microsoft Defender for Business is a new endpoint security offering designed especially for businesses with up to 300 employees. It provides attack…

View Article
Security – 4

Microsoft Warns About New Large-Scale Phishing Campaign Bypassing MFA

Microsoft has discovered a new massive AiTM phishing campaign that can steal credentials even if the user account is protected with multi-factor authentication (MFA). The company has warned that the threat actors have targeted over 10,000 organizations since September 2021. According to Microsoft researchers, the AiTM campaign involves inserting a proxy server between a target…

View Article
Network Security

Microsoft Defender for IoT Protects Unmanaged Enterprise IoT Devices

Microsoft has announced the general availability of new enterprise IoT security capabilities in its Defender for IoT solution. The company says that these features should help businesses better secure their unmanaged IoT devices connected to enterprise networks. Microsoft Defender for IoT (Formerly known as Azure Defender for IoT) is a security offering that protects enterprise…

View Article
Cloud Computing

Microsoft’s Entra Permissions Management Solution Goes Out of Preview

Microsoft has announced that its Entra Permissions Management solution is now generally available for enterprise customers. It’s a cloud-based infrastructure entitlement management (CIEM) service that provides insights into permissions for all user and workload identities in multi-cloud environments. Microsoft Entra Permissions Management (formerly known as Cloud Knox Security) launched in public preview back in February….

View Article

Solve RDP Error ‘CredSSP Encryption Oracle Remediation’

Last Update: Jul 08, 2022

In this Ask the Admin, I’ll explain how to resolve an RDP error that might appear after the May 2018 cumulative updates.

View Article
Security

Microsoft Detects Raspberry Robin Windows Worm in Hundreds of Enterprise Networks

Microsoft has warned customers about a new high-risk worm called “Raspberry Robin” that is infecting Windows PCs. The software giant has privately informed some Microsoft Defender for Endpoint users that the malware has been discovered in hundreds of enterprise networks across various industries (via Bleeping Computer). The Red Canary cybersecurity researchers first discovered Raspberry Robin…

View Article
Windows Server 1 Hero Approved

CISA Advises Federal Agencies to Patch Windows LSA Flaw Affecting Domain Controllers

Back in May, the Cybersecurity & Infrastructure Security Agency (CISA) temporarily removed a Windows flaw from its Known Exploited Vulnerability (KEV) Catalog due to Active Directory (AD) certificate authentication issues. CISA has now re-added the security vulnerability to KEV, and it’s encouraging IT admins to patch it by deploying the June Patch Tuesday updates by…

View Article
Go to page