Microsoft has released a comprehensive guide to assist IT administrators in promptly and effectively responding to security breaches within their organizations. The Microsoft Incident Response team detailed best practices to protect workloads in cloud, on-premises, and hybrid environments. Decommission AD FS Microsoft explained that the Active Directory Federation Services (AD FS) could pose a significant…
Security researchers have disclosed that hackers are persistently exploiting the Log4j vulnerability to infiltrate organizations globally. The infamous Lazarus hacking group has recently exploited this flaw to launch a fresh wave of cyberattacks, deploying new remote access Trojans (RATs) coded in the D programming language. What is Log4j? The Log4j vulnerability, also known as Log4Shell,…
Last Update: Dec 09, 2023
Security researchers have disclosed a new firmware vulnerability named LogoFAIL, which is capable of infiltrating a wide array of Windows and Linux machines. The attack allows threat actors to use malicious logo images to potentially compromise the security of devices from major vendors, including Intel, Acer, and Lenovo. Cybersecurity company Binarly has discovered a security…
Microsoft has warned customers that a Russian state-sponsored hacking group (dubbed Forest Blizzard (STRONTIUM)) is actively exploiting an Outlook flaw to target Exchange Servers. The vulnerability could potentially unlock unauthorized access to emails and pave the way for the pilfering of sensitive information. In March, Microsoft disclosed a critical vulnerability in Outlook for Windows that…
Microsoft has announced that it’s deprecating Defender Application Guard for Office this month. The company has quietly updated its support article to indicate that the security feature will no longer receive updates. “Microsoft Defender Application Guard for Office is being deprecated and is no longer being updated. This deprecation also includes the Windows.Security.Isolation APIs that…
Microsoft has introduced a new Terraform module aimed at simplifying the onboarding process for Microsoft Defender for Cloud (MDC). This module enables organizations to configure MDC plans for their subscriptions or management groups using a minimal amount of code. Microsoft Defender for Cloud is a security solution that allows customers to protect cloud-based applications against…
Cybersecurity researchers from Blackwing HQ have managed to bypass Windows Hello fingerprint authentication on three different laptops from Dell, Lenovo, and Microsoft. The penetration tests were carried out at the request of Microsoft to assess the security of the fingerprint sensors used in these devices. Windows Hello is a biometric authentication feature that allows users…
Microsoft announced yesterday the launch of its new Defender Bounty Program. The new program is aimed at enticing security researchers to unearth new vulnerabilities in the security solution in exchange for rewards between $500 and $20,000. The submissions must specify the severity (Critical or Important) and step-by-step instructions to reproduce the issue in the fully…
Microsoft has introduced email notifications support for its Microsoft Defender XDR service. The feature allows IT admins to configure the security solution to receive notifications through email for both manual and automated response actions. Microsoft Defender XDR (formerly Microsoft 365 Defender) is a managed extended detection and response service designed to help customers prevent, detect,…
Microsoft has announced the general availability of its Defender for APIs security solution. This new offering has been in preview as part of the Microsoft Defender for Cloud service since April, allowing organizations to safeguard their business-critical APIs and sensitive data from evolving cyber threats. Microsoft Defender for Cloud is designed to offer security and…