Security

Microsoft has announced some improvements coming to the preset security policies in Defender for Office 365 solution this summer. These policy changes should help IT admins use Microsoft’s recommended settings. According to Microsoft, the preset security policies enable organizations to apply all recommended settings to Office 365 users. The list includes Strict protection, Standard protection,…

The Cybersecurity and Infrastructure Security Agency (CISA) has warned US government agencies to immediately patch critical vulnerabilities in VMware products. The security authority instructed all federal agencies to remove the actively exploited VMware offerings from their networks if patches can’t be applied by May 23, 2022. VMware recently disclosed multiple security flaws in five different…

The US Cybersecurity and Infrastructure Security Agency (CISA) has temporarily removed the security flaw CVE-2022-26925 from its Known Exploited Vulnerability Catalog. It has warned that IT admins should not install the May 2021 Patch Tuesday updates on Windows Servers used as domain controllers due to the risk of authentication failures. The security advisory comes amid…

Microsoft adds a subset of existing Azure server security and auditing features to Azure Arc for organizations that need to manage workloads on different platforms and locations.

On November 2nd 2021, Microsoft announced Microsoft Defender for Business. The announcement comes following a series of rebranding exercises into the “Microsoft Defender for” fold. What is Microsoft Defender for Business? Microsoft Defender for Business is a new endpoint security solution that will be available soon in preview. Defender for Business is designed to bring…

Microsoft has introduced today Microsoft Security Experts, a new service category designed to address the unique security needs of customers across various industries, including healthcare, financial services, and more. The new Security Experts category expands the existing incident response and security advisory services and combines both human-lead services and automated intelligence to help businesses improve…

Last week, the application service provider F5 disclosed a new security vulnerability that allows threat actors with network access to execute commands on its BIG-IP networking devices. The critical security flaw, tracked as CVE-2022-1388, carries a CVSS score of 9.8 out of 10. According to the security advisory, the vulnerability exists in the representational state…

Microsoft, Apple, and Google have committed to expanding passwordless sign-in support across all major device platforms. The three biggest tech companies have teamed up to roll out the FIDO passkey technology to iOS, Android, Edge, Chrome, macOS, and Windows in 2023. These platforms already support passwordless sign-in standards, but Microsoft, Apple, and Google are now…

Cloud Conversations is a weekly podcast that we’ll be featuring here on Petri. It’s about everything connected to cloud computing, including technologies like Azure, Microsoft 365, Power Platform, Microsoft Endpoint Manager (MEM), Microsoft Defender, Windows, Intune, and much more! Cloud Conversations – Kevin McDonnell on Security & Compliance, Hybrid Work, and Viva Kevin McDonnell is a Microsoft 365 Solutions Architect…

Security researchers at Armis have discovered five critical vulnerabilities in multiple network devices sold by Aruba and Avaya. The security flaws, dubbed TLStorm 2.0, could allow malicious actors to gain complete control of network switches typically used in hospitals, hotels, airports, and other businesses. According to the security researchers, the TLStorm 2.0 vulnerabilities have CVSS…