Security

Microsoft has launched a new standalone version of its Defender for Business solution for commercial customers. The new cost-effective enterprise-grade endpoint security offering was first announced at Ignite 2021, and it’s designed for small to medium-sized businesses with up to 300 employees. The Redmond giant started rolling out Microsoft Defender for Business to organizations with…

Last week, QNAP published a security advisory to warn customers about new critical flaws in an open-source fileserver technology integrated into its network-attached storage (NAS) devices. The company has advised customers to look out for updates to address the vulnerabilities affecting some of its products. QNAP explained in its advisory that these flaws exist in…

When we think about administrative rights on Intune-enrolled Windows 10 devices, we need to consider two possible device states for that device: Azure AD joined (AADJ), or Hybrid Azure AD joined (HAADJ).  This is due to the different administrative roles available at the directory level. For Azure AD joined devices, at the time of performing…

Cybersecurity researchers have discovered that the threat actors are testing new attack techniques to distribute malware. Indeed, the latest version of the highly sophisticated Emotet botnet uses PowerShell commands attached to the XLL files to target Windows PCs. Emotet is an advanced Trojan that is primarily used to spread malware via phishing emails on compromised…

Microsoft has announced a new partnership with Red Button, an Israel-based Distributed Denial-of-Service (DDoS) attack simulation testing solutions provider. The Redmond giant believes that this collaboration will enable organizations to identify gaps and develop effective strategies to mitigate DDoS attacks. “With Red Button’s DDoS Testing service suite, you will be able to work with a…

Atlassian has released new security patches for its Jira and Jira Service Management solutions. The latest set of updates aims to address a critical vulnerability that could let attackers to bypass authentication controls. According to Atlassian’s security advisory, the bug was first discovered by Khoadha of Viettel Cyber Security. Tracked as CVE-2022-0540 and issued a…

Security researchers have revealed a new series of ransomware attacks carried out by the Hive ransomware group to target Microsoft Exchange Servers. Hive is a popular ransomware-as-a-service (RaaS) model that was first discovered in June 2021. The Hive ransomware group targets business networks with several methods and mechanisms, including phishing emails with attachments. It has…

Microsoft has released updated guidance to help enterprise customers protect domain controllers (DCs) against cyber attacks. The company urges IT admins to deploy Azure Active Directory (AAD) in their organizations to prevent security breaches. For those unfamiliar, a domain controller is a type of server that responds to security authentication requests from network endpoints (such…

Looking at a recently-announced product called “Microsoft Endpoint Manager”. While the product name and management interface may be shiny and new, you’ll probably recognize the underlying products as some of the same familiar products that device administrators have known for years. We’ll break down what’s included and some changes that may benefit and impact current and future deployments.

A team of security researchers has discovered that attackers are now exploiting the critical Spring4Shell vulnerability to spread Mirai malware on target systems. The Mirai botnet malware attacks were first detected earlier this month, and the threat actors are currently targetting vulnerable web servers in the Singapore region. According to Trend Micro’s researchers, the threat…