Security

Security hero image

LogoFAIL Attack Exploits UEFI Logos, Posing Risks to Enterprise and Consumer Devices

Security researchers have disclosed a new firmware vulnerability named LogoFAIL, which is capable of infiltrating a wide array of Windows and Linux machines. The attack allows threat actors to use malicious logo images to potentially compromise the security of devices from major vendors, including Intel, Acer, and Lenovo. Cybersecurity company Binarly has discovered a security...

About Security

Welcome to the Security category page, your fortress for safeguarding digital assets. In an age where cyberthreats are ever-evolving, IT security is paramount. Here, you’ll find resources including best practices, tools, and strategies to protect networks, systems, and data. Whether you’re an IT professional looking to understand the basics or seeking advanced security solutions, or a business owner aiming to fortify your defenses, this page is your stronghold for cybersecurity knowledge.

LATEST

Security

Russian Hackers Exploit Outlook Flaw to Breach Exchange Accounts

Microsoft has warned customers that a Russian state-sponsored hacking group (dubbed Forest Blizzard (STRONTIUM)) is actively exploiting an Outlook flaw to target Exchange Servers. The vulnerability could potentially unlock unauthorized access to emails and pave the way for the pilfering of sensitive information. In March, Microsoft disclosed a critical vulnerability in Outlook for Windows that…

View Article
Office 365

Microsoft Sunsets Defender Application Guard for Office: Here’s What You Need to Know

Microsoft has announced that it’s deprecating Defender Application Guard for Office this month. The company has quietly updated its support article to indicate that the security feature will no longer receive updates. “Microsoft Defender Application Guard for Office is being deprecated and is no longer being updated. This deprecation also includes the Windows.Security.Isolation APIs that…

View Article
Windows Logo

Microsoft Defender for Cloud Simplifies Onboarding with New Terraform Module

Microsoft has introduced a new Terraform module aimed at simplifying the onboarding process for Microsoft Defender for Cloud (MDC). This module enables organizations to configure MDC plans for their subscriptions or management groups using a minimal amount of code. Microsoft Defender for Cloud is a security solution that allows customers to protect cloud-based applications against…

View Article
Security hero image

Here’s How Researchers Bypassed Windows Hello Fingerprint Authentication on Dell, Lenovo, and Surface Laptops

Cybersecurity researchers from Blackwing HQ have managed to bypass Windows Hello fingerprint authentication on three different laptops from Dell, Lenovo, and Microsoft. The penetration tests were carried out at the request of Microsoft to assess the security of the fingerprint sensors used in these devices. Windows Hello is a biometric authentication feature that allows users…

View Article
Windows Logo

New Microsoft Defender Bounty Program Offers up to 20K Rewards

Microsoft announced yesterday the launch of its new Defender Bounty Program. The new program is aimed at enticing security researchers to unearth new vulnerabilities in the security solution in exchange for rewards between $500 and $20,000. The submissions must specify the severity (Critical or Important) and step-by-step instructions to reproduce the issue in the fully…

View Article
Cloud Computing and Security

Microsoft Defender XDR Now Lets IT Admins Get Email Notifications for Response Actions

Microsoft has introduced email notifications support for its Microsoft Defender XDR service. The feature allows IT admins to configure the security solution to receive notifications through email for both manual and automated response actions. Microsoft Defender XDR (formerly Microsoft 365 Defender) is a managed extended detection and response service designed to help customers prevent, detect,…

View Article
Security

Microsoft Defender for APIs is Now Generally Available

Microsoft has announced the general availability of its Defender for APIs security solution. This new offering has been in preview as part of the Microsoft Defender for Cloud service since April, allowing organizations to safeguard their business-critical APIs and sensitive data from evolving cyber threats. Microsoft Defender for Cloud is designed to offer security and…

View Article
Security

Ignite 2023: Microsoft Introduces New Unified Security Operations Platform, Security Copilot Features

It’s been a couple of months since Microsoft introduced Security Copilot, an AI-powered assistant that’s designed to help cybersecurity professionals detect breaches. At its Ignite 2023 conference, the company announced a slew of new updates coming to Security Copilot and the expansion of AI-powered capabilities across all clouds and platforms. Vasu Jakkal, CVP of Security,…

View Article
Security

Microsoft Expands Protection: Enterprise IoT Security Now Part of Microsoft 365 E5 and E5 Security Plans

Microsoft has announced that enterprise IoT (eIoT) security capabilities are now available for organizations with Microsoft 365 E5/E5 security subscriptions. This release makes it easier for enterprise customers to monitor unmanaged enterprise IoT devices, detect anomalies, and improve security posture. Enterprise IoT (eIoT) security offers visibility and security for internet-connected devices and networks in business…

View Article
Go to page