Security

microsoft security hero approved

3 Ways to Reduce Shadow IT

In this article, I look at three easy ways to help prevent shadow IT becoming a problem in your business. Shadow IT isn’t a new problem facing IT departments. But with the explosion in remote working, cloud Software-as-a-Service (SaaS) solutions, and generative AI it’s become harder than ever to mitigate the risks. What are the...

About Security

Welcome to the Security category page, your fortress for safeguarding digital assets. In an age where cyberthreats are ever-evolving, IT security is paramount. Here, you’ll find resources including best practices, tools, and strategies to protect networks, systems, and data. Whether you’re an IT professional looking to understand the basics or seeking advanced security solutions, or a business owner aiming to fortify your defenses, this page is your stronghold for cybersecurity knowledge.

LATEST

Network Security

Microsoft Introduces Enhanced File Integrity Monitoring with Defender for Endpoint

Microsoft has released a new version of File Integrity Monitoring (FIM) based on Defender for Endpoint in public preview for commercial customers. File Integration Monitoring is a security feature that analyzes the integrity of critical files to prevent any unauthorized changes. “To provide File Integrity Monitoring (FIM), Microsoft Defender for Endpoint collects data from machines…

View Article
Network Security

Microsoft Defender for IoT Protects Unmanaged Enterprise IoT Devices

Last Update: Sep 05, 2024

Microsoft has announced the general availability of new enterprise IoT security capabilities in its Defender for IoT solution. The company says that these features should help businesses better secure their unmanaged IoT devices connected to enterprise networks. Microsoft Defender for IoT (Formerly known as Azure Defender for IoT) is a security offering that protects enterprise…

View Article
microsoft security hero approved

Silver SAML: Active Directory Attack Technique Explained

Last Update: Sep 04, 2024

In this blog post, you’ll be introduced to Silver SAML, a variant of Golden SAML. Golden SAML is a sophisticated attack technique used by hackers to bypass MFA (multifactor authentication) and gain access to sensitive data. Silver SAML operates similarly, but targets Microsoft Entra ID rather than on-premises Active Directory. Thanks to Semperis for sponsoring…

View Article
google workspace gmail hero approved

Google Workspace Introduces Passkey Support to Protect Users Against Phishing Attacks

Last Update: Sep 04, 2024

Last month, Google introduced passkey support for consumer Google accounts. The company has now expanded the passwordless login solution to Google Workspace business accounts. Passkeys is a passwordless authentication mechanism developed by the FIDO Alliance, including Google, Microsoft, and Apple. The feature allows users to log in to their phones or computers with a PIN,…

View Article
Cloud Computing

Microsoft’s Entra Permissions Management Solution Goes Out of Preview

Last Update: Sep 04, 2024

Microsoft has announced that its Entra Permissions Management solution is now generally available for enterprise customers. It’s a cloud-based infrastructure entitlement management (CIEM) service that provides insights into permissions for all user and workload identities in multi-cloud environments. Microsoft Entra Permissions Management (formerly known as Cloud Knox Security) launched in public preview back in February….

View Article
cyber security 3400657 1920 1280x768 1

QNAP Warns Against ‘Dirty Pipe’ Linux Flaw That Affects Several NAS Devices

Last Update: Sep 04, 2024

Here’s a look at what you need to know QNAP has issued an advisory about a new Dirty Pipe Linux vulnerability that affects a wide range of Network Attached Storage (NAS) devices. It allows attackers to overwrite data in arbitrary read-only files. The Dirty Pipe security flaw affects all NAS devices running kernel version 5.10.60….

View Article
security hero

Microsoft Defender for Identity Gets Action Accounts Support

Last Update: Sep 04, 2024

Microsoft has added support for action accounts to its Microsoft Defender for Identity solution. The new action accounts feature was spotted by Twitter user @JimSycurity earlier this week, and it is now generally available for all enterprise customers worldwide. The action accounts setting allows IT Admins to take actions (such as reset their password or…

View Article
Security

Google to Acquire Cybersecurity Firm Mandiant to Bolster Cloud Computing Business

Last Update: Sep 04, 2024

Google has announced its plans to acquire Mandiant, a US-based cyber security company, in an all-cash deal valued at $5.4 billion. The software giant says that this new acquisition will help to improve its security offerings to better protect Google Cloud customers. Once the deal closes, Mandiant will join Google’s cloud computing business, which should…

View Article

Microsoft Acknowledges “AutoWarp” Critical Security Vulnerability Affecting Azure Automation Service

Last Update: Sep 04, 2024

Microsoft has addressed a new critical security vulnerability in its Azure Automation service. The exploit labeled “AutoWarp” was mitigated in December 2021, and the company confirmed that it could enable malicious actors to get access to the data and resources of other Azure customers. The cross-tenant vulnerability was first discovered by a researcher at Orca…

View Article
Go to page