Security

Microsoft-owned LinkedIn has announced some new features that will let users verify their identity and current jobs on the professional networking platform. The new identity verification capabilities are available for free and don’t require any paid subscription plans. “On LinkedIn, when you show that you’re the real you, you’ll have an even greater chance of…

Cohesity, a data security and management service provider, has announced an expanded partnership with Microsoft. The deal includes new software integrations on both platforms that should help to protect businesses against ransomware threats and cybersecurity attacks. First off, Cohesity has announced the integration of its DataProtect backup and recovery solution with Microsoft Sentinel. It will…

Security researchers have discovered a design flaw in Microsoft Azure. The vulnerability could enable threat actors to get access to storage accounts and gain full control of the environment. According to Orca Security researchers, the design flaw exists in a mechanism known as Shared Key authorization. Shared Key authorization is enabled by default while creating…

Microsoft has warned that an Iranian state-backed threat actor dubbed Mercury has been carrying out destructive attacks in hybrid environments. The Microsoft Threat Intelligence team has found that the attackers teamed up with another hacking group code-named DEV-1084 to target both on-premises and cloud customers. According to Microsoft, Mercury first exploited the log4j vulnerability to…

Microsoft has recently unveiled several updates to improve threat intelligence in its existing products and services. The company has introduced a new Defender TI integration in Microsoft 365 Defender to protect enterprise customers against sophisticated cyberattacks. Microsoft explained that Defender TI capabilities are now directly available to licensed customers within the Microsoft 365 Defender portal….

Microsoft has introduced a new Incident Response Retainer service for enterprise customers. The new service provides flexible pre-paid hours for specialized incident response and recovery before, during, and after a security attack. Microsoft Incident Response is a process that enables organizations to identify and respond to security incidents in their network. It aims to streamline…

Security researchers have discovered a new vulnerability in Microsoft Azure Active Directory (Azure AD). The security flaw allowed users to modify Bing search results and access users’ private data, including Outlook emails, calendars, and Microsoft Teams messages. Dubbed BingBang, the misconfiguration in Azure Active Directory (Azure AD) was first discovered by Wiz researchers back in…

Cybersecurity vendor Logpoint detailed this week a new update for Converged SIEM, the company’s new platform that combines SIEM (Security information and event management), SOAR (Security orchestration, automation and response), User Entity and Behavior Analytics (UEBA), and business-critical security in a single offering.  Logpoint Converged SIEM became generally available back in March 2022 as a…

Microsoft announced the release of a new Security Copilot tool for cyber security professionals. The AI-powered chat assistant is designed to help analysts better understand potential threats and assess risk exposure to prevent security breaches in their environments. Microsoft’s Security Copilot feature is based on OpenAI’s GPT-4 generative AI and its own proprietary security models….

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new open-source incident response tool. The Python-based utility is designed to help organizations track vulnerabilities in Microsoft cloud environments. Specifically, CISA has teamed up with the U.S. Department of Energy’s Sandia National Laboratories to develop the Untitled Goose Tool. It utilizes different sophisticated hunting…