Security

Microsoft has published an advisory about a server misconfiguration that may have compromised the sensitive data of some potential customers. The leak, dubbed “BlueBleed,” was first discovered by security researchers at threat intelligence firm SOCRadar on September 24. The Microsoft Security Response Center explained that the misconfigured Azure Blob Storage instance made data related to…

Microsoft has recently discovered a new ransomware campaign that’s targeting organizations within the transportation and logistics industries across Poland and Ukraine. The novel Prestige ransomware strain was first found on October 11, and the attackers targeted a wide range of systems within an hour. The Microsoft Threat Intelligence Center (MSTIC) explained that it has been…

Microsoft announced several new security features and services at its Ignite 2022 conference this week. Specifically, the company introduced two new security solutions called Defender for DevOps and Defender Cloud Security Posture Management. Microsoft Defender for DevOps is a service that enables developers to detect and remediate code vulnerabilities during the software development life cycle….

Last week, cybersecurity researchers warned that the North Korean hacking group “Lazarus” exploited Dell hardware drivers to deploy a Windows rootkit. The phishing campaign was discovered by security firm ESET in the Fall of 2021, and it targeted Aerospace experts and political journalists in Europe. According to the ESET’s report, the North Korean state-backed advanced…

Protecting your brand and your employees from phishing attacks is a critical first step to keeping your environment secure.

Microsoft has partnered with Experian to bring identity theft protection monitoring capabilities to its Microsoft Defender for individuals solution. The feature enables Microsoft 365 subscribers to monitor personal and family identity details for security breaches on the public internet and the dark web. Microsoft Defender for individuals launched back in June to help users manage…

Russell Smith, Editorial Director of Petri, talks to Maurice Cote from Devolutions about the difference between cybersecurity and IT security and what it means for IT departments.

Last week, Uber confirmed a major cybersecurity attack that compromised its internal communications and engineering systems. The company believes that someone affiliated with the hacking group Lapsus$ leveraged the MFA fatigue attack technique to compromise an Uber employee account. According to the New York Times, the hackers social engineered the company’s worker after discovering his…

Security researchers have unveiled a new malware that is infecting Linux endpoints and Internet-of-things (IoT) devices. The malware allows attackers to gain persistent access to the compromised system and deploy crypto-mining software. The stealthy malware dubbed “Shikitega” was first discovered by cybersecurity researchers at AT&T Alien Labs. The malware is delivered in a multi-stage infection…

Microsoft has patched a critical in Azure Service Fabric dubbed “FabricScape” that affects containerized workloads on Linux. The software giant urges customers to upgrade their clusters as soon as possible to prevent successful exploits. Azure Service Fabric is basically a distributed systems platform that allows developers to build and host microservices-based cloud apps. It powers…