Security

LATEST

Security

Slack Releases Fix for Critical Bug That Exposed Hashed Passwords for Years

Slack has confirmed that a security vulnerability accidentally exposed the hashed passwords of around 0.5 percent of its customers. The company patched the bug last month and notified impacted users that it had reset their passwords. The vulnerability was first discovered by a security researcher and it was reported to Slack on July 17, 2022….

View Article
Security

Microsoft Defender Experts for Hunting Lets Businesses Proactively Hunt Security Threats

Back in May, Microsoft unveiled a new Defender Experts for Hunting solution to help organizations proactively hunt for security threats. The company has announced that the new managed security service is now generally available for enterprise customers. Microsoft Defender Experts for Hunting is aimed at companies with existing security operations centers. The service combines data…

View Article
Security – 4

VMware Releases Updates to Address Critical Authentication Bypass Flaw

VMware has released new security updates to address a critical authentication bypass vulnerability present in its multiple products. The company warned that the bug could enable threat actors to gain administrative privileges on target systems. Tracked as CVE-2022-31656, the flaw was discovered by the security researcher Petrus Viet. VMware assigned the authentication bypass vulnerability a…

View Article
Security

Microsoft Defender Gets New Security Tools Powered By RiskIQ’s Threat Intelligence

Microsoft has announced two new security services to enhance the threat intelligence capabilities of its Microsoft Defender platform. The new Defender Threat Intelligence and Defender External Attack Surface Management tools are a result of Microsoft’s acquisition of the cybersecurity company RiskIQ in July 2021. First up, the Microsoft Defender Threat Intelligence (MDTI) service provides enterprise…

View Article
Security

Microsoft Exchange Servers Hit By Stealthy IIS Backdoors

Microsoft has published a security advisory about a new wave of malware attacks that target Exchange Servers. The company has warned IT admins that threat actors are increasingly using malicious Internet Information Services (IIS) modules to install backdoors and steal credentials. For those unfamiliar, Internet Information Services (IIS) is a web server that lets developers…

View Article
Security – 4

Securing IoT with Azure Sphere

In this article, we are going to take a brief look at what Azure Sphere is and how it is helping to protect Internet of Things (IoT) devices with additional security overlay. In today’s world, we are surrounded by billions of devices – all with microcontrollers embedded in them for control and to add logic….

View Article
Security

Microsoft Patches Five Critical Security Flaws in Azure Defender for IoT

Last Update: Jul 25, 2022

Security researchers have uncovered five critical vulnerabilities in Microsoft Azure Defender for IoT. The Redmond giant has already released new security patches to address these exploits, and it recommends all enterprise customers to install them as soon as possible. According to a report from SentinelOne‘s SentinelLabs, these security vulnerabilities were first discovered by researchers Kasif…

View Article
PowerShell

PowerShell Remoting Basics

Last Update: Jul 23, 2022

Missy Januszko provides an overview of PowerShell remoting and explains the use of different cmdlets for managing multiple machines at once.

View Article
Security

Microsoft Retires Windows Information Protection in Favor of New Purview Service

Microsoft has announced its plans to retire the built-in Windows Information Protection (WIP) feature in its client operating system. The software giant has decided to sunset the data leak prevention capability in favor of its paid subscription service, Microsoft Purview. Windows Information Protection (previously known as enterprise data protection (EDP) is a useful feature that…

View Article
Security – 5

Atlassian Releases Patches to Fix Critical Confluence Flaw

Atlassian has disclosed a new critical flaw in its Confluence Server and Data Center products. The company explained in its security advisory that the vulnerability (CVE-2022-26138) lets unauthorized users use hardcoded credentials to get full access to Confluence. According to Atlassian, the flaw exists in its Questions for Confluence app. It is designed to help…

View Article
Go to page