Security

LATEST

Security

Microsoft Detects 254% Spike in XorDDoS Attacks on Linux Servers

Microsoft has published an advisory about a distributed denial-of-service (DDoS) malware called XorDdos that is targeting Linux endpoints and servers. The company has warned that its security researchers have detected a 254 percent surge in the malware’s activity during the last six months. The security research group MalwareMustDie first discovered the XorDDoS malware back in…

View Article
Security

CISA Warns Federal Agencies to Mitigate Critical VMware Vulnerabilities by May 23

The Cybersecurity and Infrastructure Security Agency (CISA) has warned US government agencies to immediately patch critical vulnerabilities in VMware products. The security authority instructed all federal agencies to remove the actively exploited VMware offerings from their networks if patches can’t be applied by May 23, 2022. VMware recently disclosed multiple security flaws in five different…

View Article
Windows Server 3 Hero Approved

CISA Warns Windows Admins Against Applying May Patch Tuesday Updates on Domain Controllers

The US Cybersecurity and Infrastructure Security Agency (CISA) has temporarily removed the security flaw CVE-2022-26925 from its Known Exploited Vulnerability Catalog. It has warned that IT admins should not install the May 2021 Patch Tuesday updates on Windows Servers used as domain controllers due to the risk of authentication failures. The security advisory comes amid…

View Article

Microsoft Defender for Business Brings Enterprise-Grade Endpoint Security to SMEs

Last Update: May 10, 2022

On November 2nd 2021, Microsoft announced Microsoft Defender for Business. The announcement comes following a series of rebranding exercises into the “Microsoft Defender for” fold. What is Microsoft Defender for Business? Microsoft Defender for Business is a new endpoint security solution that will be available soon in preview. Defender for Business is designed to bring…

View Article
Security

Microsoft’s New Security Experts Service Protects Businesses Against Ransomware Attacks

Microsoft has introduced today Microsoft Security Experts, a new service category designed to address the unique security needs of customers across various industries, including healthcare, financial services, and more. The new Security Experts category expands the existing incident response and security advisory services and combines both human-lead services and automated intelligence to help businesses improve…

View Article
Security

F5 Confirms New Remote Code Execution Flaw in BIG-IP Systems

Last week, the application service provider F5 disclosed a new security vulnerability that allows threat actors with network access to execute commands on its BIG-IP networking devices. The critical security flaw, tracked as CVE-2022-1388, carries a CVSS score of 9.8 out of 10. According to the security advisory, the vulnerability exists in the representational state…

View Article
Security

Microsoft, Google, and Apple to Expand Passwordless Login Across All Major Platforms

Last Update: May 09, 2022

Microsoft, Apple, and Google have committed to expanding passwordless sign-in support across all major device platforms. The three biggest tech companies have teamed up to roll out the FIDO passkey technology to iOS, Android, Edge, Chrome, macOS, and Windows in 2023. These platforms already support passwordless sign-in standards, but Microsoft, Apple, and Google are now…

View Article
Security Authenticator

Microsoft Authenticator Now Lets Users Generate Strong Passwords

Last Update: May 09, 2022

Microsoft has released a new update for its Authenticator app that allows users to generate strong and unique passwords. The new password generation feature started rolling out last month, and it’s now generally available for all customers. Microsoft highlights that the Authenticator app uses an “enterprise-grade password generation algorithm” to generate all new passwords. The…

View Article
DevOps code

GitHub to Require All Code Contributors to Enable 2FA by Late 2023

Microsoft is planning to make some changes to the existing authentication policies on its GitHub platform. The company has announced that it will require all developers contributing code to the service to enroll in at least one form of two-factor authentication (2FA) by the end of 2023. GitHub is a popular cloud-based service that allows…

View Article
Security

TLStorm 2.0 Exploits Expose Millions of Aruba and Avaya Network Switches to RCE Attacks

Security researchers at Armis have discovered five critical vulnerabilities in multiple network devices sold by Aruba and Avaya. The security flaws, dubbed TLStorm 2.0, could allow malicious actors to gain complete control of network switches typically used in hospitals, hotels, airports, and other businesses. According to the security researchers, the TLStorm 2.0 vulnerabilities have CVSS…

View Article
Go to page