Security

On November 2nd 2021, Microsoft announced Microsoft Defender for Business. The announcement comes following a series of rebranding exercises into the “Microsoft Defender for” fold. What is Microsoft Defender for Business? Microsoft Defender for Business is a new endpoint security solution that will be available soon in preview. Defender for Business is designed to bring…

Microsoft has introduced today Microsoft Security Experts, a new service category designed to address the unique security needs of customers across various industries, including healthcare, financial services, and more. The new Security Experts category expands the existing incident response and security advisory services and combines both human-lead services and automated intelligence to help businesses improve…

Last week, the application service provider F5 disclosed a new security vulnerability that allows threat actors with network access to execute commands on its BIG-IP networking devices. The critical security flaw, tracked as CVE-2022-1388, carries a CVSS score of 9.8 out of 10. According to the security advisory, the vulnerability exists in the representational state…

Microsoft, Apple, and Google have committed to expanding passwordless sign-in support across all major device platforms. The three biggest tech companies have teamed up to roll out the FIDO passkey technology to iOS, Android, Edge, Chrome, macOS, and Windows in 2023. These platforms already support passwordless sign-in standards, but Microsoft, Apple, and Google are now…

Microsoft has released a new update for its Authenticator app that allows users to generate strong and unique passwords. The new password generation feature started rolling out last month, and it’s now generally available for all customers. Microsoft highlights that the Authenticator app uses an “enterprise-grade password generation algorithm” to generate all new passwords. The…

Microsoft is planning to make some changes to the existing authentication policies on its GitHub platform. The company has announced that it will require all developers contributing code to the service to enroll in at least one form of two-factor authentication (2FA) by the end of 2023. GitHub is a popular cloud-based service that allows…

Security researchers at Armis have discovered five critical vulnerabilities in multiple network devices sold by Aruba and Avaya. The security flaws, dubbed TLStorm 2.0, could allow malicious actors to gain complete control of network switches typically used in hospitals, hotels, airports, and other businesses. According to the security researchers, the TLStorm 2.0 vulnerabilities have CVSS…

Microsoft has launched a new standalone version of its Defender for Business solution for commercial customers. The new cost-effective enterprise-grade endpoint security offering was first announced at Ignite 2021, and it’s designed for small to medium-sized businesses with up to 300 employees. The Redmond giant started rolling out Microsoft Defender for Business to organizations with…

Last week, QNAP published a security advisory to warn customers about new critical flaws in an open-source fileserver technology integrated into its network-attached storage (NAS) devices. The company has advised customers to look out for updates to address the vulnerabilities affecting some of its products. QNAP explained in its advisory that these flaws exist in…

When we think about administrative rights on Intune-enrolled Windows 10 devices, we need to consider two possible device states for that device: Azure AD joined (AADJ), or Hybrid Azure AD joined (HAADJ).  This is due to the different administrative roles available at the directory level. For Azure AD joined devices, at the time of performing…