Security

Microsoft is finally getting ready to block Visual Basic for Applications (VBA) macros downloaded from the internet by default in several Office apps. The Redmond giant has already started restricting Excel 4.0 (XLM) macros, and this change will now impact all VBA macros in Word, PowerPoint, Visio, Access, and Excel files. By default, Microsoft Office…

Microsoft has warned users about a new multi-phase campaign targeting enterprise customers. The Microsoft 365 Defender Threat Intelligence Team detailed its findings on its Security blog, which indicates that these phishing attacks mainly target organizations that haven’t enabled multi-factor authentication (MFA). As the name suggests, multi-factor authentication (MFA) is an authentication technique that requires two…

Microsoft has announced new security capabilities for Exchange Online customers. The company has finally added support for SMTP MTA Strict Transport Security (MTA-STS) to its Exchange Online service that will use Transport Layer Security (TLS) encryption to secure emails and prevent man-in-the-middle or downgrade attacks. As a reminder, Microsoft unveiled its plans to launch MTA-STS…

Microsoft has shared some important details about the evolution of a malware called “UpdateAgent” that started targeting Mac devices in 2020. Yesterday, Microsoft’s threat intelligence team warned users that the new variants of this trojan have become more sophisticated, and they are currently installing adware payloads on infected Mac machines. The UpdateAgent malware was first…

Microsoft Sentinel, the company’s security information and event management (SIEM) platform is getting a new GitHub integration. The new solution has been designed to help organizations continuously monitor GitHub developer repositories for potentially malicious events. For those unfamiliar with Microsoft Sentinel, it’s a scalable cloud-native SIEM service that uses Artificial Intelligence to analyze huge volumes…

Microsoft is working on some important updates for Microsoft Defender for Office 365. The cloud-based email filtering service is getting a new update that should help organizations to prioritize threat protection for enterprise accounts tagged as critical priority users. Back in November 2020, Microsoft Defender for Office 365 added the priority account protection feature, which…

Microsoft has recently unveiled that it mitigated one of the largest-ever-recorded DDoS attacks that targetted Asian Azure customers in November. The company says that the recent DDoS attack was launched from 10,000 sources in several countries, and it lasted for around 15 minutes. For those unfamiliar, a distributed denial of service (DDoS) attack is a…

Microsoft unveiled a new endpoint security solution for small and medium-sized companies called “Microsoft Defender for Business” at its Ignite 2021 conference. The new service plan, which is currently available in preview for select organizations, is finally coming to enterprise customers with a Microsoft 365 Business Premium plan (via OnMSFT). Microsoft Defender for Business is…

Microsoft has announced that threat and vulnerability management support in Microsoft Defender for Endpoint is now generally available on Android and iOS devices. The new threat and vulnerability management capabilities allow organizations to discover, prioritize, and remediate vulnerabilities and misconfigurations in real-time. Microsoft Defender for Endpoint provides vulnerability management capabilities for iOS and Android devices…

Microsoft unveiled its plans to disable Excel 4.0 XLM macros by default back in October 2021. The company has now announced that this application policy change is now rolling out to all Microsoft 365 tenants and it aims to protect customers from malicious documents. For those unfamiliar with Excel 4.0 macros (XLM), this is a…