Security

#

•  Encrypted files using Cygwin and OpenSSL
• 10 Tips to Make a Secure Password
• 2015 CSA Summit Highlights Cloud Security Threats
• 3 Ways to Reduce Shadow IT
• 5 Steps to Secure Active Directory
• 6 Steps to Prevent WannaCrypt and Other Ransomware

A

• A Cipher Best Practice: Configure IIS for SSL/TLS Protocol
• Access Denied Error in EFS Encrypted Files
• Acunetix Web Vulnerability Scanner Version 3.0 Combats Rise in “Google Hacking” Attacks
• Advanced Threat Protection Service for Businesses is Coming to Windows 10
• Alternatives to Microsoft Forefront Unified Access Gateway
• Amazon Announces New S3 Encryption and Security Features
• AMD ‘Zenbleed’ CPU Flaw Exposes Passwords and Encryption Keys to Hackers
• An IT Pro Perspective on Lenovo Superfish
• An Open Letter to Lenovo
• Anti Virus Exclusion Guidelines for Microsoft Products
• Anti-Malware Solutions for Microsoft Azure Virtual Machines
• Apache Releases Log4j Version 2.17.1 to Patch New Remote Code Execution Vulnerability
• Apache Superset Auth Bypass Flaw Exposes Vulnerable Servers to RCE Attacks
• Applying Security Policies with the Windows Server Security Configuration Wizard
• AppSec Just Got a New Boss — And It’s Not the Security Team!
• Atlassian Claims Data Breach Linked to Third-Party Workplace Platform Envoy
• Atlassian Releases Patches for Critical Authentication Vulnerability in Jira Software
• Atlassian Releases Patches for Critical Jira Authentication Bypass Vulnerability
• Atlassian Releases Patches for Zero-Day Confluence RCE Flaw
• Atlassian Releases Patches to Fix Critical Confluence Flaw
• Atlassian Warns of Active Exploitation of Unpatched Critical Confluence Flaw
• Attending Infosecurity Europe 2009, London, Apr 28-30
• Avast Gets New Ransomware Shield to Protect Small Businesses
• AWS Confirms Log4j Hotpatch Fix Leads to Privilege Escalation
• AWS Firewall Manager Adds AWS Shield Advanced Automatic Application Layer DDoS Mitigation
• Azure Active Directory Connect Makes Cloud Single Sign-On Easy
• Azure Active Directory Flavors
• Azure Firewall Basic Now Available to Protect Small Businesses Against Cyberattacks
• Azure Information Protection Versus Windows Information Protection Overview — Part 1
• Azure Key Vault: Securely Store and Manage Your Secrets
• Azure Sentinel Gets Fusion AI Early Ransomware Detection in Preview
• Azure Site Recovery for Azure Virtual Machines

B

• Best Practices for Deploying BitLocker with Intune
• Biden’s Executive Order Targets Cybersecurity, AI, and Critical Infrastructure
• BitLocker To Go Walkthrough on Legacy Systems
• BitLocker To Go Walkthrough Windows 7
• Bitwarden – An Open-Source Alternative to LastPass for Business and Personal Use
• Bitwarden Adds Passwordless Authentication Support to Secure Web Vault
• Block Ping Traffic with IPSec
• Block Web Browsing but Allow Intranet Traffic with IPSec
• Block Web Browsing with IPSec
• Book Review: Digital Wars by Charles Arthur
• British Man Arrested in Connection with Xbox Live, PSN Attacks
• Build 2022: Microsoft Boosts Data Analytics and Cybersecurity in New Training & Certifications
• Build a Cloud-Integrated Surveillance System Using Microsoft Azure and Windows 10, Part 1

C

• Can You Rely on Microsoft Security Essentials to Protect Your Computer?
• Carderbee Hackers Abuse Microsoft Signing Keys in Supply Chain Attacks
• Change Account Password CMD: Change User Password from the Command Prompt
• Change User Password from a Remote Computer
• Choosing between Virtual Private Network and Zero Trust Remote Access Solutions
• CISA Advises Federal Agencies to Patch Windows LSA Flaw Affecting Domain Controllers
• CISA Alerts: Russian Hackers Infiltrate US Government Emails
• CISA and CrowdStrike Tools Make Detecting Compromised Microsoft 365 Accounts Easier
• CISA Issues Advisory on Critical File Transfer Flaw in Citrix ShareFile
• CISA Publishes Advisory About Cyber Attacks Targeting Internet-Connected UPS Devices
• CISA Releases New ‘Logging Made Easy’ Tool to Detect Security Threats
• CISA Releases New Free Tool to Identify Threats in Microsoft Cloud Services
• CISA Releases New Tool to Recover from Ransomware Attacks on Unpatched VMware ESXi Servers
• CISA Releases Strategic Guidance to Strengthen SIEM and SOAR Deployment
• CISA Warns About New Ivanti EPMM Vulnerabilities
• CISA Warns Federal Agencies to Mitigate Critical VMware Vulnerabilities by May 23
• CISA Warns of Phishing Scams Exploiting CrowdStrike Outage Chaos
• CISA Warns Unpatched VMware Servers Remain Vulnerable to Log4Shell
• CISA Warns Windows Admins Against Applying May Patch Tuesday Updates on Domain Controllers
• CISA: Androxgh0st Malware Poses Serious Threat to Microsoft 365 and AWS Credentials
• Cisco Discloses New Flaw in Enterprise Switches That Lets Hackers Intercept Encrypted Traffic
• Cisco Patches Critical Flaw in Identity Services Engine Affecting Azure, AWS, and Oracle Cloud
• Cisco To Audit Code In Wake Of Juniper Backdoor Announcement
• CitrixBleed 2 Exploit Bypasses MFA, Puts Enterprise Networks at Risk
• Cleaning your Computer from Malware with the Microsoft Malware Removal Starter Kit
• Cloud-Based Password Management Might Be Right for You
• Cloudflare Issues Advisory About Mantis Botnet Behind the Most Powerful DDoS Attack
• Code Signing Microsoft Office Macros and Visual Basic for Applications
• Cohesity Unveils New Partnership with Microsoft to Protect Businesses from Cyber Threats
• Compression and Other Attributes in EFS
• Configure a Windows Remote Management HTTPS Listener
• Configure Advanced Security Scenarios in Windows Server 2012
• Configure SMB Security in Windows Server 2012
• Configure SSL on Your Website with IIS
• Configuring AppLocker in Windows Server 2012 R2
• Configuring IPSec Policies through GPO
• Create a mountable virtual encrypted hard drive in Windows Vista using TrueCrypt
• Create a Self-Signed Certificate Using PowerShell
• Create Custom Security Policies with the Windows Server Security Configuration Wizard
• Creating Strong Passwords
• Critical FortiGate Vulnerability Affects 336,000 Vulnerable Firewalls
• Critical Microsoft SharePoint Flaw Exploited: CISA Issues Warning for Organizations to Act Swiftly
• Critical Perforce Server Vulnerability Opens Doors for Full System Control
• Critical RCE Vulnerability in Microsoft SharePoint Could Lead to Malicious Attacks
• Critical Vulnerabilities Expose Hundreds of Brother Printers to Remote Attacks
• Cybercriminals Exploit OAuth Apps for BEC and Phishing Attacks
• Cybersecurity Alert: Hackers Exploit Chrome Extensions to Hijack User Passwords
• Cybersecurity Expert Troy Hunt Falls Victim to Phishing Attack, 16,000 Email Records Compromised

D

• Data Protection and Recovery in Windows XP
• DHS Review Board Warns Log4j Flaw to Affect Vulnerable Systems Until At Least 2032
• Disable EFS in Windows XP/2003
• Do You Need Antivirus on Your Servers?
• DoJ v Microsoft: Feds Still Want to Snoop on Irish Cloud
• Don’t FREAK Out: Microsoft Patches Publicized Flaws
• Download ISA Server SP1

E

• Easily Removing End Users from the Local Administrators Group
• Enable BitLocker Drive Encryption in Windows Server 2012
• Enable BitLocker on a System Drive Without TPM in Windows 8 and Server 2012
• Enable LSA Protection in Windows Server 2012 R2 and Windows 8.1
• Enable Multi-Factor Authentication for Office 365 Users
• Enable Notifications to Open Firewall Ports in Windows Server 2012 R2
• Enable Tracking Protection in Internet Explorer to Improve Privacy and Speed
• Enable Two-Factor Authentication with Microsoft Accounts and Outlook.com
• Enabling Secure Boot in Windows 8 and Windows Server 2012
• Enabling Secure LDAP on Windows Server 2008/2012 Domain Controllers
• Enabling Secure LDAP on Windows Server 2008/2012 Domain Controllers: Configuration
• Enabling Windows 10 Device Guard
• Enhanced Cloud Protection: Microsoft’s Defender for Cloud Gets New Integration with Defender XDR
• Enhancing Cloud Security: Microsoft Details Best Practices to Thwart Identity Compromise
• Everyone Has Something to Steal
• Everything You Need to Know About Azure Infrastructure – October 2019
• Evolution of Windows Firewall: Windows 7
• Evolution of Windows Firewall: Windows Vista Firewall
• Evolution of Windows Firewall: Windows XP
• Evolution of Windows Firewall: Windows XP with SP2
• Exchange Online Gets MTA-STS Support to Improve Email Security
• Exchange Online to Introduce SMTP DANE with DNSSEC Support for Inbound Emails
• Experience the Future of Security Operations Now with the Microsoft Security Copilot Early Access Program
• Expired SSL Website Certificate
• Exporting and Importing IPSec Policies

F

• F5 Confirms New Remote Code Execution Flaw in BIG-IP Systems
• FBI and CISA Issue Advisory Over Multi-Factor Authentication Flaw Abused By Russian Hackers
• FireCompass Raises $7 Million to Improve its CART and ASM Capabilities
• First impressions on Compliance Manager Preview
• Five Tactics Towards Achieving Zero Trust with Microsoft Entra ID (Azure Active Directory)
• Forgot the Administrator Password – Alternate Method – The LOGON.SCR trick
• Forgot the Administrator’s Password? – Change Domain Admin Password in Windows 2000 AD
• Forgot the Administrator’s Password? – Change Domain Admin Password in Windows Server 2003 AD
• Forgot the Administrator’s Password? – Change Domain Admin Password in Windows Server 2008 AD
• FREAK Flaw Leaves Web Sites and Mobile Devices Exposed
• Free DevOps Tool for Calculating Development Waste
• Free Password Management Tools to Make Your Life Easier
• Free Remote Desktop, Terminal & Citrix Session Recorder: ObserveIT Express
• Full Drive Encryption (FDE) FAQs

G

• GDPR Is Here — What Does It Mean To You?
• German Cybersecurity Office BSI Issues Security Warning About Kaspersky Antivirus
• GET-IT Office 365 Security Day is Happening Now!
• Getting Started with Role-based Access Control in Azure
• Getting Started with Windows Information Protection
• GFI LANguard Network Security Scanner
• GFI LANguard Network Security Scanner – more info
• Git Releases New Security Updates to Block Remote Code Execution Attacks
• GitHub to Require All Code Contributors to Enable 2FA by Late 2023
• GitHub to Start Rolling Out Two-Factor Authentication (2FA) to All Contributors Today
• Globant Confirms Lapsus$ Hackers Had Unauthorized Access to Customers’ Source Code
• Goodbye Passwords: Windows 10 Passport
• Google Adds Improvements to Data Loss Prevention API
• Google Adds Support for Passkeys to Protect Google Accounts
• Google Announces Asylo Framework for Confidential Computing
• Google Authenticator Now Lets Users Back Up 2FA Codes to the Cloud
• Google Authenticator to Get End-to-End Encryption Support
• Google Introduces Several New Ways to Keep Accounts Secure
• Google Password Manager to Add Support for Biometric Authentication for Desktop Users
• Google Takes on Microsoft’s Security Copilot With New Cloud Security AI Workbench
• Google to Acquire Cybersecurity Firm Mandiant to Bolster Cloud Computing Business
• Google Workspace Adds Stronger Protections to Sensitive Accounts
• Google Workspace Extends Client-Side Encryption to Gmail
• Google Workspace Introduces Passkey Support to Protect Users Against Phishing Attacks
• Grafana Patches Critical Azure AD Authentication Bypass Vulnerability
• Guide: Getting Started with Zero Trust Security in Microsoft 365
• Guide: How to Plan for Microsoft Defender Endpoint Deployments and Migrations
• Guide: Limit Microsoft 365 Access to Corporate Devices with Conditional Access

H

• Hackers Exploit Critical Citrix Flaw to Compromise 2,000 NetScaler Instances
• Hackers Exploit Design Flaws in Windows Smart App Control and SmartScreen for Malware Attacks
• Hackers Exploit Microsoft Office Flaw in New Remcos RAT Phishing Attack
• Hackers Exploit Microsoft Trusted Signing Platform to Distribute Code-Sign Malware
• Hackers Exploit Publicly Leaked ASP.NET Keys for Code Injection Attacks — Are You at Risk?
• Hackers Exploit Windows Quick Assist App to Deploy Black Basta Ransomware
• Hackers Exploit XZ Utils Vulnerability to Infiltrate Linux Systems – Everything You Need to Know
• Hackers Exploited Windows Spoofing Vulnerability in Zero-Day Attacks
• Hackers Impersonate IT Helpdesks to Deploy Stealthy Ransomware in U.S. Firms
• Hackers Steal Data Center Logins for Microsoft, Amazon, and Other Big Companies
• Hackers Use Malicious OAuth Apps to Steal Microsoft 365 Credentials
• Here’s How Researchers Bypassed Windows Hello Fingerprint Authentication on Dell, Lenovo, and Surface Laptops
• Hiding the User Name for a Locked Computer in Windows Vista/2008
• How can I disable the User Account Control (UAC) feature on my Windows Vista computer?
• How can I gain access to a Windows 7 or XP computer if I forgot the administrator’s password? How can I reset the administrator’s password if I forgot it?
• How can I tell if the virus warning I’ve just received through e-mail is real or not?
• How Does eDiscovery Work Within Microsoft 365?
• How does EFS Work?
• How FIDO2 Passwordless Logins Work in Hybrid Azure AD Environments
• How Microsoft Defender for Office 365 Protects Organizations Against QR Code Phishing Attacks
• How Microsoft’s Secure Future Initiative Leverages AI to Transform Software Development
• How Secure is Video Conferencing App Zoom?
• How To Change User Password With PowerShell
• How to Check for Missing Updates in Windows Server 2012 R2 and Windows 8.1
• How to Connect to a Windows 8.1 or Server 2012 R2 Remote Desktop Using Restricted Admin Mode
• How to Create a Compliance Policy in Microsoft Intune
• How to Create Conditional Access Policies using PowerShell
• How to Customize Endpoint Security Settings in Microsoft Intune
• How to Deploy Zero Trust Identity Security
• How to Enable Windows 11 Config Lock on Secured-Core PCs
• How to Enable Windows Hello for Business
• How to Find and Remove Lenovo Superfish Adware
• How to Host Multiple SSL Sites on a Server with One IP Address and Port
• How to Install and Configure Microsoft LAPS
• How to Install the New Microsoft Defender for Endpoint Agent on Windows Server 2012 R2 and 2016
• How to Join Windows 10 to Microsoft Entra ID
• How to Limit Targeted Ad Tracking in iOS 6
• How to Manage Local Administrators and Groups with Intune
• How to Migrate Group Policy Windows Firewall Rules to Intune
• How to Open or Close Windows Firewall Ports to Apps on Windows 8.1
• How to Post to Newsgroups Without Getting spammed?
• How to Protect Windows Devices with Microsoft Defender for Endpoint
• How to Register Windows 10 with Azure Active Directory
• How to Secure Sensitive Data in Microsoft 365
• How To Set Up Two-Factor Authentication for a Microsoft Account
• How to Set Up Windows Hello for Business
• How to Use Acme.sh to Provision LetsEncrypt SSL Certificates
• How to Use Adaptive Scopes for Retention Within Microsoft 365
• How to Wipe an iPhone or iPad
• HP Confirms New Remote Code Execution Vulnerability Affects Several Printer Models
• HP Teaming with 3M to Combat “Visual Hacking”
• Huge Change to Patch Tuesday — IT Admins are Revolting [updated]
• Hybrid Cloud Security Risks

I

• Identify Malicious Phishing Attacks with Outlook Conditional Formatting
• Identity Management with Forefront Identity Manager 2010
• Ignite 2023: Microsoft Introduces New Unified Security Operations Platform, Security Copilot Features
• Improve Windows Enterprise Application Deployment Reliability and Security using MSIX
• In Review: Microsoft’s First Cybersecurity Summit
• Inspire 2022: Microsoft Launches Cloud for Sovereignty to Protect Government Customers
• Install Windows Server 2003 CA
• Installing Microsoft Anti-Malware in Azure VMs
• Intel Releases Microcode Update for CPUs Affected by Zombieload v2
• Intel’s Latest 10th-Gen vPro CPUs Get Mandatory Hardware Shield
• Intel’s Spectre Variant 4 Microcode Update Off by Default
• Introduction to Azure Active Directory Auditing
• Introduction to Windows Hello for Business
• Introduction to Windows Information Protection
• Is Your Company Safe? Microsoft Just Took Down Lumma Malware Targeting 400,000 PCs

J

• Juniper Finds Backdoor Exposing Encrypted VPN Traffic

L

• Lapsus$ Hackers Claim to Leak Source Code of Microsoft Azure, Cortana, and Bing
• LastPass Confirms Hackers Stole Personal Data and Encrypted Password Vaults
• LastPass Confirms Internal Source Code Compromised in Security Breach
• Lazarus APT Abuses Vulnerable Dell Drivers to Bypass Windows Security
• Lazarus Group Exploits Windows Zero-Day Flaw in Rootkit Attacks
• Lenovo Announces New Microsoft Pluton-Powered ThinkPads with AMD Ryzen 6000 CPUs
• LinkedIn Gets Free Profile Verification Features to Prove Identity and Employment
• Log4j Saga Continues: Lazarus Hackers Exploit 2-Year-Old Flaw to Deploy New RAT Malware
• LogoFAIL Attack Exploits UEFI Logos, Posing Risks to Enterprise and Consumer Devices
• Logpoint’s Converged SIEM Platform Adds New Case Management Interface and Other New Features
• LSA Protected Mode Troubleshooting Tips for Windows Server 2012 R2 and Windows 8.1

M

• Major GitHub Supply Chain Attack Exposes CI/CD Secrets in Over 23,000 Projects
• Majority of Businesses Unprepared for AI-Powered Cyberattacks, Cisco Warns
• Managing Macro Security in Office 2016
• Mandiant Warns Hackers Now Use New Trick to Bypass MFA
• Memory-Based Attacks are on the Rise
• Merge Your Skype Name with a Microsoft Account
• Microsoft 365 Business Premium Customers Gain Access to E5 Security Add-On for Advanced Cyber Protection
• Microsoft 365 Defender Adds New URL Page to Block Phishing Attacks
• Microsoft 365 Defender Adds Real-Time Custom Detections Support in Preview
• Microsoft 365 Defender Gets Multi-Tenant Support in Public Preview
• Microsoft 365 Defender Introduces New Identity Protection Alerts
• Microsoft 365 Defender Now Supports Automatic Disruption of Business Email Compromise Attacks
• Microsoft 365 Defender Now Supports Threat-Informed Security Posture Recommendations
• Microsoft 365’s Next Security Target is the Malicious Insider
• Microsoft Acknowledges “AutoWarp” Critical Security Vulnerability Affecting Azure Automation Service
• Microsoft Acquires Foreign Cyber Threat Analysis Company Miburo
• Microsoft Adds New Tools to Enhance Security Exposure Management for Commercial Customers
• Microsoft Adopts Weather-Themed Threat Actor Naming Taxonomy
• Microsoft AI Researchers Accidentally Leaked 38TB of Sensitive Data
• Microsoft and OpenAI Adopt AI-Driven Strategy to Counter Nation-State Cyber Threats
• Microsoft and Samsung Unveil New Mobile Device Attestation Solution for Businesses
• Microsoft Announces Defender for Business Standalone Solution for Small Businesses
• Microsoft Announces New Approach to Security
• Microsoft Announces New Project VAST Security Visualization Tool
• Microsoft Announces New Secure Future Initiative to Counter Evolving Cyberthreats
• Microsoft Announces New Security and Identity Management Solutions
• Microsoft Announces Public Preview of Azure AD Multi-Stage Access Reviews
• Microsoft Authenticator Adds Device-Bound Passkey Support, FIPS Compliance
• Microsoft Authenticator Gets Number Matching and Additional Context Support
• Microsoft Authenticator Now Lets Users Generate Strong Passwords
• Microsoft Authenticator to Drop Password Autofill as it Shifts Toward a Passwordless Future
• Microsoft Authenticator to Enable Number Matching Security Feature by Default in February 2023
• Microsoft Authenticator to End Support for the Apple Watch in January 2023
• Microsoft Azure Firewall Adds New Upgrade/Downgrade Experience
• Microsoft Azure Flaw Could Let Hackers Control Bing Search and Office 365 Data
• Microsoft Baseline Security Analyzer v1.2.1
• Microsoft Brings Passwordless Sign-In to Consumer Accounts
• Microsoft Brings Windows Defender Protections to Chrome
• Microsoft Confirms Chinese State-Backed Atlassian Confluence Attacks
• Microsoft Confirms Customer Data Breach Caused by Misconfigured Server
• Microsoft Confirms Lapsus$ Hacker Group Gained “Limited Access” to Its Source Code
• Microsoft Copilot for Security Launches with Flexible Pricing Model
• Microsoft Copilot for Security to Launch on April 1 with New Capabilities
• Microsoft Cracks Down on Websites Generating Millions in Fraudulent Accounts
• Microsoft Data Loss Prevention Gets New Data Security Controls
• Microsoft Defender 365 Gets New Threat Intelligence Capabilities
• Microsoft Defender App Launches in Preview on Windows and Android
• Microsoft Defender ATP Adds UEFI Scanner to Detect Firmware-Level Attacks
• Microsoft Defender ATP Arrives for Android
• Microsoft Defender Boosts Threat Intelligence with File Hash and URL Search Capabilities
• Microsoft Defender Can Now Block Malicious Drivers on Windows PCs
• Microsoft Defender Exclusions List Can Be Read by Attackers in Windows 10
• Microsoft Defender Experts for Hunting Lets Businesses Proactively Hunt Security Threats
• Microsoft Defender for APIs is Now Generally Available
• Microsoft Defender for APIs Now Available in Preview
• Microsoft Defender for Business Adds Server Protections for SMBs
• Microsoft Defender for Business Brings Enterprise-Grade Endpoint Security to SMEs
• Microsoft Defender for Business Gets Protections for Windows and Linux Servers
• Microsoft Defender for Business is Coming to Business Premium Next Month
• Microsoft Defender for Cloud Adds New Features to Boost Multi-Cloud Data Protection
• Microsoft Defender for Cloud Adds New Security Features to Block Threats
• Microsoft Defender for Cloud Adds Support for Google Cloud Platform
• Microsoft Defender for Cloud Apps to Get App Governance Add-On in June
• Microsoft Defender for Cloud Gets New Agentless Malware Scanning Capabilities for VMs
• Microsoft Defender for Cloud Now Offers Real-Time Threat Protection for AI Workloads
• Microsoft Defender for Cloud Simplifies Onboarding with New Terraform Module
• Microsoft Defender for Cosmos DB is Now Available in Public Preview
• Microsoft Defender for Endpoint – Important Service and Endpoint Settings You Should Configure Right Now
• Microsoft Defender for Endpoint Adds Device Isolation Support for Linux Machines
• Microsoft Defender for Endpoint Adds Network and Web Protection on macOS and Linux
• Microsoft Defender for Endpoint Adds Network Protection on iOS and Android
• Microsoft Defender for Endpoint Adds New Monthly Security Summary Report
• Microsoft Defender for Endpoint Adds Tamper Protection on macOS
• Microsoft Defender for Endpoint Can Now Discover Internet-Facing Devices
• Microsoft Defender for Endpoint Gets Device Tagging Support for iOS and Android
• Microsoft Defender for Endpoint Gets Streamlined Device Connectivity Experience
• Microsoft Defender for Endpoint Gets Vulnerability Management Support on Android and iOS
• Microsoft Defender for Endpoint Now Detects Network Threats on Android and iOS Devices
• Microsoft Defender for Endpoint Rolls Out Zero-Touch Onboarding Support to iOS Devices
• Microsoft Defender for Identity Can Now Detect Insecure Domain Configurations
• Microsoft Defender for Identity Gets Action Accounts Support
• Microsoft Defender for Individuals Gets New Identity Theft Monitoring Capabilities
• Microsoft Defender for Individuals is Now Available on Desktop and Mobile
• Microsoft Defender for IoT Gets Cloud-Powered Security Features to Protect Enterprise Networks
• Microsoft Defender for IoT Gets New Firmware Analysis Capabilities
• Microsoft Defender for IoT Protects Unmanaged Enterprise IoT Devices
• Microsoft Defender for IoT Switches to New Site-Based Licensing Model
• Microsoft Defender for Office 365 Adds AI-Powered Threat Classification to Boost Email Security
• Microsoft Defender for Office 365 Automated Investigation and response (AIR) Now Blocks Threats Automatically
• Microsoft Defender for Office 365 Enhances Email Security to Block Spoofing Attempts
• Microsoft Defender for Office 365 Gets a Streamlined Submissions Experience
• Microsoft Defender for Office 365 ICES Vendor Ecosystem Boosts Email Security
• Microsoft Defender for Office 365 to Get Advanced Threat Protection for Priority Accounts
• Microsoft Defender for Office 365 to Get Preset Security Policy Improvements In June
• Microsoft Defender for Storage to Add Malware Scanning Support in September
• Microsoft Defender Gets New Security Tools Powered By RiskIQ’s Threat Intelligence
• Microsoft Defender Portal Adds Unified Security Summary to Simplify Cybersecurity Reporting
• Microsoft Defender Tamper Protection Now Generally Available
• Microsoft Defender to Block Credential Theft By Default on Windows PCs
• Microsoft Defender Vulnerability Management Adds New CVE Reporting Feature
• Microsoft Defender Vulnerability Management Adds New Premium Capabilities to Uncover Security Risks
• Microsoft Defender Vulnerability Management Gets Firmware Security Advisories
• Microsoft Defender Vulnerability Management Gets New Tool to Target Vulnerable Software Components
• Microsoft Defender Vulnerability Management Now Detects OpenSSL 3.0 Vulnerabilities
• Microsoft Defender Vulnerability Management Now Supports Firmware Assessments
• Microsoft Defender XDR Boosts Security with New AI Attack Disruption Capabilities
• Microsoft Defender XDR Gets New AI Features to Enhance SOC Operations
• Microsoft Defender XDR Now Lets IT Admins Get Email Notifications for Response Actions
• Microsoft Defender XDR Now Offers Security Settings Management for Multi-Tenant Environments
• Microsoft Details Evolution of Sophisticated UpdateAgent Mac Malware
• Microsoft Detects 254% Spike in XorDDoS Attacks on Linux Servers
• Microsoft Detects Raspberry Robin Windows Worm in Hundreds of Enterprise Networks
• Microsoft Disables MSIX Protocol Handler to Protect Windows Users from Malware
• Microsoft Discloses New ‘Migraine’ Flaw That Bypasses Built-In Protections on macOS
• Microsoft Discovers Massive Malvertising Campaign Infecting Over 1 Million Devices
• Microsoft Discovers Security Vulnerabilities in OpenVPN – What You Need to Know
• Microsoft DSC Environment Analyzer Creates Compliance Reports for Power BI
• Microsoft Edge Tests New Security Feature to Mitigate “Unforeseen” Zero-Day Exploits
• Microsoft EMS Components: Advanced Threat Analytics
• Microsoft EMS Components: Azure Rights Management
• Microsoft Entra Boosts Security New Tools and Capabilities to Thwart Cyberattacks
• Microsoft Entra Gets New Identity and Access Management Solutions
• Microsoft Entra ID Governance Service is Now Generally Available
• Microsoft Entra Introduces New Identity and Access Management Capabilities
• Microsoft Entra Workload Identities Service is Now Generally Available
• Microsoft Exchange Servers Hit By Stealthy IIS Backdoors
• Microsoft Exchange Vulnerabilities: Zero-Days Pave Way for Remote Code Execution
• Microsoft Expands Free Access to Cloud Security Logs Following Exchange Hacks
• Microsoft Expands Protection: Enterprise IoT Security Now Part of Microsoft 365 E5 and E5 Security Plans
• Microsoft Expands Secure Future Initiative to Counter Rising Cyber Threats
• Microsoft Expands Security Copilot with New AI Agentic Capabilities
• Microsoft Explains How Chinese Hackers Breached US Government Email Accounts
• Microsoft extends anti-malware protection for Windows XP
• Microsoft Finds New Prestige Ransomware Targeting Polish and Ukrainian Businesses
• Microsoft Firewall and Network Security Survey
• Microsoft Has a New Password Manager for Consumer and Enterprise Customers
• Microsoft Highlights Important Security Topics in National Cybersecurity Awareness Month
• Microsoft Highlights Surge in Cyberattacks Targeting Educational Institutions
• Microsoft Illustrates the Breadth and Depth of the SolarWinds Hack
• Microsoft Incident Response Retainer Service is Now Generally Available
• Microsoft Introduces Enhanced File Integrity Monitoring with Defender for Endpoint
• Microsoft Introduces File Attachment Support in Case Management to Streamline Threat Investigations
• Microsoft Introduces New Sentinel SOC Optimization Feature for Enhanced Cybersecurity
• Microsoft Introduces Trusted Signing Solution: Simplifying App Development for Developers
• Microsoft Issues Security Advisory for Zero-Day in Adobe Type Manager Library
• Microsoft Issues Warning About Multi-Phase Phishing Attacks Targeted At Azure AD
• Microsoft Issues Zero-Day Advisory for Internet Explorer
• Microsoft Launches Auto-Remediation for Email Threats in Defender for Office 365
• Microsoft Launches New Endpoint Security Solution for Small Businesses
• Microsoft Launches New Security Exposure Management Tool to Enhance Organizational Resilience
• Microsoft Launches the Security Compliance Toolkit 1.0
• Microsoft Looks To Bolster Advanced Threat Detection Services With Hexadite Acquisition
• Microsoft Loses Over Two Weeks of Security Logs for Cloud Services: Implications for Enterprise Customers
• Microsoft Office Apps to Block All Downloaded VBA Macros By Default
• Microsoft Outlines OneDrive for Business Data at Rest Encryption, OneDrive Support Coming Soon
• Microsoft Partners With Red Button to Enhance Azure DDoS Protection
• Microsoft Partners with Rubrik to Enhance Incident Response with Generative AI
• Microsoft Patches Critical XSS Flaws in Azure HDInsight Analytics Service
• Microsoft Patches Five Critical Security Flaws in Azure Defender for IoT
• Microsoft Power Pages Misconfigurations Expose Millions of Sensitive Records
• Microsoft Priva Adds New Tools to Bolster Privacy Management
• Microsoft Promotes Brad Smith to Company President
• Microsoft Provides Guidance to Detect and Block BlackLotus Campaigns
• Microsoft Provides More Details About ‘Midnight Blizzard’ Attacks
• Microsoft Publishes Advisory About New Spring4Shell Cyberattacks
• Microsoft Purview Adds Adaptive Protection to Dynamically Mitigate Risks
• Microsoft Purview and Defender for Cloud Add New Security Features to Protect AI Applications
• Microsoft Purview Audit Extends Default Retention Period for Activity Logs
• Microsoft Purview Gets OCR Support and Other New Data Loss Prevention Capabilities
• Microsoft Quietly Moved Font Parsing to AppContainer in the Anniversary Update
• Microsoft ratchets up its cloud security credibility by acquiring Adallom
• Microsoft re-signs agreement with NATO to share data to thwart cyber threats
• Microsoft Reinforces Cybersecurity Commitment in Latest Secure Future Initiative Report
• Microsoft Releases First Secure Future Initiative Report, Showcasing Key Security Enhancements
• Microsoft Releases Internal Security Tool ‘PyRIT’ to Protect Generative AI Systems
• Microsoft Releases Machine-Learning Backed Password Spray Attack Detection
• Microsoft Releases New File Integrity Monitoring Tool Integrated with Defender for Endpoint
• Microsoft Releases New Phishing Prevention Tools to Block Credential Theft
• Microsoft Releases Patches to Address Azure FabricScape Flaw Affecting Linux Workloads
• Microsoft Releases Security Copilot Agents Preview for Real-Time Threat Response
• Microsoft Releases Updates to Patch Critical Outlook NTLM Vulnerability
• Microsoft Removes Standalone Security Update Causing Issues on Some PCs
• Microsoft Renames Data Governance and Compliance Products to “Microsoft Purview”
• Microsoft Reports Nearly 400 U.S. Healthcare Facilities Targeted by Ransomware Attacks
• Microsoft Reports on how Azure AD Protects Users Against DDoS Attacks
• Microsoft Restricts Excel 4.0 Macros by Default to Protect Users from Malware
• Microsoft Retires Windows Information Protection in Favor of New Purview Service
• Microsoft Says It Would Obey Encryption Laws
• Microsoft Says Solorigate Let Attackers View, but not Modify, Source Code
• Microsoft SecOps Gets Multiple Workspace and Tenant Support in Public Preview
• Microsoft Security Bulletins
• Microsoft Security Risk Detection is Ready for Customers
• Microsoft Sentinel Gets Continuous Threat Monitoring Support for GitHub
• Microsoft Sentinel Gets New Workspace Manager and Hunts Feature
• Microsoft Sentinel Launches New Log4j Vulnerability Solution In Public Preview
• Microsoft Sentinel Now Integrates with 1Password for Streamlined Security Management
• Microsoft Sentinel Now Lets IT Admins Detect Low and Slow Password Spray Attacks
• Microsoft SIEM + XDR Gets New Unified Device Timeline Experience
• Microsoft Sunsets Defender Application Guard for Office: Here’s What You Need to Know
• Microsoft Sysmon 14.0 Brings New Security Feature to Block Malware
• Microsoft to Automatically Encrypt Bing Search Traffic
• Microsoft to Combat Advanced Persistent Threats
• Microsoft to Drop Support for 1024-bit Windows RSA Keys
• Microsoft to Fix Zero-Day Windows Flaw That Was Outed by Google
• Microsoft to Remove Some Chinese Certificate Authorities from Windows 10
• Microsoft to Reportedly Acquire Mandiant to Bolster Security Products
• Microsoft to Warn Users of Governmental Hacks
• Microsoft Unveils Interflow Security Information Exchange Platform
• Microsoft Unveils New Edge Secured-Core IoT Devices to Block Firmware Attacks
• Microsoft Warns About New Consent-Phishing Attacks Used to Steal Data
• Microsoft Warns About New Destructive ‘Mercury’ Attacks on Hybrid Environments
• Microsoft Warns About New Large-Scale Phishing Campaign Bypassing MFA
• Microsoft Warns About New MFA Bypass Tool Used in AiTM Phishing Campaigns
• Microsoft Warns Attackers Now Leveraging Raspberry Robin to Distribute Clop Ransomware
• Microsoft Warns Chinese Volt Typhoon Hacking Group Infects Critical US Infrastructure
• Microsoft Warns IT Admins to Block Shared Key Access in Azure Storage Accounts
• Microsoft Warns of New XCSSET macOS Malware Variant with Advanced Stealth Tactics
• Microsoft Warns that Business Email Compromise Attacks Can Hijack Accounts in Hours
• Microsoft Windows 10 vs. EFF Privacy Voice — Fight!
• Microsoft Windows UEFI Secure Boot — Insecure by Design?
• Microsoft Zero Trust Solutions Help Drive 50% Lower Chance of Data Breach, Says New Research Study
• Microsoft, Google, and Apple to Expand Passwordless Login Across All Major Platforms
• Microsoft: Octo Tempest Group Exploits Social Engineering Tactics to Target Organizations
• Microsoft’s Advanced Threat Protection Adds Support for Android, iOS, and Linux
• Microsoft’s Entra Connect Servers Get New Defender for Identity Sensor to Combat Cyber Threats
• Microsoft’s Entra Permissions Management Solution Goes Out of Preview
• Microsoft’s Extending its Security Graph to MacOS, Adding More Services to ATP
• Microsoft’s New MDTI Premium Data Connector for Sentinel Boosts Threat Detection Capabilities
• Microsoft’s New Security Copilot Tool Uses GPT-4 to Quickly Respond to Threats
• Microsoft’s New Security Experts Service Protects Businesses Against Ransomware Attacks
• Microsoft’s Next Windows 10 Security Feature Looks to Be Exploit Guard
• Microsoft’s Quick Assist App Targeted in New Wave of Tech Support Scams
• Microsoft’s Sentinel Security Tool Aims to Bring Intelligent Security Analytics To Your Data
• Microsoft’s Windows Hello Takes Another Step Towards a Password-Less Future
• Microsoft’s Brad Smith: Encryption is Key, ‘The path to hell starts at the backdoor’
• Microsoft’s Cloud in Brexit Britain — New Azure and Office 365 DCs for UK
• Microsoft’s Corporate Email Accounts Breached in Russian Espionage Attacks – What You Need to Know
• Microsoft’s Passwordless Security Push to Affect Over 1 Billion Users
• Microsoft’s Unified Security Operations Platform Delivers Comprehensive End-to-End Protection
• Millions of Android Devices Infected by Malicious Apps
• Mitigating Identity-Related Risks With Windows Hello for Business and Seamless Single Sign-On (SSO)
• Monitor Windows Server Security Using Azure Sentinel Part 1 – Set Up a Workspace and Data Connector
• Monitoring Windows Event Logs for Security Breaches
• More about Public Key Infrastructure (PKI)

N

• New CompTIA Security+ Training Course Released by Train Signal
• New EFS Features in Windows XP
• New Microsoft 365 Defender Feature Automatically Blocks Adversary-in-the-Middle Campaigns
• New Microsoft Defender Bounty Program Offers up to 20K Rewards
• New Override Alerts for Office 365 Create an Additional Safety Net
• New Phemedrone Malware Exploits Windows Defender SmartScreen Flaw to Steal Sensitive Data
• New Phishing Campaign Leverages Malicious Linux VM to Infect Windows Devices
• New Report Says Hackers Exploiting Spring4Shell Flaw to Spread Mirai Malware
• New ZeroFont Phishing Technique Lets Hackers Show Fake AV Scans in Outlook Emails
• Newly Discovered Emotet Campaign Spreads Malware Through PowerShell Commands
• No Back Doors: Microsoft Opens Windows Source Code to EU Governments
• Norton 360 Antivirus Suite Adds Optional Crypto Mining

O

• Obtain a Digital Certificate from an Online Certificate Authority (CA)
• Office 365 Secure Score Analyzes Tenant Security
• Okta Claims Only 2.5% Customers Were Impacted by Lapsus$ Group Hack

P

• Patch Microsoft Exchange Servers Now to Stop LockFile Ransomware
• Patch Tuesday — April 2018
• Patch Tuesday — July 2018
• Patch Tuesday — June 2018
• Patch Tuesday — May 2018
• Patch Tuesday – April 2020
• Patch Tuesday – December 2019
• Patch Tuesday – December 2020
• Patch Tuesday – February 2020
• Patch Tuesday – February 2021
• Patch Tuesday – January 2020
• Patch Tuesday – January 2021
• Patch Tuesday – July 2021
• Patch Tuesday – June 2019
• Patch Tuesday – March 2020
• Patch Tuesday – March 2021
• Patch Tuesday – March 2022
• Patch Tuesday – May 2019
• Patch Tuesday – November 2020
• Patch Tuesday – October 2019
• Patch Tuesday August 2018
• Patch Tuesday August 2019
• Patch Tuesday August 2020
• Patch Tuesday August 2021 – Microsoft Bolsters PrintNightmare and PetitPotam Protections
• Patch Tuesday December 2018
• Patch Tuesday December 2021 – Apache Log4j Panic and Microsoft Plugs Windows AppX Installer Zero Day
• Patch Tuesday January 2018
• Patch Tuesday January 2019
• Patch Tuesday July 2019
• Patch Tuesday November 2018
• Patch Tuesday November 2019
• Patch Tuesday November 2021 – Microsoft Patches Windows RDP Zero-Day and Exchange RCE
• Patch Tuesday October 2018
• Patch Tuesday October 2021 – Microsoft Fixes Windows Kernel Zero-Day and Critical Bug in Exchange Server
• Patch Tuesday September 2018
• Patch Tuesday September 2019
• Patch Tuesday September 2021 – Microsoft fixes MSHTML Zero-Day and Apple Blocks NSO Group Surveillance Spyware
• Patch Tuesday: Microsoft Fixes Vulnerabilities in Windows, Office, Internet Explorer, and Server Tools
• Paul Thurrott’s Short Takes: April 20
• Paul Thurrott’s Short Takes: December 1
• Paul Thurrott’s Short Takes: December 15
• Paul Thurrott’s Short Takes: December 29
• Paul Thurrott’s Short Takes: February 20, 2015
• Paul Thurrott’s Short Takes: February 23
• Paul Thurrott’s Short Takes: February 8
• Paul Thurrott’s Short Takes: January 11
• Paul Thurrott’s Short Takes: January 12
• Paul Thurrott’s Short Takes: January 5
• Paul Thurrott’s Short Takes: June 5, 2015
• Paul Thurrott’s Short Takes: June 9
• Paul Thurrott’s Short Takes: March 13
• Paul Thurrott’s Short Takes: March 16
• Paul Thurrott’s Short Takes: March 17
• Paul Thurrott’s Short Takes: March 6, 2015
• Paul Thurrott’s Short Takes: March 8
• Paul Thurrott’s Short Takes: May 26
• Pearson VUE’s Credential Management System Has Been Compromised
• Performing a Remote Device Wipe with Exchange
• Petri Dish: Cybersecurity vs IT Security with Devolutions
• PowerShell Remoting Basics
• Protect iOS and Android Devices with Microsoft Defender for Endpoint
• Protect Windows Server Using the Security Configuration Wizard Part 2: Applying and Rolling Back Policies and Advanced Features
• PSA: Microsoft to Disable Older TLS Protocols in Windows
• PyTorch Discloses Internal Dependency Compromised with Malicious Code

Q

• Qbot Malware Operators Exploit Windows MSDT Zero-Day Flaw to Infect PCs
• QNAP Confirms New Critical Flaws Affecting Some Network-Attached Storage Devices
• QNAP NAS Devices Being Targeted by Qlocker Ransomware Again
• QNAP Releases Patch to Fix PHP Security Flaw Affecting Select NAS Devices
• QNAP to Fix Critical OpenSSL Bug Impacting NAS Devices
• QNAP Warns Against ‘Dirty Pipe’ Linux Flaw That Affects Several NAS Devices
• QNAP Warns NAS Users About New DeadBolt Ransomware Campaign
• Quickly Check EFS Attributes
• Quickly Check Which User Encrypted a File

R

• Ransomware Is Indiscriminate — Secure Your Systems Now
• RDP Server Security Enhanced by Bullwall’s New Solution Against Ransomware Attacks
• Recover Protected Office Documents
• Reducing Help Desk Calls With The Specops Password Reset Tool By Daniel Petri
• Report Says Microsoft Is Certifying Insecure Drivers
• Report Uncovers Decades-Long US Hacking Effort
• Report: New Phishing Campaign Targets Calendly Users to Steal Credentials
• Report: Stolen Microsoft Key Gave Chinese Hackers Widespread Access to Cloud Services
• Researchers Disclose PowerShell Gallery Design Flaws Vulnerable to Supply Chain Attacks
• Researchers Discover Leaked Nvidia Code-Signing Certificates Used to Spread Malware
• Researchers Discover New Symbiote Linux Malware Targeting Financial Institutions
• Researchers Distribute Malware Via iOS Power Charger
• Researchers Find New ESXiArgs Ransomware Variant that Makes Data Recovery Nearly Impossible
• Researchers Uncover New LockBit Ransomware Created to Encrypt Files on macOS
• Researchers Warn About New Shikitega Malware Targeting Linux Endpoints and IoT Devices
• Rising AI Workloads Expose Cracks in Hybrid Cloud Security — Here’s What You Need to Know
• Rising Cyber Threats Fuel 12.2% Growth in Global Cybersecurity Spending
• Roboform –  Automated Password Manager & Form Filler
• RSA 2013: 10 Security Companies to Watch
• RSA Conference 2014 Survival Guide
• RSA Conference 2014: 10 Security Companies to Watch
• RSA Conference 2014: 8 Top Computer Security Trends
• RSA: Top 7 IT Security Trends for 2013
• RSAC 2014: Interview with Barracuda Networks CEO William “BJ” Jenkins
• Russian Hackers Exploit Critical Windows Vulnerability to Deploy ‘GooseEgg’ Malware
• Russian Hackers Exploit Outlook Flaw to Breach Exchange Accounts
• Russian Hackers Use Device Code Phishing to Hijack Microsoft 365 Accounts
• Russian Hackers Used Microsoft Teams to Target Government Agencies
• Russian State-Sponsored Hackers Stole Microsoft Source Code

S

• SCARY: “Atom Bomb” Windows Security Hole said to be Unfixable
• Secure Azure AD Using Identity Protection
• Secure IPSec Policy Agent
• Securing Azure Virtual Desktop with Microsoft Entra ID Conditional Access
• Securing Enterprise Devices: Embracing Zero Trust Security
• Securing IoT with Azure Sphere
• Security Essentials – Intro to Shares
• Security Expert Claims He Hacked Airplanes While in Flight
• Security Hardening Techniques for Windows Server 2008 R2
• Security Researchers Discover New Windows Search Protocol Vulnerability
• Self-Encrypting SSDs Vulnerable to Attack, Microsoft Warns
• SharePoint Podcast #330 — Number 4 Will Shock You
• SharePoint Podcast Episode #320: The Ransomware Christmas Special
• SharePoint Podcast Episode #327 — Daily Grind of the Common Man
• SharePoint Podcast Episode #329 — Well-Known and Irritating to One and All
• Shavlik HFNetChk Pro/LT
• Should You Use RDP Restricted Admin Mode?
• Silver SAML: Active Directory Attack Technique Explained
• SIM Card Maker Acknowledges NSA, GCHQ Intrusion
• Slack Releases Fix for Critical Bug That Exposed Hashed Passwords for Years
• Solve RDP Error ‘CredSSP Encryption Oracle Remediation’
• SonicWall Releases Patches for Critical Y2K22 Bug Affecting Email Security Products
• Sophos Fixes Critical Remote Code Execution Flaw in Firewall Products
• Sponsored: Automated Permissions Management: Turn a Mountain into a Molehill
• Sponsored: Best Practices for Securing Remote Desktop Connections
• Sponsored: Choosing an Effective AD Auditing and Reporting Tool
• Sponsored: Not Paying the Ransom(ware)
• Sponsored: Protecting your Domain and Users from Phishing Attacks
• Sponsored: Securing Windows Containers with Hyper-V
• State-Sponsored Hackers Exploit Unpatched Windows Zero-Day Vulnerability
• Stop MFA Fatigue with Additional Context and Number Matching for Microsoft Authenticator
• StorSimple Available — Priced for Small and Medium Enterprises
• Streamlining SaaS Governance: How Nudge Security Simplifies Compliance and Security Management for Cloud Apps
• SubInACL: Download and Deployment
• SubInACL: Setting Permissions
• Superfish Drama Winds Down, But the Damage is Done

T

• TCP Fast Open — Disabled in Microsoft Edge
• Test Microsoft Security Patches Early on the Security Update Validation Program
• The Anatomy of a Privilege Escalation Attack
• The Dirty Truth About IT Offboarding Automation
• The Importance of Web Application Scanning
• The State of Windows Server Security
• The Ultimate Guide to Web Application Firewalls (WAF)
• This Week in IT – Linux Gets Its Pipes Dirty
• Thwarting Phishing Attacks with Predictive Analytics and Machine Learning in 2024
• TLStorm 2.0 Exploits Expose Millions of Aruba and Avaya Network Switches to RCE Attacks

U

• U.S. Agencies Sound Alarm on Rising Ransomware Attacks by Iranian Fox Kitten Group
• U.S./China Cyber Security Agreement to Fall Short of Original Goals
• Understanding and Exploring Continuous Access Evaluation for Azure Active Directory
• Understanding How Azure Sentinel and Entity Behavior Analytics Deliver Actionable Intelligence
• Understanding How Business IT Is Being Attacked
• Understanding Microsoft Defender and its Many Layers
• Understanding Microsoft Defender for Endpoint and How It Protects Your Data
• Understanding the new Granular Permissions for App Access to Teams data
• Unified Threat Management and the WatchGuard XTM Firewall
• Untrusted Certificate Source
• US Government Imposes Ban on Kaspersky Antivirus Software Over Russian Espionage Risks
• Use a Local Administrator Account for Remote Administration
• Use Group Policy to Stop Users from Linking Microsoft Accounts to Local or Domain Logins in Windows 8
• Use the Update Compliance in Operations Management Suite to Monitor Windows Updates
• User Account Control: Standard User versus Protected Administrator Accounts
• Using Microsoft 365 Defender Threat Analytics to Improve Security
• Using Microsoft Sentinel to Automate and Reduce Security Alerts
• Using the Microsoft Security Compliance Manager Tool
• Using the Windows Server 2012 Security Configuration and Analysis Tool
• Using the Windows Server Security Configuration Wizard Part 1: Evaluating Risk and Creating a New Security Policy

V

• Validate the Integrity of Installation Media
• Video: Social Engineering for Your Enterprise
• VMware Releases Emergency Fix for “Spring4Shell” Vulnerability in Spring Framework
• VMware Releases Patches to Fix Critical Remote Code Execution Exploit in Workspace ONE Access
• VMware Releases Updates to Address Critical Authentication Bypass Flaw
• Volkswagen Used Software to Cheat on Emissions

W

• W3LL Phishing Group Breaches Thousands of Microsoft 365 Corporate Accounts
• Walkthrough for BitLocker on Windows 7
• Webinar – ObserveIT Xpress and Windows Server 2008 R2 Remote Desktop Services
• Webinar: Learn How to Keep Critical Web Apps Online and Sensitive Data Secure
• What are IPSEC Policies?
• What Are the Different Windows Logon Types?
• What Exactly Is Microsoft Endpoint Manager?
• What is a Public Key Infrastructure (PKI & Windows PKI)?
• What is a Software-Defined Perimeter?
• What Is Antimalware Scan Interface (AMSI) in Windows 10?
• What Is Azure Policy?
• What Is Microsoft Advanced Threat Analytics?
• What is Microsoft Defender for Cloud?
• What Is Microsoft Entra ID Conditional Access? (And How To Use It)
• What is Microsoft Sentinel and How Does It Protect Cloud and On-Premises Resources? 
• What Is Multifactor Authentication and How Does It Work?
• What is Rugged DevOps?
• What is Single Sign-On (SSO): Everything You Need to Know
• What is Windows 10 Device Guard?
• What Is Windows 11 Administrator Protection? Microsoft Boosts Admin Security
• What is Windows Auditing?
• What You Need to Know About Cloud Backup and Disaster Recovery
• What You Need to Know About the EU General Data Protection Regulation
• What’s a Trojan Horse?
• What’s System File Checker?
• What’s the Password Reset Disk in Windows XP?
• What’s Windows File Protection?
• Why You Need to Create an Incident Response Plan
• Why You Should Restrict Access to Office 365 Using Microsoft Conditional Access Policies
• Why You Shouldn’t Disable the Firewall in Windows Server
• Windows 10 Device Guard Versus AppLocker
• Windows 10 Protected Event Logging
• Windows 10 Security: Microsoft Passport and Virtual Secure Mode
• Windows 10 Virtualization-Based Security On By Default in Future Updates
• Windows 11 25H2: Enhanced Security Without Kernel Access
• Windows Defender Certified by AV-Test and Outperforms Much of the Competition
• Windows Defender Exploit Guard Replaces EMET in Fall Creators Update
• Windows Defender Gets Put in the Sandbox
• WinRAR Patches Flaw That Lets Attackers Run Malicious Code When Opening RAR Files

Z

• Zero Trust: How Azure Active Directory and Identity Management Enable Cloud Security