Security

In today’s Ask the Admin, Russell takes a look at using PowerShell to determine the NTFS permissions set on files and folders.

Is your firewall enabled? Discover how to check on the status of your Windows Firewall and enable it in this Ask an Admin.

Microsoft has announced its plans to retire the built-in Windows Information Protection (WIP) feature in its client operating system. The software giant has decided to sunset the data leak prevention capability in favor of its paid subscription service, Microsoft Purview. Windows Information Protection (previously known as enterprise data protection (EDP) is a useful feature that…

Atlassian has disclosed a new critical flaw in its Confluence Server and Data Center products. The company explained in its security advisory that the vulnerability (CVE-2022-26138) lets unauthorized users use hardcoded credentials to get full access to Confluence. According to Atlassian, the flaw exists in its Questions for Confluence app. It is designed to help…

Microsoft is launching today Microsoft Cloud for Sovereignty, a new cloud offering for the government sector. The new cloud solution is meant to help government and public sector customers build, move, and operate sensitive data and workloads in the cloud while supporting the highest security and compliance standards. A sovereign cloud is a cloud infrastructure…

Learn how to reset Windows Server security to default settings.

The US Department of Homeland Security has issued a security advisory about the risks associated with Log4j vulnerabilities. The DHS’ Cyber Safety Review Board (CSRB) warned that the security flaw is expected to affect federal agencies and organizations until at least 2032. For those unfamiliar, Apache Log4j is a popular open-source Java-based logging framework. It…

The internet infrastructure firm Cloudflare has released an advisory about a powerful botnet dubbed Mantis. The botnet was behind the largest-ever HTTPS-based distributed-denial-of-service (DDoS) attack in June 2022 and has targeted around 1,000 customers in the past few weeks. Cloudflare explained that its security team mitigated the record-breaking DDoS attack last month that reached a…

Microsoft has discovered a new massive AiTM phishing campaign that can steal credentials even if the user account is protected with multi-factor authentication (MFA). The company has warned that the threat actors have targeted over 10,000 organizations since September 2021. According to Microsoft researchers, the AiTM campaign involves inserting a proxy server between a target…

Microsoft has announced the general availability of new enterprise IoT security capabilities in its Defender for IoT solution. The company says that these features should help businesses better secure their unmanaged IoT devices connected to enterprise networks. Microsoft Defender for IoT (Formerly known as Azure Defender for IoT) is a security offering that protects enterprise…