Security

QNAP has published an advisory about a new stream of DeadBolt ransomware attacks targetting its network-attached storage (NAS) devices worldwide. The company advises customers to immediately update their devices to the latest versions of QTS or QuTS hero operating systems. The latest DeadBolt ransomware campaign follows the previous attacks reported back in January, March, and…

Microsoft announced yesterday that it has entered into a definitive agreement to acquire Miburo, a New York-based cyber threat analysis company. The Redmond giant plans to leverage Miburo’s expertise in global threat intelligence to help customers counter foreign cyber attacks and state-backed information operations. Miburo was founded in 2012 by cybersecurity expert Clint Watts, who…

Microsoft announced a significant revamp of its Azure Purview data-governance platform. The Redmond giant is rebranding the service as “Microsoft Purview” and also rolling out new Microsoft 365 compliance capabilities to the suite. The new Microsoft Purview suite provides customers with compliance tools that allow them to view all their data assets in one place….

Cybersecurity researchers have found that attackers are exploiting the recently discovered Windows zero-day flaw dubbed “Follina” to infect victims’ computers with Qbot malware. Qbot operators have also teamed up with the Black Basta group to spread ransomware. Qbot, also known as QuakBot QakBot, and Pinkslipbot, was first identified in 2008 as a trojan capable of…

Atlassian has released new security updates to fix a critical flaw affecting its Confluence Server and Data Center products. The vulnerability, tracked as CVE-2022-26134, allows for unauthenticated remote code execution on unpatched servers. The zero-day security flaw was disclosed by security company Volexity last week, and it impacts all supported versions (except those hosted on…

Atlassian has published a security advisory about a new critical flaw impacting its Confluence Server and Data Center products. The company warned IT teams that the security vulnerability could lead to unauthenticated remote code execution (RCE). The security vulnerability, tracked as CVE-2022-26134, was discovered by the cybersecurity company Volexity. Atlassian released an advisory about the…

In today’s Ask the Admin, I’ll look at all the different ways Windows 10 users and devices can authenticate with Azure AD, Active Directory, Microsoft, and the local security manager.

Learn why Microsoft considers PINs safer than passwords, and how to configure a PIN for your Windows 10 device.

Microsoft has acknowledged a new zero-day remote code execution flaw in its Microsoft Support Diagnostic Tool (MSDT). The Microsoft Security Response Center team explained that the security flaw impacts all supported versions of Windows and Windows Server. Microsoft Support Diagnostic Tool (MSDT) is a service in Windows 11/10/8.1/7 and Windows Server. The tool enables the…

Microsoft has unveiled enhancements coming to the Learn platform during its Build 2022 developer conference. The Redmond giant is expanding its Microsoft Learn portfolio with a bunch of new and updated training and certifications for security experts and IT administrators. Microsoft Learn is a free online training platform that provides interactive and hands-on training sessions…