Security

This week in IT, Windows 11 increases its market share, Microsoft releases Defender for Business and it pledges to help protect businesses against cyberattacks during the war in Ukraine, and Lenovo releases the first ARM PCs based on Microsoft’s Pluton security platform, and much more! This Week in IT – Windows 11 Surges Forward and…

This week in IT, multifactor authentication lets Cisco users down and the Russians in, Microsoft Teams Connect arrives in preview to make cross-enterprise collaboration easier, Microsoft Azure gets a slight lead in the enterprise cloud space, and Windows Server is getting a new feature to protect against brute force SMB dictionary attacks. About This Week…

Okta, an enterprise identity and access management company, has published an extensive update about the recent cyberattack by the LapsuS$ hacking group. The company confirmed that around 2.5 percent of its customers were affected by this security incident. The investigations revealed that the threat actors managed to gain access to the laptop of a third-party…

HP has acknowledged that its several printer models are vulnerable to a new critical buffer overflow bug that can potentially lead to remote code execution (RCE). This latest security flaw is being tracked under CVE-2022-3942, and it was first discovered by Trend Micro’s Zero Day Initiative team. As noted in a post by Bleeping Computer,…

Last week, the infamous hacker group Lapsus$ claimed that it had breached several Azure DevOps source code repositories. Microsoft is currently investigating claims of this hack, but the source code of Bing, Bing Maps, Cortana, and other internal projects may have been leaked online (via VentureBeat). Over the weekend, the hacker group Lapsus$ posted a…

The US Cybersecurity and Infrastructure Security Agency (CISA) and FBI released an alert about a Russian state-backed activity that allowed hackers to bypass multi-factor authentication (MFA) and exploit a security flaw to compromise networks. The security advisory indicates that the cyberattacks targeting a non-governmental organization (NGO) started back in May 2021. The threat actors leveraged…

German federal cybersecurity agency BSI has warned its citizens against using antivirus products from Russian-based Kaspersky Lab. The security agency has issued a statement today saying that the Kaspersky antivirus software could be exploited in launching cyberattacks amid Russia’s ongoing war in Ukraine. The advisory did not accuse Kaspersky Lab of any specific security violations,…

Last week, security researchers revealed that a hacking group had been involved in using leaked Nvidia code-signing certificates for malware purposes. As reported by Bleeping Computer, two expired certificates are currently being used by threat actors to gain remote access and install malicious drivers on targeted Windows machines. For those unfamiliar, Windows requires that all…

Microsoft has launched a streamlined submissions experience in the Microsoft 365 Defender portal. The new submissions page provides dedicated item tabs to help IT Admins track and analyze malicious emails, email attachments, URLs, and messages reported by end-users in their organization. To get started, IT Admins will need to head to the Microsoft 365 Defender…

Microsoft is reportedly planning to acquire a US-based cyber security company Mandiant. According to a new report from Bloomberg, this new acquisition will help the Redmond giant to beef up its portfolio of security offerings to protect its customers from cybersecurity threats and data breaches. For those unfamiliar, Mandiant is a cybersecurity research firm that…