Microsoft - Security Ticks

Microsoft Authenticator suppresses suspicious MFA notifications

account hijacking, Don't miss, Hot stuff, MFA, Microsoft, News, social engineering / SecurityTicks

Microsoft Authenticator suppresses suspicious MFA notifications 08/11/2023 at 17:46 By Helga Labus Microsoft has quietly rolled out a new mechanism that shields users of its mobile Authenticator app from suspicious (and annoying) push notifications triggered by attackers. Preventing attacks relying on MFA fatigue When faced with MFA-protected accounts, threat actors repeatedly try to gain access […]

React to this headline:

Microsoft Authenticator suppresses suspicious MFA notifications Read More »

Microsoft introduces new access policies in Entra to boost MFA usage

access management, Don't miss, enterprise, Hot stuff, identity protection, MFA, Microsoft, Microsoft Entra ID, News, policy / SecurityTicks

Microsoft introduces new access policies in Entra to boost MFA usage 07/11/2023 at 18:17 By Helga Labus As part of a broader initiative to strengthen security, Microsoft is rolling out Microsoft-managed Conditional Access policies in Entra ID (formerly Azure Active Directory) to increase the use of multifactor authentication (MFA) for enterprise accounts. Microsoft Entra Conditional

React to this headline:

Microsoft introduces new access policies in Entra to boost MFA usage Read More »

MITRE partners with Microsoft to address generative AI security risks

Industry news, Microsoft, MITRE / SecurityTicks

MITRE partners with Microsoft to address generative AI security risks 06/11/2023 at 19:32 By Industry News MITRE and Microsoft have added a data-driven generative AI focus to MITRE ATLAS, a community knowledge base that security professionals, AI developers, and AI operators can use as they protect AI-enabled systems. This new framework update and associated new

React to this headline:

MITRE partners with Microsoft to address generative AI security risks Read More »

Microsoft launches new initiative to augment security

Application Security, Artificial Intelligence, cloud security, Don't miss, Hot stuff, identity protection, Microsoft, News, software development, strategy / SecurityTicks

Microsoft launches new initiative to augment security 03/11/2023 at 14:48 By Zeljka Zorz Nearly 22 years after Bill Gates announced a concerted Microsoft-wide push to deliver Trustworthy Computing, the company is launching the Secure Future Initiative, to boost the overall security of Microsoft’s products and its customers and users. A new Microsoft initiative focused on

React to this headline:

Microsoft launches new initiative to augment security Read More »

From Windows 9x to 11: Tracing Microsoft’s security evolution

CISA, CISO, cybersecurity, Don't miss, Features, Hot stuff, Linux, macOS, Microsoft, News, opinion, strategy, Tenable, Windows / SecurityTicks

From Windows 9x to 11: Tracing Microsoft’s security evolution 31/10/2023 at 09:01 By Mirko Zorz Over its journey from Windows 9x to Windows 11, Microsoft has implemented multiple security overhauls, each addressing the challenges of its time and setting the stage for future developments. In this Help Net Security interview, we feature security researcher Alex

React to this headline:

From Windows 9x to 11: Tracing Microsoft’s security evolution Read More »

Enterprise Browser Startup Island Banks $100M in Funding

Chrome, cloud security, Data Protection, Enterprise Browser, Funding/M&A, Island, Microsoft, Talon / SecurityTicks

Enterprise Browser Startup Island Banks $100M in Funding 23/10/2023 at 21:49 By Ryan Naraine Since 2020, Island has raised a total of $325 million to help protect corporate data flowing through SaaS and internal web applications. The post Enterprise Browser Startup Island Banks $100M in Funding appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Enterprise Browser Startup Island Banks $100M in Funding Read More »

Microsoft announces wider availability of AI-powered Security Copilot

Artificial Intelligence, Don't miss, enterprise, Hot stuff, machine learning, malware analysis, Microsoft, News, threat hunting / SecurityTicks

Microsoft announces wider availability of AI-powered Security Copilot 23/10/2023 at 15:04 By Helga Labus Microsoft Security Copilot has been made available to a larger number of enterprise customers, via an invitation-only Early Access Program. What is Microsoft Security Copilot? “Security Copilot is an AI assistant for security teams that builds on the latest in large

React to this headline:

Microsoft announces wider availability of AI-powered Security Copilot Read More »

‘Every customer solution’ will be integrated with AI: Microsoft CEO Satya Nadella

Aritifical Intelligence, Bing, Copilot, Microsoft, Microsoft AI, Satya Nadella / SecurityTicks

‘Every customer solution’ will be integrated with AI: Microsoft CEO Satya Nadella 21/10/2023 at 06:02 By Cointelegraph By Brian Quarmby In an annual letter, Satya Nadella outlined Microsoft’s plans for AI, which includes integrating the AI and its Copilot across the firm’s “most used products.” This article is an excerpt from Cointelegraph.com News View Original

React to this headline:

‘Every customer solution’ will be integrated with AI: Microsoft CEO Satya Nadella Read More »

North Korean hackers are targeting software developers and impersonating IT workers

APT, Don't miss, FBI, Hot stuff, Insider Threat, Microsoft, News, North Korea, software development, supply chain compromise, vulnerability / SecurityTicks

North Korean hackers are targeting software developers and impersonating IT workers 20/10/2023 at 13:52 By Helga Labus State-sponsored North Korean hackers have significantly intensified their focus on the IT sector in recent years, by infiltrating firms developing software and companies lookind for IT workers. North Korean hackers targeting developers Microsoft has outlined on Wednesday how

React to this headline:

North Korean hackers are targeting software developers and impersonating IT workers Read More »

Microsoft Improving Windows Authentication, Disabling NTLM

authentication, Identity & Access, Kerberos, Microsoft, NTLM / SecurityTicks

Microsoft Improving Windows Authentication, Disabling NTLM 16/10/2023 at 15:33 By Ionut Arghire Microsoft is adding new features to the Kerberos protocol, to eliminate the use of NTLM for Windows authentication. The post Microsoft Improving Windows Authentication, Disabling NTLM appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Microsoft Improving Windows Authentication, Disabling NTLM Read More »

Microsoft announces AI bug bounty program

Artificial Intelligence, Bing, bug bounty, Don't miss, Hot stuff, Microsoft, News / SecurityTicks

Microsoft announces AI bug bounty program 16/10/2023 at 15:18 By Zeljka Zorz Microsoft is offering up to $15,000 to bug hunters that pinpoint vulnerabilities of Critical or Important severity in its AI-powered “Bing experience”. “The new Microsoft AI bounty program comes as a result of key investments and learnings over the last few months, including

React to this headline:

Microsoft announces AI bug bounty program Read More »

Microsoft’s Activision buy may see more metaverse in the office and crypto in gaming

Blockchain Game, Games, Gaming, Metaverse, Microsoft / SecurityTicks

Microsoft’s Activision buy may see more metaverse in the office and crypto in gaming 13/10/2023 at 23:02 By Cointelegraph By Derek Andersen More signs say the acquisition will boost metaverse applications in business than in gaming as CEO Nadella talks about productivity and metaverse enthusiast Kotick leaves Activision. This article is an excerpt from Cointelegraph.com

React to this headline:

Microsoft’s Activision buy may see more metaverse in the office and crypto in gaming Read More »

Microsoft Offers Up to $15,000 in New AI Bug Bounty Program

AI, Artificial Intelligence, bug bounty program, Microsoft / SecurityTicks

Microsoft Offers Up to $15,000 in New AI Bug Bounty Program 13/10/2023 at 13:32 By Ionut Arghire Microsoft is offering rewards of up to $15,000 in a new bug bounty program dedicated to its new AI-powered Bing. The post Microsoft Offers Up to $15,000 in New AI Bug Bounty Program appeared first on SecurityWeek. This

React to this headline:

Microsoft Offers Up to $15,000 in New AI Bug Bounty Program Read More »

Microsoft Defender can automatically contain compromised user accounts

automation, BEC scams, Don't miss, Endpoint Security, enterprise, Hot stuff, Microsoft, Microsoft Defender, MITM, News, privileged accounts, Ransomware, XDR / SecurityTicks

Microsoft Defender can automatically contain compromised user accounts 12/10/2023 at 15:32 By Helga Labus The “contain user” feature select Microsoft Defender for Endpoint customers have been trying out since November 2022 is now available to a wider pool of organizations, Microsoft has announced. The feature aims to help organizations disrupt human-operated attacks like ransomware, business

React to this headline:

Microsoft Defender can automatically contain compromised user accounts Read More »

Critical Atlassian Confluence vulnerability exploited by state-backed threat actor

Atlassian, Atlassian Confluence, Don't miss, exploit, GreyNoise, Hot stuff, Microsoft, News, Rapid7, vulnerability / SecurityTicks

Critical Atlassian Confluence vulnerability exploited by state-backed threat actor 11/10/2023 at 14:18 By Helga Labus A critical flaw in Atlassian Confluence Data Center and Server (CVE-2023-22515) has been exploited by a state-backed threat actor, Microsoft’s threat analysts have pinpointed. About the vulnerability CVE-2023-22515 was initially classified as a critical privilege escalation vulnerability affecting Confluence Data

React to this headline:

Critical Atlassian Confluence vulnerability exploited by state-backed threat actor Read More »

15 free Microsoft 365 security training modules worth your time

Don't miss, Hot stuff, how-to, Microsoft, Microsoft 365, News, skill development, strategy, tips / SecurityTicks

15 free Microsoft 365 security training modules worth your time 11/10/2023 at 07:32 By Help Net Security Microsoft 365 is a cloud-based productivity suite. Beyond just tools like Word and Excel, it integrates productivity applications with cloud functionalities, device administration, and enhanced security, all within a unified experience. Managing Microsoft 365 can be difficult for

React to this headline:

15 free Microsoft 365 security training modules worth your time Read More »

Microsoft plugs exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763)

DDoS, Don't miss, Hot stuff, Microsoft, Microsoft Exchange, News, Patch Tuesday, security update, Trend Micro, Windows / SecurityTicks

Microsoft plugs exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763) 10/10/2023 at 22:01 By Zeljka Zorz On this October 2023 Patch Tuesday, Microsoft has released 103 patches and has fixed three actively exploited vulnerabilities (CVE-2023-36563, CVE-2023-41763, CVE-2023-44487). The exploited zero-days (CVE-2023-36563, CVE-2023-41763, CVE-2023-44487) CVE-2023-36563, discovered by Microsoft Threat Intelligence, is a WordPad vulnerability that could

React to this headline:

Microsoft plugs exploited WordPad, Skype for Business zero-days (CVE-2023-36563, CVE-2023-41763) Read More »

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business

Application Security, CVE-2023-36563, CVE-2023-41763, CVE-2023-44487, Malware & Threats, Microsoft, Patch Tuesday, Vulnerabilities / SecurityTicks

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business 10/10/2023 at 21:32 By Ryan Naraine Microsoft patches more than 100 vulnerabilities across the Windows ecosystem and warned that three are already being exploited in the wild. The post Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business appeared first on SecurityWeek. This article is an

React to this headline:

Microsoft Fixes Exploited Zero-Days in WordPad, Skype for Business Read More »

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC

DMARC, Don't miss, Email, enterprise, Hot stuff, Microsoft, Microsoft 365, News, spam / SecurityTicks

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC 09/10/2023 at 13:32 By Helga Labus In the wake of Google’s announcement of new rules for bulk senders, Microsoft is urging Microsoft 365 email senders to implement SPF, DKIM and DMARC email authentication methods. “These Domain Name Service (DNS) email authentication records verify that

React to this headline:

Microsoft 365 email senders urged to implement SPF, DKIM and DMARC Read More »

October 2023 Patch Tuesday forecast: Operating system updates and zero-days aplenty

0-day, apple, Chrome, CVE, Don't miss, Expert analysis, Google, Hot stuff, Ivanti, Microsoft, Mozilla, Patch Tuesday, predictions / SecurityTicks

October 2023 Patch Tuesday forecast: Operating system updates and zero-days aplenty 06/10/2023 at 07:47 By Help Net Security September has been a packed month of continuous updates. New operating systems were released from Apple and Microsoft, and several vulnerabilities exploited in web services resulted in a domino effect of zero-day releases for many vendors. If

React to this headline:

October 2023 Patch Tuesday forecast: Operating system updates and zero-days aplenty Read More »