Microsoft - Security Ticks

Weekly IT Vulnerability Report: Cyble Urges Fixes for Ivanti, Microsoft Dark Web Exploits

Ivanti, Microsoft, Qualcomm, vulnerability, Zimbra / SecurityTicks

Weekly IT Vulnerability Report: Cyble Urges Fixes for Ivanti, Microsoft Dark Web Exploits 2024-10-15 at 12:52 By daksh sharma Key Takeaways Overview Cyble Research and Intelligence Labs (CRIL) investigated 22 vulnerabilities during the week of Oct. 2-8 and identified six products that security teams should prioritize for patching and mitigation. Additionally, Cyble researchers detected 14 […]

React to this headline:

Weekly IT Vulnerability Report: Cyble Urges Fixes for Ivanti, Microsoft Dark Web Exploits Read More »

Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572)

0-day, CVE, Don't miss, Hot stuff, Microsoft, NetSPI, News, Patch Tuesday, security update, Tenable, Trend Micro, vulnerability, Windows / SecurityTicks

Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) 2024-10-08 at 22:49 By Zeljka Zorz For October 2024 Patch Tuesday, Microsoft has released fixes for 117 security vulnerabilities, including two under active exploitation: CVE-2024-43573, a spoofing bug affecting the Windows MSHTML Platform, and CVE-2024-43572, a remote code execution flaw in the Microsoft Management Console

React to this headline:

Microsoft patches two zero-days exploited in the wild (CVE-2024-43573, CVE-2024-43572) Read More »

100+ domains seized to stymie Russian Star Blizzard hackers

APT, Don't miss, Hot stuff, Justice Department, Microsoft, News, phishing / SecurityTicks

100+ domains seized to stymie Russian Star Blizzard hackers 2024-10-04 at 14:18 By Zeljka Zorz Microsoft and the US Justice Department have seized over 100 domains used by Star Blizzard, a Russian nation-state threat actor. “Between January 2023 and August 2024, Microsoft observed Star Blizzard target over 30 civil society organizations – journalists, think tanks,

React to this headline:

100+ domains seized to stymie Russian Star Blizzard hackers Read More »

October 2024 Patch Tuesday forecast: Recall can be recalled

Don't miss, Expert analysis, Hot stuff, Ivanti, Microsoft, News, opinion, Patch Tuesday, predictions / SecurityTicks

October 2024 Patch Tuesday forecast: Recall can be recalled 2024-10-04 at 07:46 By Help Net Security October arrived, and Microsoft started the month by announcing the release of Windows 11 24H2. The preview versions of this release have been in the news due to many innovations and one controversial feature. Windows 11 24H2 and Microsoft

React to this headline:

October 2024 Patch Tuesday forecast: Recall can be recalled Read More »

Darktrace brings real-time cloud detection and response to Microsoft Azure customers

Darktrace, Industry news, Microsoft / SecurityTicks

Darktrace brings real-time cloud detection and response to Microsoft Azure customers 2024-10-03 at 16:31 By Industry News Darktrace announced the expansion of Darktrace / CLOUD to support Microsoft Azure environments. The AI-driven Cloud Detection and Response (CDR) system leverages Microsoft’s virtual network flow logs for agentless deployment, slashing deployment times by 95%. The need for

React to this headline:

Darktrace brings real-time cloud detection and response to Microsoft Azure customers Read More »

Microsoft Unveils Copilot Vision AI Tool, but Highlights Security After Recall Debacle

AI, Artificial Intelligence, Copilot Vision, generative AI, Microsoft, Privacy, security / SecurityTicks

Microsoft Unveils Copilot Vision AI Tool, but Highlights Security After Recall Debacle 2024-10-01 at 17:31 By Eduard Kovacs Microsoft has unveiled a new AI-based web content analysis tool, underscoring safety and security to address potential concerns. The post Microsoft Unveils Copilot Vision AI Tool, but Highlights Security After Recall Debacle appeared first on SecurityWeek. This

React to this headline:

Microsoft Unveils Copilot Vision AI Tool, but Highlights Security After Recall Debacle Read More »

Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts

account hijacking, Cloud, credentials, Don't miss, Hot stuff, Microsoft, Microsoft Entra ID, News, privileged accounts, Ransomware / SecurityTicks

Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts 2024-09-30 at 17:01 By Zeljka Zorz Storm-0501, an affiliate of several high-profile ransomware-as-a-service outfits, has been spotted compromising targets’ cloud environments and on-premises systems. “Storm-0501 is the latest threat actor observed to exploit weak credentials and over-privileged accounts to move from organizations’

React to this headline:

Ransomware attackers hop from on-premises systems to cloud to compromise Microsoft 365 accounts Read More »

Microsoft revised the controversial Copilot+ Recall feature

Artificial Intelligence, data security, Don't miss, Hot stuff, Microsoft, News, Privacy, Windows / SecurityTicks

Microsoft revised the controversial Copilot+ Recall feature 2024-09-30 at 13:46 By Zeljka Zorz Microsoft has made changes to Recall – the screenshot-taking, AI-powered search feature for Copilot+ PCs running Windows 11 – to reassure users worried about security and privacy. The security of the feature has been assessed by Microsoft’s Offensive Research & Security Engineering

React to this headline:

Microsoft revised the controversial Copilot+ Recall feature Read More »

Controversial Windows Recall AI Search Tool Returns With Proof-of-Presence Encryption, Data Isolation

Artificial Intelligence, Encryption, Endpoint Security, Featured, Microsoft, Privacy & Compliance, Proof-of-Presence, Windows Hello, Windows Recall / SecurityTicks

Controversial Windows Recall AI Search Tool Returns With Proof-of-Presence Encryption, Data Isolation 2024-09-27 at 21:01 By Ryan Naraine Microsoft reboots controversial Windows Recall with proof-of-presence encryption, anti-tampering checks, and secure enclave data management. The post Controversial Windows Recall AI Search Tool Returns With Proof-of-Presence Encryption, Data Isolation appeared first on SecurityWeek. This article is an

React to this headline:

Controversial Windows Recall AI Search Tool Returns With Proof-of-Presence Encryption, Data Isolation Read More »

Portnox enhances passwordless risk-based access for enterprise applications

Industry news, Microsoft, Portnox / SecurityTicks

Portnox enhances passwordless risk-based access for enterprise applications 2024-09-25 at 13:03 By Industry News Portnox announced support for Microsoft External Authentication Methods (EAM) for its Conditional Access for Applications solution. This new integration extends Portnox’s commitment to delivering phishing-resistant passwordless authentication with risk-based assessment and compliance validation for enterprise applications. Microsoft’s EAM capability allows users to

React to this headline:

Portnox enhances passwordless risk-based access for enterprise applications Read More »

CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes

BSOD, buggy update, CrowdStrike, Featured, Incident Response, Microsoft, Windows / SecurityTicks

CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes 2024-09-24 at 23:16 By Ryan Naraine CrowdStrike says it has revamped several testing, validation, and update rollout processes to prevent a repeat of the July BSOD incident. The post CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes appeared first on SecurityWeek. This article

React to this headline:

CrowdStrike Overhauls Testing and Rollout Procedures to Avoid System Crashes Read More »

Microsoft Names Deputy CISOs, Governance Council to Manage Security Push

CISO, CSRB, Management & Strategy, Microsoft, SFI / SecurityTicks

Microsoft Names Deputy CISOs, Governance Council to Manage Security Push 2024-09-24 at 19:01 By Ryan Naraine Microsoft says each Deputy CISO will oversee specific domains, ranging from gaming and cloud security to AI and government systems. The post Microsoft Names Deputy CISOs, Governance Council to Manage Security Push appeared first on SecurityWeek. This article is

React to this headline:

Microsoft Names Deputy CISOs, Governance Council to Manage Security Push Read More »

Windows Server 2025 gets hotpatching option, without reboots

data center, Don't miss, Hot stuff, Microsoft, News, patching, security update, Windows Server / SecurityTicks

Windows Server 2025 gets hotpatching option, without reboots 2024-09-23 at 17:02 By Zeljka Zorz Organizations that plan to upgrade to Windows Server 2025 once it becomes generally available will be able to implement some security updates by hotpatching running processes. What is hotpatching? “Hotpatching has been around for years in Windows Server 2022 Azure Edition,

React to this headline:

Windows Server 2025 gets hotpatching option, without reboots Read More »

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461)

0-day, APT, Check Point, CVE, Don't miss, Hot stuff, Microsoft, News, security update, Trend Micro, vulnerability, Windows / SecurityTicks

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) 2024-09-16 at 15:46 By Zeljka Zorz CVE-2024-43461, a spoofing vulnerability affecting Windows MSHTML – a software component used by various apps for rendering render web pages on Windows – “was exploited as a part of an attack chain relating to CVE-2024-38112, prior to July 2024,”

React to this headline:

Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) Read More »

Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel

CrowdStrike, EDR, Endpoint Security, Featured, kernel, Microsoft, Windows / SecurityTicks

Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel 2024-09-13 at 21:45 By Ryan Naraine Microsoft is revamping how anti-malware tools interact with the Windows kernel to avoid another CrowdStrike faulty update catastrophe. The post Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel appeared first on SecurityWeek. This article is an excerpt

React to this headline:

Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel Read More »

Microsoft Adds Support for Post-Quantum Algorithms in SymCrypt Library

Data Protection, Microsoft, Post quantum cryptography, PQC, Quantum cryptography / SecurityTicks

Microsoft Adds Support for Post-Quantum Algorithms in SymCrypt Library 2024-09-11 at 14:01 By Ionut Arghire Microsoft has started introducing support for post-quantum algorithms in SymCrypt, its main cryptographic library. The post Microsoft Adds Support for Post-Quantum Algorithms in SymCrypt Library appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Microsoft Adds Support for Post-Quantum Algorithms in SymCrypt Library Read More »

Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes

CVE-2024-38226, CVE-2024-43491, Featured, Microsoft, Patch Tuesday, Vulnerabilities, Windows Update / SecurityTicks

Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes 2024-09-10 at 23:31 By Ryan Naraine Patch Tuesday: Microsoft raises an alarm for in-the-wild exploitation of a critical flaw in Windows Update. The post Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Microsoft Says Windows Update Zero-Day Being Exploited to Undo Security Fixes Read More »

September 2024 Patch Tuesday forecast: Downgrade is the new exploit

Adobe, apple, Chrome, cybersecurity, Don't miss, Expert analysis, Expert corner, Firefox, Hot stuff, Ivanti, Microsoft, Mozilla, News, Patch Tuesday, patching, Windows / SecurityTicks

September 2024 Patch Tuesday forecast: Downgrade is the new exploit 2024-09-06 at 08:16 By Help Net Security I asked for a calm August 2024 Patch Tuesday in last month’s forecast article and that came to pass. The updates released were limited to the regular operating systems and all forms of Office applications. Six zero-day vulnerabilities

React to this headline:

September 2024 Patch Tuesday forecast: Downgrade is the new exploit Read More »

Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation

CLFS, exploit mitigation, HMAC, Microsoft, Ransomware, Security Architecture, Vulnerabilities / SecurityTicks

Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation 2024-09-04 at 20:46 By Ryan Naraine Microsoft is experimenting with a major new security mitigation to block attacks targeting flaws in the Windows Common Log File System (CLFS). The post Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation appeared first on SecurityWeek. This

React to this headline:

Microsoft Tackling Windows Logfile Flaws With New HMAC-Based Security Mitigation Read More »

Veeam Software expands protection for Microsoft 365

Industry news, Microsoft, Veeam Software / SecurityTicks

Veeam Software expands protection for Microsoft 365 2024-09-03 at 17:01 By Industry News Veeam Software announced Veeam Backup for Microsoft 365 v8, which delivers comprehensive and flexible immutability for Microsoft 365 data. Now organizations can ensure their Microsoft 365 data is resilient employing a zero-trust, multi-layered immutable strategy, making certain backup data is safe from

React to this headline:

Veeam Software expands protection for Microsoft 365 Read More »