Cybersecurity News

How Microsoft Disabled Legacy Authentication Across the Company

The process was not smooth or straightforward, employees say in a discussion of challenges and lessons learned during the multi-year project.

09 March 2020

Microsoft: 99.9 percent of hacked accounts lacked MFA

Only 11 percent of all enterprise accounts have multi-factor authentication enabled

The post Microsoft: 99.9 percent of hacked accounts lacked MFA appeared first on WeLiveSecurity

09 March 2020

Microsoft Exchange Server Flaw Exploited in APT Attacks

A vulnerability is Microsoft Exchange servers is being actively exploited by multiple APT groups, researchers warn.

09 March 2020

Microsoft Exchange Server Flaw Exploited in APT Attacks

A vulnerability is Microsoft Exchange servers is being actively exploited by multiple APT groups, researchers warn.

09 March 2020

Cyber Resiliency, Cloud & the Evolving Role of the Firewall

Today's defenses must be creative in both isolating threats and segmenting environments to prevent attacks. Here's why.

09 March 2020

Malware Campaign Feeds on Coronavirus Fears

A new malware campaign that offers a "coronavirus map" delivers a well-known data-stealer.

09 March 2020

AMD Downplays CPU Threat Opening Chips to Data Leak Attacks

New side-channel attacks have been disclosed in AMD CPUs, however AMD said that they are not new.

09 March 2020

AMD Downplays CPU Threat Opening Chips to Data Leak Attacks

New side-channel attacks have been disclosed in AMD CPUs, however AMD said that they are not new.

09 March 2020

WatchGuard Buys Panda Security for Endpoint Security Tech

In the long term, Panda Security's technologies will be integrated into the WatchGuard platform.

09 March 2020

Brave to generate random browser fingerprints to preserve user privacy

"Brave's new approach aims to make every browser look completely unique, both between websites and between browsing sessions."

09 March 2020

Threat Awareness: A Critical First Step in Detecting Adversaries

One thing seems certain: Attackers are only getting more devious and lethal. Expect to see more advanced attacks.

09 March 2020

NordVPN HTTP POST bug exposed customer information, no authentication required

The exploit could be triggered with a simple request.

09 March 2020

Phone Call Attacks

More and more scams and attacks are happening over the phone. Whenever you get an urgent phone call on the phone pressuring you to do something (such as a caller pretending to be the tax department or Microsoft Tech Support) be very suspicious. It's most likely a scammer trying to trick you out of money or pressure you into making a mistake. Protect yourself, simply hang up the phone. You are not being rude, the person on the other line is trying to take advantage of you.

09 March 2020

Multiple nation-state groups are hacking Microsoft Exchange servers

Government-backed groups are exploiting CVE-2020-0688 to take over Exchange email servers.

08 March 2020

A list of security conferences canceled or postponed due to coronavirus concerns

Some conferences have canceled, some have postponed the event, while others have gone virtual.

07 March 2020

AMD processors from 2011 to 2019 vulnerable to two new attacks

Academics disclose new Collide+Probe and Load+Reload attacks on AMD CPUs.

07 March 2020

U.S. Govt. Makes it Harder to Get .Gov Domains

The federal agency in charge of issuing .gov domain names is enacting new requirements for validating the identity of people requesting them. The additional measures come less than four months after KrebsOnSecurity published research suggesting it was relatively easy for just about anyone to get their very own .gov domain. In November's piece It's Way Too Easy to Get a .gov Domain Name, an anonymous source detailed how he obtained one by impersonating an official at a small town in Rhode Island that didn't already have its own .gov.

07 March 2020

How Microsoft Disabled Legacy Authentication Across the Company

Microsoft: 99.9 percent of hacked accounts lacked MFA

Microsoft Exchange Server Flaw Exploited in APT Attacks

Microsoft Exchange Server Flaw Exploited in APT Attacks

Cyber Resiliency, Cloud & the Evolving Role of the Firewall

Malware Campaign Feeds on Coronavirus Fears

AMD Downplays CPU Threat Opening Chips to Data Leak Attacks

AMD Downplays CPU Threat Opening Chips to Data Leak Attacks

WatchGuard Buys Panda Security for Endpoint Security Tech

Brave to generate random browser fingerprints to preserve user privacy

Threat Awareness: A Critical First Step in Detecting Adversaries

NordVPN HTTP POST bug exposed customer information, no authentication required

Phone Call Attacks

Multiple nation-state groups are hacking Microsoft Exchange servers

A list of security conferences canceled or postponed due to coronavirus concerns

AMD processors from 2011 to 2019 vulnerable to two new attacks

U.S. Govt. Makes it Harder to Get .Gov Domains

Google could have fixed 2FA code-stealing flaw in Authenticator app years ago

New Ransomware Variant Developed Entirely as Shellcode

7 Cloud Attack Techniques You Should Worry About