Microsoft

Patch Tuesday: Microsoft Catches Four Zero-Day Vulnerabilities

Posted on by Admin
Patch Tuesday: Microsoft Catches Four Zero-Day Vulnerabilities

Every second Tuesday of the month, Microsoft releases a bundle of fixes for Windows. This Tuesday brings four zero-day vulnerabilities, two high-criticality vulnerabilities, and some sister patches from Adobe. On Patch Tuesday, which Microsoft calls “Update Tuesday,” other large software companies like Adobe release major security fixes. It’s a time to launch updates across corporate networks, and it occurs during mid-morning Pacific Standard Time to keep admins and users from having to scramble at the…

Read More

Microsoft Is Disabling Default ActiveX Controls in Office 2024

Posted on by Admin
Microsoft Is Disabling Default ActiveX Controls in Office 2024

Microsoft will disable ActiveX controls by default in the Office suite, starting in October with the release of Office 2024. Phasing out the software framework is likely related to numerous security vulnerabilities that have been exploited in the past. Dating back to 1996, ActiveX has long been used for embedding interactive objects, such as buttons or forms, within Office documents. It was formerly used to load multimedia content, like videos, in Internet Explorer. However, it…

Read More

Microsoft Patched 6 Actively Exploited Zero-Day Flaws

Posted on by Admin
Microsoft Patched 6 Actively Exploited Zero-Day Flaws

Patch Tuesday, Microsoft’s monthly report of security updates, brought 90 CVEs, including some vulnerabilities that were being actively exploited. Some vulnerabilities originated in Chromium, meaning both Microsoft Edge and Google Chrome may have been affected. Here are the most critical flaws and patches disclosed by Microsoft on Aug. 13. Six zero-day flaws had been exploited Threat actors had already taken advantage of six zero-day exploits in particular: CVE-2024-38106: an elevation of privilege vulnerability in the…

Read More

Secureworks Fills Australian Mid-Market Demand for Simplified Cyber Security Solutions

Posted on by Admin
Secureworks Fills Australian Mid-Market Demand for Simplified Cyber Security Solutions

Secureworks is a U.S. headquartered publicly listed cybersecurity firm offering extended detection and response, XDR, technology, and services. Majority-owned by Dell, its XDR is marketed under the Taegis product brand. This year, the company launched a “ManagedXDR Plus” offering for mid-market customers seeking more tailored cybersecurity options at a reasonable price point. Secureworks CEO Wendy Thomas, who visited Australia in July 2024, told TechRepublic that the XDR offering was appealing to mid-market customers in Australia…

Read More

Black Hat Roundup 2024: What to Expect From This Week’s Security Events

Posted on by Admin
Black Hat Roundup 2024: What to Expect From This Week’s Security Events

Black Hat and DEF CON are two of the major security conferences in the U.S., drawing large crowds of cyber and AI decision-makers to Las Vegas. Black Hat USA 2024 runs from August 3-8, with most of the briefings occurring on August 7 and 8; DEF CON 32 runs from August 8-11. We’re rounding up the enterprise business tech news from Black Hat and DEF CON that is most relevant for IT and tech decision-makers….

Read More

Microsoft Azure Outage Caused by DDoS Attack

Posted on by Admin
Microsoft Azure Outage Caused by DDoS Attack

Microsoft has confirmed the cause of the outage on July 30 was a distributed denial-of-service attack. However, its advisory added that the issue was exacerbated by an “error in the implementation of their defenses” during a mitigation attempt. The Azure cloud services were impacted between approximately 11:45 UTC and 19:43 UTC after being flooded by internet traffic. Redmond security pros say that the Azure Front Door and Azure Content Delivery Network components were “performing below…

Read More

Top 6 Cloud Computing Certifications Worth Taking

Posted on by Admin
Top 6 Cloud Computing Certifications Worth Taking

Course Spotlight: Microsoft Cloud Support Associate Professional Certificate on Coursera Our assessment: Best for going from beginner to ready for a career This certification teaches skills from the very basics of knowledge about computing to valuable professional techniques in Microsoft Azure, one of the most popular cloud platforms. This certification includes 12 courses intended to get learners up to speed on IT and cybersecurity, Microsoft 365, cloud management and professional cloud administration. The courses included…

Read More

Microsoft Says VMware ESXi Flaw is Being Exploited By Ransomware Groups

Posted on by Admin
Microsoft Says VMware ESXi Flaw is Being Exploited By Ransomware Groups

A vulnerability in the ESXi hypervisor was patched by VMware last week, but Microsoft has revealed that it has already been exploited by ransomware groups to gain administrative permissions. VMware ESXi is a bare-metal hypervisor that enables the creation and management of virtual machines directly on server hardware, which may include critical servers. CVE-2024-37085 is an authentication bypass vulnerability that allows malicious actors with sufficient permissions to gain full access to a domain-joined ESXi host….

Read More

Apple Joins Voluntary U.S. Government Commitment to AI Safety

Posted on by Admin
Apple Joins Voluntary U.S. Government Commitment to AI Safety

Apple is the latest addition to the list of public U.S. companies that made voluntary commitments to AI regulations, the White House announced on July 26. The commitments, first announced in September 2023, include vows to publicly disclose AI capabilities, to watermark AI content and more. These commitments set a public standard for the country’s largest AI makers in an effort to reduce deception and other novel, unsafe practices that could stem from realistic-looking AI…

Read More

Summer Olympics: What IT Teams Need to Do Before & During the Event for Their Businesses

Posted on by Admin
Summer Olympics: What IT Teams Need to Do Before & During the Event for Their Businesses

Cyberattacks targeting the Paris Olympics have made headlines lately. Travel safety is important, but so is keeping up with online hygiene for those employees who may be working from home or in the office. The Olympics happen over multiple weeks and during work hours, unlike many other major sporting events, so there are more opportunities for threat actors to exploit the excitement. We’ve gathered some tips for IT teams during the Summer Olympics, with ideas…

Read More
1 2 3 4 5 6 8