Windows Hello for Business: Passwordless authentication for Windows shops

Microsoft is trying to get rid of that sticky note that you see taped to everyone’s office monitor. You know, the one with the password on it. The one with all of the old passwords crossed off one by one, each one subtly different from the last — an exclamation point turning into an ampersand, a one into a two.

Enterprises have really done this to themselves. The passwords that most organizations require — which have to be complex, with long strings of numbers and specially cased phrases with some (but not all! heavens no, not the one you want) symbols — are difficult to remember. There’s no hope except to write them down. Then you have to reset them every so often. Then they get recycled. And on and on the cycle goes.

To read this article in full, please click here

Read more

Microsoft addresses three zero-days for October’s Patch Tuesday

Read more

Patch Tuesday, October 2023 Edition

Credit to Author: BrianKrebs| Date: Tue, 10 Oct 2023 22:51:31 +0000

Microsoft today issued security updates for more than 100 newly-discovered vulnerabilities in its Windows operating system and related software, including four flaws that are already being exploited. In addition, Apple recently released emergency updates to quash a pair of zero-day bugs in iOS.

Read more

New security features in Windows 11 protect users and empower IT

Credit to Author: David Weston| Date: Tue, 26 Sep 2023 17:00:00 +0000

Windows 11 is designed to simplify security with features from the chip to the cloud that are on by default. Since its launch, we’ve seen a 58 percent reduction in security. Learn more about the new features.

The post New security features in Windows 11 protect users and empower IT appeared first on Microsoft Security Blog.

Read more

Critical updates for Microsoft Office and Visual Studio drive September's Patch Tuesday

Microsoft released 59 updates in its September Patch Tuesday release, with critical patches for Microsoft Office and Visual Studio, and  continued the trend of including non-Microsoft applications in its update cycle. (Notepad++ is a notable addition, with Autodesk returning with a revised bulletin.) We’ve made “Patch Now” recommendations for Microsoft development platforms (Visual Studio) and Microsoft Word.

Unfortunately, updates for Microsoft Exchange Server have also returned, requiring server reboots this time, too.

The team at Readiness has created this infographic outlining the risks associated with each of the September updates.

To read this article in full, please click here

Read more

THREAT ADVISORY: Zero-Day Vulnerabilities Detected on WinRAR

Credit to Author: Quickheal| Date: Mon, 04 Sep 2023 06:21:13 +0000

Zero-day vulnerabilities represent an imminent threat to cybersecurity, and in this case, two such vulnerabilities, CVE-2023-38831 and CVE-2023-40477,…

The post THREAT ADVISORY: Zero-Day Vulnerabilities Detected on WinRAR appeared first on Quick Heal Blog.

Read more

Mallox Ransomware Strikes Unsecured MSSQL Servers

Credit to Author: Vaibhav Billade| Date: Fri, 18 Aug 2023 10:27:55 +0000

Introduction: First observed in the middle of 2021, ‘Mallox’ Ransomware has emerged as a formidable threat in the…

The post Mallox Ransomware Strikes Unsecured MSSQL Servers appeared first on Quick Heal Blog.

Read more

Patch Tuesday: Microsoft rolls out 90 updates for Windows, Office

With its August Patch Tuesday release, Microsoft pushed out 90 updates for the Windows and Office platforms. The latest fixes include  another update for Microsoft Exchange (along with with a warning about failed updates to Exchange Server 2016 and 2019) and a “Patch Now” recommendation from us for Office.

The team at Application Readiness has crafted this useful infographic outlining the risks associated with each of the updates for this month.

To read this article in full, please click here

Read more

Adopting guidance from the US National Cybersecurity Strategy to secure the Internet of Things

Credit to Author: David Weston| Date: Mon, 07 Aug 2023 16:00:00 +0000

Microsoft is invested in helping partners create Internet of Things solutions with strong security products that support the March 2023 United States National Cybersecurity Strategy.

The post Adopting guidance from the US National Cybersecurity Strategy to secure the Internet of Things appeared first on Microsoft Security Blog.

Read more

Four zero-days make July 's Patch Tuesday a 'patch now' update

Read more