Joy Chik, corporate vice president for Microsoft Identity, recently laid out a general overview of Azure AD security best practice. This announcement comes in the light of improvements that were recently announced to Azure Active Directory including conditional access policy management enhancements and synchronization service additions.
Microsoft has suggested that companies using Azure AD…
A recent string of attacks consisting of data threats and extortion have been linked to the the Accellion File Transfer Appliance’s CVE’s. Cybersecurity researchers said that a cybercrime group called UNC2546 was responsible for the two month long attack
The crime group exploited multiple zero-day vulnerabilities in the legacy FTA software to install a new web shell named DEWMODE on victim…
As cyber-researchers look into the Solarigate supply chain attack and measure it’s true impact, the company blamed one of its intern for a critical password lapse that went unnoticed for several years.
The password is said to have been “solarwinds123” and is believed to have been publicly accessible via a GitHub repository since June 17, 2018, before the issue was rectified on November…
Universal Health Services (UHS) in its recent earnings report revealed that a ransomware attack last fall, left them with a whopping pre-tax loss of $67 million.
In the report, UHS referred to the cyberattack as an “information technology security incident” and said that the incident forced them to suspend user access to several technology applications in the US during the…
The National Security Agency (NSA) has released Cybersecurity Information Sheet: Embracing a Zero Trust Security Model, which provides information about, and recommendations for, implementing Zero Trust within networks.
The Zero Trust security model is a set of IT system design principles and a cybersecurity strategy based on the fact that threats exist both inside and outside traditional…
Microsoft 365 update ensures connectivity even during uncertain internet access conditions
April 9, 2021
Microsoft 365 users can breathe a sigh of relief as the company is updating its policy regarding offline access of applications. The previous policy stated that the devices must connect to the internet at least once every 30 days to ensure that all apps are up to date. Now, the time-frame has been extended to 180 days, and this will help remote users and other workers who may be working for long…
IBM patched a critical buffer-flow error that affected its Integration Designer toolset. The error has the potential of being exploited to enable the execution of remote codes. The flaw (CVE-2020-27221) was critical in severity as it has a CVSS base score of 9.8 out of 10.
The critical flaw originated from an issue in versions 7 and 8 of Java Runtime Environment (JRE), which is a software layer…
Clubhouse, the iOS-only audio-based social app that has been on the news for quite a while, is trending now for not-so-great reasons. A third-party developer from mainland China designed an open-source app for Android that allowed users to access the audio platform’s service. The developer posted the source code on Github and said that the app allowed anyone to access personal audio sessions…
Microsoft announced that two of its security services, Azure Front Door and Azure Firewall have been updated with improvements. Azure Front Door now comes with two new products in the preview stage, Standard and premium, while Azure Firewall has a Premium option in the preview stage as well.
The company conducted a web presentation titled “Modernize Your Network Security Strategy” on Feb…
Aspredicted by IDC, there will be 55.7 billion connected devices worldwide by 2025, out of which 75% will be connected to an IoT platform. To communicate securely, each machine needs a unique identity to authenticate and secure communications. Machines are identified by digital certificates that are assigned by dedicated Certification Authorities (CA), which encrypts the data for machines…
