Security News

Microsoft has addressed an actively exploited Windows LSA spoofing zero-day that unauthenticated attackers can exploit remotely to force domain controllers to authenticate them via the Windows NT LAN Manager security protocol. The vulnerability, tracked as CVE-2022-26925 and reported by Bertelsmann Printing Group's Raphael John, has been exploited in the wild and seems to be a new vector for the PetitPotam NTLM relay attack.

Today is Microsoft's May 2022 Patch Tuesday, and with it comes fixes for three zero-day vulnerabilities, with one actively exploited, and a total of 75 flaws. Of the 75 vulnerabilities fixed in today's update, eight are classified as 'Critical' as they allow remote code execution or elevation of privileges.

Microsoft on Monday disclosed that it mitigated a security flaw affecting Azure Synapse and Azure Data Factory that, if successfully exploited, could result in remote code execution. "The vulnerability was specific to the third-party Open Database Connectivity driver used to connect to Amazon Redshift in Azure Synapse pipelines and Azure Data Factory Integration Runtime and did not impact Azure Synapse as a whole," the company said.

Microsoft has released security updates to address a security flaw affecting Azure Synapse and Azure Data Factory pipelines that could let attackers execute remote commands across Integration Runtime infrastructure.The Integration Runtime compute infrastructure is used by Azure Synapse and Azure Data Factory pipelines to provide data integration capabilities across network environments package execution).

Microsoft is rolling out its "Security Experts" managed service with an eye on stomping down threats and malware. Microsoft is planning to roll out three such managed services in 2022, one of which became available today.

Microsoft Defender for Endpoint, formerly known as Microsoft Defender Advanced Threat Protection, is the tech giant's enterprise endpoint security platform. VMware Carbon Black Endpoint is an EDR software solution that consolidates multiple endpoint security features into a single platform.

When you install software are you sure it's code you can trust? There are so many questions we need to ask: do you know how that application got to you, how it was built and what third-party software is running under the hood? With no visibility into how that software was built, there was no way to know that that software shouldn't be trusted.

Microsoft, Apple and Google - all longtime proponents of doing away with passwords for authentication purposes - are throwing their support behind standards developed by the FIDO Alliance and the World Wide Web Consortium that could eliminate the passphrases completely. Microsoft said there are 579 password attacks every second, or about 18 billion a year, and many of them are successful, mainly because people have a tendency to pick poor passwords or reuse them across multiple accounts.

Today, Microsoft, Apple, and Google announced plans to support a common passwordless sign-in standard developed by the World Wide Web Consortium and the FIDO Alliance. "These multi-device FIDO credentials, sometimes referred to as passkeys, represent a monumental step toward a world without passwords," added Microsoft Identity Division Vice President Alex Simons.

Google, Apple, Microsoft promise end to passwords, courtesy of your mobile phone. A future without passwords may be closer than we think, at least when a new initiative to enlist your smartphone as a mobile authenticator gets off the ground.