Security News

Access management outfit BeyondTrust has urged organizations to remove admin rights from users, arguing that doing so would have at least mitigated more than 100 vulnerabilities in Microsoft products last year. There are businesses and groups out there that are pressured internally into handing people admin rights to keep folks working with awkward software deployments.

Access management outfit BeyondTrust has urged organizations to remove admin rights from users, arguing that doing so would have at least mitigated more than 100 vulnerabilities in Microsoft products last year. There are businesses and groups out there that are pressured internally into handing people admin rights to keep folks working with awkward software deployments.

Cybersecurity innovator Tiberium launched two Microsoft based services leveraging Azure Sentinel and Microsoft Defender. Founded by Kiwi, Drew Perry, the launch sees the first major step for Tiberium since closing a successful funding round and welcoming experienced security players to the Board at the turn of the year.

Thales announces a new data protection capability for Microsoft customers to benefit from the power of the full range of Microsoft 365 applications while protecting sensitive data in the cloud and meeting major data privacy regulations and requirements. Designed for companies that operate in highly-regulated sectors such as financial services and healthcare, they can now leverage Thales Luna Hardware Security Modules with Double Key Encryption for Microsoft 365 and comply with regulations such as the EU GDPR, the Health Insurance Portability and Accountability Act, and the recommendations from the European Data Protection Board following the Schrems II ruling.

Microsoft has shed some light on the root cause behind yesterday's massive Azure authentication outage that affected multiple Microsoft services and blocked users from logging into their accounts. This issue prevented users from authenticating to Microsoft 365, Exchange Online, Microsoft Teams, or any other service relying on Azure AD. "Between 19:00 UTC on March 15, 2021, and 09:25 UTC on March 16, 2021 customers may have encountered errors performing authentication operations for any Microsoft and third-party applications that depend on Azure Active Directory for authentication," Microsoft explained today in a preliminary root cause analysis report.

As dangerous attacks accelerate against Microsoft Exchange Servers in the wake of the disclosure around the ProxyLogon group of security bugs, a public proof-of-concept whirlwind has started up. Microsoft said in early March that it had spotted multiple zero-day exploits in the wild being used to attack on-premises versions of Microsoft Exchange servers.

Microsoft has released Exchange On-Premises Mitigation Tool, which quickly performs the initial steps for mitigating the ProxyLogon flaw on any Exchange server and attempts to remediate found compromises. "This tool is not a replacement for the Exchange security update but is the fastest and easiest way to mitigate the highest risks to internet-connected, on-premises Exchange Servers prior to patching," Microsoft explained.

The emergency patches for the recently disclosed critical vulnerabilities in Microsoft Exchange email server did not come soon enough and organizations had little time to prepare before en masse exploitation began. With patches released and proof-of-concept exploit code surfacing online, thousands of Microsoft Exchange servers worldwide continue to remain vulnerable and the number of attacks is still at a worrying level.

Microsoft on Monday released a one-click mitigation software that applies all the necessary countermeasures to secure vulnerable environments against the ongoing widespread ProxyLogon Exchange Server cyberattacks. Called Exchange On-premises Mitigation Tool, the PowerShell-based script serves to mitigate against current known attacks using CVE-2021-26855, scan the Exchange Server using the Microsoft Safety Scanner for any deployed web shells, and attempt to remediate the detected compromises.

Microsoft's scramble to address the fallout from the zero-day attacks against on-prem Exchange Server installations continued this week with the release of a one-click mitigation tool help businesses contain the damage. The new Exchange On-premises Mitigation Tool is aimed at companies without dedicated security or IT teams to manage patching and post-incident forensics.