Security News

More than 100,000 Windows systems have not yet been updated to protect against a previously-patched, critical and wormable flaw in Windows called SMBGhost. Microsoft patched the remote code-execution flaw bug tracked as CVE-2020-0796 back in March; it affects Windows 10 and Windows Server 2019, and ranks 10 out of 10 on the CVSS scale.

The Microsoft Defender Advanced Threat Protection endpoint security platform now provides users with a new report designed to help them keep track of vulnerable Windows and macOS devices within their organization's environment. The vulnerable devices report displays graphs with statistics and details on currently vulnerable device trends with the end goal of making it easier for IT administrators to grasp the scope and breadth of device exposure within the organization.

Microsoft has released a spreadsheet containing the full list of URLs that Microsoft Defender ATP must reach to function correctly. When Microsoft Defender ATP is installed on endpoints, its sensor will detect malicious threats and behaviors and send them via HTTP to the Microsoft Defender ATP cloud service.

Microsoft disclosed today that Iranian state-sponsored hackers successfully hacked into the email accounts of multiple high-profile individuals and potential attendees at this year's Munich Security Conference and the Think 20 summit. "The attacks were successful in compromising several victims, including former ambassadors and other senior policy experts who help shape global agendas and foreign policies in their respective countries," Tom Burt, Corporate Vice President for Customer Security & Trust at Microsoft said earlier today.

Administrators woke up to a scary surprise today after false positives in Microsoft Defender ATP showed network devices infected with Cobalt Strike. Microsoft Defender ATP is Microsoft's enterprise antivirus and threat monitoring solution that admins deploy on devices throughout an organization.

AttackIQ announced its integration between the Microsoft Azure Sentinel cloud-native security information and event manager platform and the AttackIQ Security Optimization Platform. "We're delighted to announce AttackIQ's integration with Microsoft Azure Sentinel, and the opportunity to enable Azure Sentinel users to test and validate their detection pipeline and ultimately fine-tune security processes across their organization," said Dariush Afshar, VP of Platform & Business Development, AttackIQ. "With our integration with Azure Sentinel, Microsoft customers now have another powerful tool for optimizing their security investments, whether that be their Microsoft 365 Defender investments like Microsoft Defender for Endpoint, or third-party security products - such as nextgen firewall - that feed Azure Sentinel."

Microsoft says that Office 365 customers can use unlimited disposable recipient email addresses after the Plus Addressing feature rolled out to all Exchange Online users. Plus addressing allows users to create an indefinite number of custom and unique email addresses by adding suffix text strings to their standard address using a '+' delimiter.

Microsoft this week announced the availability of a new password spray detection for Azure AD Identity Protection customers. According to Microsoft, password spray attacks yield a 1% success rate, but only if the targeted accounts don't use password protection.

Earlier this year, Microsoft announced that it's working on Vertical tabs and Smart copy features for the Edge browser. Today, Microsoft is rolling out the new Vertical Tabs feature to users in the Dev and Canary channels.

Up to 78 percent of Microsoft 365 administrators do not have multi-factor authentication security measures enabled. A recent report by CoreView Research also found that 97 percent of all total Microsoft 365 users do not use MFA, shedding a grim light on the security issues inherent with the implementation of Microsoft's subscription service.