Security News

Microsoft has released its latest biannual digital trust reports on the Microsoft Reports Hub. The tech giant also released its latest Microsoft Privacy Report with this larger group of reports.

BoxBoat announced that it is realizing significant managed services revenue growth driven by greater customer adoption of its BoxOps platform. BoxOps is BoxBoat's DevSecOps managed service platform.

A majority of the largest energy companies in the United States appear to have neglected the security of their domain names, according to CSC, a firm that specializes in securing online assets. The data covers the 30 biggest U.S. companies that produce and deliver energy.

Australian security firm Azimuth has been identified as the experts who managed to crack a mass shooter's iPhone that was at the center of an encryption standoff between the FBI and Apple. Until this week it had largely been assumed that Israeli outfit Cellebrite was hired to forcibly unlock an encrypted iPhone 5C used by Syed Farook - who in 2015 shot and killed colleagues at a work event in San Bernardino, California, claiming inspiration from ISIS. Efforts by law enforcement to unlock and pore over Farook's phone were unsuccessful, leading to the FBI taking Apple to court to force it to crack its own software to reveal the device's contents.

Even the most limited and self-contained test networks quickly end up crying out for DNS, and if ever you want to hook up your device or devices to the internet, you can consider DNS support a must. That's why any TCP/IP device, no matter how tiny and resource-constrained it might be, and any operating system, no matter how much it might have been miniaturised, includes code for what's known as DNS resolution or DNS lookup.

Just weeks after a wave of major in-the-wild zero-day attacks against Exchange Server installations globally, Microsoft is raising a fresh alarm for four new critical security flaws that expose businesses to remote code execution attacks. The four new Exchange Server vulnerabilities were fixed as part of this month's Patch Tuesday bundle and because of the severity of these issues, Microsoft has joined with the U.S. National Security Agency to urge the immediate deployment of the new fixes.

Threat actors are leveraging the supply chain to deliver various types of threats to organizations, and few of them are spared from such attacks, according to a new report from enterprise security company Proofpoint. During a seven-day window in February 2021, out of a total of 3,000 monitored organizations, Proofpoint reports that a whopping 98 percent were hit with a form of assault leveraging compromised supplier accounts and supplier impersonation.

Key lawmakers said Tuesday they're concerned they've been kept in the dark about what suspected Russian hackers stole from the federal government and they pressed Biden administration officials for more details about the scope of what's known as the SolarWinds hack. The AP reported last month that suspected Russian hackers gained access to email accounts belonging to the Trump administration's acting homeland security secretary, Chad Wolf, and members of his department's cybersecurity staff whose jobs included hunting threats from foreign countries.

Attacks against firmware are snowballing, outstripping many organizations' cyber-defenses, according to a survey from Microsoft. The report showed that more than 80 percent of enterprises have experienced at least one firmware attack in the past two years - but only 29 percent of security budgets goes to firmware security.

Sensitive data pertaining to the customers of top mobile services providers in the European Union is at risk of compromise due to improperly secured websites, data security and privacy firm Tala reveals. An analysis of the websites of 13 of the top mobile telecom companies in the EU has revealed that none of them has in place even the minimum necessary protections to be considered secure.