Cybersecurity
Intune for Linux GA in Q3 -- but will be bare bones.
Ubuntu 20.04 first: don't expect bells and whistles; do expect custom BASH...
Cybersecurity
Hackers are proxying your Azure Active Directory login to bypass MFA
Hackers proxied the Azure Active Directory (Azure AD) sign-in pages of thousands of organisations to steal credentials and bypass multi-factor authentication (MFA), Microsoft has warned, saying it tracked attempts against 10,000 organisations since September 2021 – many attacks resulting in successful follow-up business email compromise (BEC) campaigns (sophisticated phishing that
Cybersecurity
Microsoft backtracks on change to block Office macros, despite security concerns
“To say I'm disappointed is an understatement."
Cloud
New Open CVDB project puts cloud vulnerabilities in the spotlight
“There is currently no universal standard for cloud vulnerability enumeration..."
Cybersecurity
MSFT moves on cross-tenant Azure hardening as shocking "SynLapse" exploit details released
Orca Security takes Azure Synapse off its naughty list after six-month investigation.
Featured
Unusual bedfellows: Microsoft, AWS team up
"DoWhy" causal inference toolkit gets new open source home...
Cybersecurity
Microsoft zero day "Follina" demystified: What you need to know
Microsoft Support Diagnostic Tool being unhelpful...
Cybersecurity
Microsoft warns over novel SQL Server attacks
Microsoft warned that a malicious campaign targeting SQL Servers is using an "uncommon living-off-the-land binary" that to achieve persistence on compromised systems -- saying that defenders need to pay increased attention to abuse of the sqlps.exe which ships with SQL Server as standard. Without naming the attackers
Enterprise IT
Uneasy wait for MSPs as Microsoft goes quiet on partner changes
"The partner centre was broken from day one..."
Cybersecurity
Microsoft mauled over fresh cross-tenant vulnerability
"This is a major attack surface and not consistent with the level of security that public cloud customers expect."
Cybersecurity
MSFT's new £2.30 Defender for Business license sets the cat among the EDR pigeons
For Android, Macs, you'll need Intune. Channel partners may...
Read This
The 10 most-exploited vulnerabilities of 2021: Not patched? Likely pwned...
Attackers continue to accelerate their weaponisation of newly-discovered flaws, the Five Eyes list of most-exploited vulnerabilities of 2021 shows. Contrary to some reports suggesting fears of mass-exploitation had been over-indexed, the flaw in Log4j joined the most widely-exploited vulnerabilities last year, despite only being discovered at the year's