Tag: Azure | Page 3

Cyber Security Today, Aug. 30, 2021 – A new ransomware strain with a trick, a warning for Azure Cosmos administrators and more on the T-Mobile hack

August 30, 2021/in Internet Security

A new ransomware strain with a trick, a warning for Azure Cosmos administrators and more on the T-Mobile hack

Welcome to Cyber Security Today. It’s Monday August 30th. I’m Howard Solomon, contributing writer on cybersecurity for ITWorldCanada.com.

A new strain of ransomware uses a trick to evade detection. According to cybersecurity company Sophos, instead of encrypting all the bytes of a file the LockFile strain only scrambles every 16 bytes of a file. That way the partly encrypted files look similar to the uncompromised original file. As a result, it evades the statistical file analysis some ransomware protection applications perform when comparing files. It’s not the only ransomware strain that does this. But what sets LockFile apart is it encrypts every other 16 bytes of a file. Sophos calls this intermittent encryption. IT security teams need to make sure their defensive software can meet this challenge.

Meanwhile the news site The Record reports the gang behind the Ragnarok ransomware has shut operations and released a free decryption utility that victims can use to get their data back.

Chains of threat actor-controlled computing devices called botnets help attackers distribute malware. According to a news report, one of them has suddenly shut. Those behind the botnet distributing the Phorpiex malware are selling the source code. The bad news is if a threat actor buys the code the botnet can be re-activated.

Organizations with employees using Microsoft’s Azure Cosmos database with the Jupyter Notebook feature enabled need to take certain security precautions. This comes after researchers reported a vulnerability that could allow an attacker to get into accounts. Microsoft says it has fixed the vulnerability. But it also says IT departments have to regenerate the primary security keys for the application. According to the company that discovered the problem, every organization that uses Azure Cosmos DB should assume their data has been exposed. It estimates there are thousands of organizations affected, including some in the Fortune 500. There’s a link to the Microsoft report here.

Has sportswear maker Puma been hacked? That’s the question after an ad on the criminal…

Source…

Microsoft introduces Azure Sentinel updates, a mobile security app, new certifications, and much more

March 5, 2021/in Mobile Security

Although the flagship launch at Microsoft Ignite, which wound up on Wednesday, was the flashy Microsoft Mesh, there were many security-focused product and feature announcements that should bring a smile to admins’ faces. Here’s a look at some of what’s here now and what’s coming.

Generally available

Passwordless authentication for cloud and hybrid environments. Azure AD lets users sign in with biometrics or a tap using Windows Hello for Business, the Microsoft Authenticator app, or a compatible FIDO2 security key from Microsoft Intelligent Security Association partners such as Yubico, Feitian, and AuthenTrend. With Temporary Access Pass, now in preview, you can generate a time-limited code to set up or recover a passwordless credential.

More than 30 new connectors for Azure Sentinel make it easier to collect data across all cloud environments, including Salesforce Service Cloud, VMware, and Cisco Umbrella. It also has new security orchestration response (SOAR) playbooks to create automation rules, block suspicious IP addresses in Azure Firewall, isolate endpoint devices with Microsoft Intune and update a user’s risk state with Azure Active Directory Identity Protection. There are also improvements in data ingestion and enhanced analytics.

Now in preview

Windows Server 2022, to be available this calendar year, will allow customers to run applications on Azure, on-premises, or at the edge. Along with its increased functionality, it will boast a couple of appealing security features. The key one is the Secured-core server, which uses hardware, firmware, and operating system capabilities. It includes Trusted Platform Module 2.0 (TPM 2.0) to provide hardware root-of-trust, firmware protection, and virtualization-based security. The Windows Admin Center security tool (also in preview) will report on the Secured-core features and enable them where applicable.

More Ignite coverage:

Microsoft Ignite 2021: More Teams updates and enhancements [Full story]

Microsoft announces three new industry-specific cloud offerings [Full story]

Microsoft launches Mesh mixed reality platform at Ignite [Full Story]

Edge Secured-core will apply Secured-core security to IoT devices.

A unified mobile…

Source…

What Are the Best Cyber Security Certifications For 2021?

January 8, 2021/in Video

Two Vulnerabilities Found in Microsoft Azure … – Dark Reading

January 31, 2020/in Internet Security

Two Vulnerabilities Found in Microsoft Azure … Dark Reading
“exploit kit” – read more

Tag Archive for: Azure

Generally available

Now in preview

More Ignite coverage: