The head of Microsoft’s Security Response Center defends keeping its initial vulnerability disclosures sparse â it is, she says, to protect customers. Jai Vijayan BLACK HAT USA â Las Vegas â A top Microsoft security executive today defended the company’s vulnerability disclosure policies as providing enough information for security teams to make informed patching decisions […]
âWin11 builds now have a DEFAULT account lockout policy to mitigate RDP and other brute force password vectors,â David Weston of Enterprise and OS Security at Microsoft, announced, just as the company confirmed that it will resume the rollout of the default blocking of VBA macros obtained from the internet. Brute-forced RDP access and malicious macros have for a […]
Microsoft released workarounds for a recently discovered zero-day vulnerability, dubbed Follina, in the Microsoft Office productivity suite. Microsoft has released workarounds for a recently discovered zero-day vulnerability, dubbed Follina and tracked as CVE-2022-30190  (CVSS score 7.8), in the Microsoft Office productivity suite. âOn Monday May 30, 2022, Microsoft issued CVE-2022-30190  regarding the Microsoft Support Diagnostic Tool (MSDT) in Windows vulnerability.â reads […]
Microsoft has awarded the security researcher Laxman Muthiyah $50,000 for reporting a vulnerability that could have allowed anyone to hijack usersâ accounts without consent. According to the expert, the vulnerability only impacts consumer accounts. The vulnerability is related to the possibility to launch a bruteforce attack to guess the seven-digit security code that is sent […]
âBest Practices for Keeping Your Home Network Secureâ is a new guide published by the National Security Agency. This document provides home users directions for keeping their systems secure and protected. Users are faceing lots of security issues now a days, and trying to apply all the required security measures is complicated due to the […]
Image via Wikipedia By Kevin Poulsen @wired.com The federal agency in charge of protecting other agencies from computer intruders was found riddled with hundreds of high-risk security holes on its own systems, according to the results of an audit released Wednesday. The United States Computer Emergency Readiness Team, or US-CERT, monitors the Einstein intrusion-detection sensors […]
Image via CrunchBase San Francisco (GaeaTimes.com) â Microsoft Office 2010 is the latest version of Microsoft Office productivity suite. The new features of Office 2010 are its extended file compatibility and a refined user interface. Microsoft PowerPoint is one of the most important parts of the Office suite and has many advanced features. But Microsoft […]
Image by Laughing Squid via Flickr By Jordan Robertson, AP The recent hacking attack that prompted Google’s threat to leave China is underscoring the heightened dangers of previously undisclosed computer security flaws â and renewing debate over buying and selling information about them in the black market. Because no fix was available, the linchpin in […]
Image by david ian roberts via Flickr Worm like conficker is a digital time bomb which is hard coded to trigger on April 1 (April foolâs day). Antivirus companies are doing their best to minimize the impact of conficker worm. Conficker first variant was introduced few months back and have already caused significant amount of […]
According to BBC news article by Maggie Shiels (Feb 11, 2009) the worldâs biggest software maker has warned companies to expect an increase in âinsiderâ security attacks by disgruntled, laid-off workers. Microsoft said so-called “malicious insider” breaches were on the rise and would worsen in the present downturn. Below are the high points: ⢠With […]
The purpose of network access control is to protect and safeguard assets attached to network from threats of unauthorized users gaining access to organizationâs assets. Network Access Control (NAC) authenticate users to make sure they are authorized to login and following the policies and procedures for login before authorized to use organization assets. Some of […]
