Adaptive Network Hardening in Azure Security Center Now in Public Preview

Microsoft has now delivered adaptive network hardening capability into a public preview. What does it do? Adaptive Network Hardening uses intelligence to learn the network traffic and connectivity patterns of the Azure workloads and provide network security recommendations for rule configuration for your internet-facing virtual machines. To find this, in the Azure Portal go to Security Center select Networking and then Adaptive network hardening.

Microsoft Word Being Used as a Trojan Horse, Microsoft Says the Vulnerability Doesn’t Meet the Security Bar to Warrant a Fix

Mimecast Research Labs has identified a memory corruption problem with Microsoft Word in that attackers can use the exploit to bypass Windows antimalware security – and apparently, some are actively exploiting it now. Our detection engines spotted an attacker group, which seems to originate from Serbia, using specially-crafted Microsoft Word documents to take advantage of how Microsoft Word handles Integer Overflow errors in the OLE file format. The group was able to exploit this bug to circumvent many security solutions designed to protect data from infestation, including leading sandbox and anti-malware technologies. According to Mimecast, it notified Microsoft way back in May of 2018.  Two days later, Microsoft told Mimecast that the issue didn’t meet the security bar, so a ...

Adobe Chooses April 2019 to Euthanize Shockwave

Adobe’s web media helper apps have a long history of being problematic from a security perspective, needing constant patches and fixes to keep customers safe. So, it should come as no surprise that the company will end its Shockwave product soon. While it’s other popular media app, Flash, reaches its end of life in 2020, Shockwave will be retired next month. According to the company’s FAQ on the topic… Effective April 9, 2019, Adobe Shockwave will be discontinued and the Shockwave player for Windows will no longer be available for download. Retiring the Shockwave player for Windows is the last step in a multi-year process: Adobe Director, an authoring tool for Shockwave content, was discontinued on February 1, 2017 and the Shockwave player for macOS was discontinued...

With a Serious Exploit Being Actively Targeted Against Windows 7, Google Pushes Windows 10 Upgrades

Google recently patched a zero-day flaw in its Chrome web browser, but a second one that affects Windows 7 is still being actively exploited. Google relayed the information about the vulnerability to Microsoft, and the Windows company has responded directly to Google that a fix is in the works. Of course, there’s no timeline given, so Windows 7 users are vulnerable. Based on the vulnerability that only affects Windows 7, Google is providing this guidance: As mitigation advice for this vulnerability users should consider upgrading to Windows 10 if they are still running an older version of Windows and to apply Windows patches from Microsoft when they become available. We will update this post when they are available. Details: Disclosing vulnerabilities to protect users across platform...

Zero-Day: Leading Google Chrome Security Researcher Says Update Chrome Right Now

If there’s any reason to jump directly to updating any product due to a security flaw, the most compelling would be if the person that does the actual security research for the product told you so. In this case, that’s exactly what’s happened. Also, seriously, update your Chrome installs… like right this minute. #PSA — Justin Schuh 🗑 (@justinschuh) March 6, 2019 On March 1st, Google released a critical security update for Chrome. The update included a fix for a flaw that is being actively attacked. [$N/A][936448] High CVE-2019-5786: Use-after-free in FileReader. Reported by Clement Lecigne of Google’s Threat Analysis Group on 2019-02-27 Google is aware of reports that an exploit for CVE-2019-5786 exists in the wild.

Information Protection updates in Microsoft 365

Microsoft Information Protection is a family of complementary solutions to help you to discover, classify, protect and monitor your sensitive information, wherever it lives. Whether its on-premises, on devices, or in the Cloud.

Microsoft Introduces an Outsourced Security Service for Office 365 Customers

In addition to releasing it’s Azure-based AI threat investigation and reporting tool, Azure Sentinel, today Microsoft has also announced a new managed threat hunting service for Office 365 tenants. But, unlike Azure Sentinel which relies heavily on AI, this other service for Office 365 has a deeply human component. Called Microsoft Threat Experts, the service allows companies to partner with Microsoft security workers to head-off potentially damaging intrusions. This initial release offers the following two components (with more coming): Targeted attack notifications: Alerts that are tailored to organizations provide as much information as can be quickly delivered to bring attention to critical threats in their network, including the timeline, scope of the breach, and the methods of ...

Configuring Windows Server 2019 Open SSH Server to support Key Based Authentication

In this video, you will learn how to deploy and configure Open SSH Server on Windows Server 2019 as well as learn how to configure key based authentication.

Microsoft Delivers Azure Sentinel to Preview – Intelligent Security Analytics for the Enterprise

Microsoft today has delivered into preview a new security analytics product called Azure Sentinel. Utilizing Artificial Intelligence (AI), the service constantly digs into the Enterprise to uncover potential security issues and to identify active ones. Azure Sentinel works across all hardware, users, devices, and software both on-premises and in the cloud. It collects data, detects faults and flaws, investigates what it finds, and then has orchestration built in to deliver mitigations. The data that Azure Sentinel collects can be imported into Office 365 where it’s reviewed and shared. Preview it for free here:

Google Chrome’s PDF Reader Gives Away User Information – Fix Not Planned Until April

According to EdgeSpot, a vulnerability exists in the included PDF reader for Google Chrome. This affects all iterations of Google Chrome, including ChromeOS. The vulnerability has been labeled as a zero-day flaw and has existed since December 2018 when EdgeSpot began noticing “leaking” PDF data. Since late last December, some interesting PDF samples were found by our engine. These samples acted as “no problem” when opened in popular Adobe Reader, however, they made suspicious outbound traffic when they’re opened locally on Google Chrome. The information that is collected and distributed to an unknown recipient: The public IP address of the user. OS, Chrome version etc (in HTTP POST header). The full path of the PDF file on user’s computer (in HTTP POST payload). Edg...

Duo Security Releases CRXcavator into Public Beta to Identify Dangerous Chrome Extensions

According to Duo Security, a third of the extensions available for Google’s Chrome web browser have serious and potentially damaging security flaws. The company outlays the problem in a recent blog post: Democratizing Chrome Extension Security Essentially, extension developers either are clueless when it comes to developing secure solutions, they are just lazy, or in some cases, could be delivering secret but devastating payloads on purpose. Duo Security also uses the blog post to announce a beta product called CRXcavator. The online tool allows you to submit a Chrome extension ID so it can scan to and report its security status. With the recent announcement by Microsoft to begin utilizing Chromium for its own Edge browser – which will include Chrome exte...

Microsoft to Begin Upgrading Windows 7 Security in March 2019

In November 2018, Microsoft communicated upcoming changes to Windows 7 security, moving to the SHA-2 algorithm exclusively. We now know the timeline for these changes. The company will deploy the changes methodically, but start the process with March 2019 updates and finishing up in July 2019. Customers running legacy OS versions (Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2) will be required to have SHA-2 code signing support installed on their devices by July 2019. Any devices without SHA-2 support will not be offered Windows updates after July 2019. To help prepare you for this change, we will release support for SHA-2 signing in 2019. Some older versions of Windows Server Update Services (WSUS) will also receive SHA-2 support to properly deliver SHA-2 signed up...