Security

Zero-Day: Leading Google Chrome Security Researcher Says Update Chrome Right Now

If there’s any reason to jump directly to updating any product due to a security flaw, the most compelling would be if the person that does the actual security research for the product told you so. In this case, that’s exactly what’s happened. Also, seriously, update your Chrome installs… like right this minute. #PSA — Justin Schuh 🗑 (@justinschuh) March 6, 2019 On March 1st, Google released a critical security update for Chrome. The update included a fix for a flaw that is being actively attacked. [$N/A][936448] High CVE-2019-5786: Use-after-free in FileReader. Reported by Clement Lecigne of Google’s Threat Analysis Group on 2019-02-27 Google is aware of reports that an exploit for CVE-2019-5786 exists in the wild.

Information Protection updates in Microsoft 365

Microsoft Information Protection is a family of complementary solutions to help you to discover, classify, protect and monitor your sensitive information, wherever it lives. Whether its on-premises, on devices, or in the Cloud.

Microsoft Introduces an Outsourced Security Service for Office 365 Customers

In addition to releasing it’s Azure-based AI threat investigation and reporting tool, Azure Sentinel, today Microsoft has also announced a new managed threat hunting service for Office 365 tenants. But, unlike Azure Sentinel which relies heavily on AI, this other service for Office 365 has a deeply human component. Called Microsoft Threat Experts, the service allows companies to partner with Microsoft security workers to head-off potentially damaging intrusions. This initial release offers the following two components (with more coming): Targeted attack notifications: Alerts that are tailored to organizations provide as much information as can be quickly delivered to bring attention to critical threats in their network, including the timeline, scope of the breach, and the methods of ...

Configuring Windows Server 2019 Open SSH Server to support Key Based Authentication

In this video, you will learn how to deploy and configure Open SSH Server on Windows Server 2019 as well as learn how to configure key based authentication.

Microsoft Delivers Azure Sentinel to Preview – Intelligent Security Analytics for the Enterprise

Microsoft today has delivered into preview a new security analytics product called Azure Sentinel. Utilizing Artificial Intelligence (AI), the service constantly digs into the Enterprise to uncover potential security issues and to identify active ones. Azure Sentinel works across all hardware, users, devices, and software both on-premises and in the cloud. It collects data, detects faults and flaws, investigates what it finds, and then has orchestration built in to deliver mitigations. The data that Azure Sentinel collects can be imported into Office 365 where it’s reviewed and shared. Preview it for free here: https://azure.microsoft.com/en-us/services/azure-sentinel/

Google Chrome’s PDF Reader Gives Away User Information – Fix Not Planned Until April

According to EdgeSpot, a vulnerability exists in the included PDF reader for Google Chrome. This affects all iterations of Google Chrome, including ChromeOS. The vulnerability has been labeled as a zero-day flaw and has existed since December 2018 when EdgeSpot began noticing “leaking” PDF data. Since late last December, some interesting PDF samples were found by our engine. These samples acted as “no problem” when opened in popular Adobe Reader, however, they made suspicious outbound traffic when they’re opened locally on Google Chrome. The information that is collected and distributed to an unknown recipient: The public IP address of the user. OS, Chrome version etc (in HTTP POST header). The full path of the PDF file on user’s computer (in HTTP POST payload). Edg...

Duo Security Releases CRXcavator into Public Beta to Identify Dangerous Chrome Extensions

According to Duo Security, a third of the extensions available for Google’s Chrome web browser have serious and potentially damaging security flaws. The company outlays the problem in a recent blog post: Democratizing Chrome Extension Security Essentially, extension developers either are clueless when it comes to developing secure solutions, they are just lazy, or in some cases, could be delivering secret but devastating payloads on purpose. Duo Security also uses the blog post to announce a beta product called CRXcavator. The online tool allows you to submit a Chrome extension ID so it can scan to and report its security status. https://crxcavator.io/ With the recent announcement by Microsoft to begin utilizing Chromium for its own Edge browser – which will include Chrome exte...

Microsoft to Begin Upgrading Windows 7 Security in March 2019

In November 2018, Microsoft communicated upcoming changes to Windows 7 security, moving to the SHA-2 algorithm exclusively. We now know the timeline for these changes. The company will deploy the changes methodically, but start the process with March 2019 updates and finishing up in July 2019. Customers running legacy OS versions (Windows 7 SP1, Windows Server 2008 R2 SP1 and Windows Server 2008 SP2) will be required to have SHA-2 code signing support installed on their devices by July 2019. Any devices without SHA-2 support will not be offered Windows updates after July 2019. To help prepare you for this change, we will release support for SHA-2 signing in 2019. Some older versions of Windows Server Update Services (WSUS) will also receive SHA-2 support to properly deliver SHA-2 signed up...

February 2019 .NET Update Contains Security Fixes for Domain Spoofing and Remote Code Execution

Many customers try hard not to have to update the .NET code for Windows. These days, some consider every Windows update as a potential timebomb, but the .NET updates have a long history of being a difficult problem child. Microsoft delivered .NET updates for February 2019 and these updates come with some fixes that may cause some to do a double-take. These may warrant some heightened attention. Here is what’s up… CVE-2019-0613 – Remote Code Execution Vulnerability This security update resolves a vulnerability in .NET Framework software if the software does not check the source markup of a file. An attacker who successfully exploits the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on by using administrative user rights,...

Shared Calendar Workarounds for CUs for Exchange 2016 and 2019

According to Microsoft a bug exists in Cumulative Update 1 for Exchange Server 2019 and Cumulative Update 12 for Exchange Server 2016 where users can no longer accept Share Calendars through an email invitation. Microsoft has supplied the following workarounds. Use one of these until a final resolution is available. > Open the invitation from the Notifications pane in Outlook on the web. > Add the shared calendar manually in Outlook on the web. > Open the invitation in Outlook, and then add the shared calendar.