Recent Security Stories

Compact

Standard

Grid

With the upcoming Advanced Data Protection feature for iCloud, Apple will offer end-to-end encryption for even more iCloud data including iCloud backups and Photos.

In yet another step towards our passwordless futures, Microsoft this past week unveiled a public preview of Azure AD Certificate-Based Authentication (CBA) on mobile.

A new study claims that Microsoft Teams and Slack are basically operating systems, and yet they’re each missing a core piece of functionality.

Security researchers from Vectra Protect identified a major new vulnerability in Microsoft Teams, but Microsoft says there’s no need for a fix.

Cybersecurity company Mandiant warns that the hackers are exploiting multifactor authentication (MFA) to gain unauthorized access to dormant Microsoft 365 accounts.

According to the tech press, ‘it’ doesn’t exist until Apple announces it first. Except that when it comes to passwordless, Microsoft got there first.

After a strange bit of back-and-forth, Microsoft announced that it will resume blocking VBA macros in Office by default starting July 27.

What is Apple iOS 16 Lockdown Mode and should you use it when it becomes available in September?

Apple has detailed today a new Lockdown Mode that will come to iOS 16, iPadOS 16, and macOS Ventura later this fall.

A common passwordless sign-in sounds great. But only Microsoft has truly embraced passwordless sign-ins. Apple and Google have a lot more work to do.

Apple, Google, and Microsoft announced will be expanding support for the passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium.

Microsoft announced today that GitHub will require all contributors to enroll in two-factor authentication (2FA) by the end of 2023.

Microsoft has now disabled the SMB1 protocol by default on the latest Windows 11 Home Insider builds coming from the Dev Channel. 

I didn’t pay enough attention to the security announcements that came out of this week’s Windows 11 hybrid work event.

Microsoft has confirmed yesterday that the Lapsus$ hacker group, which previously claimed to have stolen 37 GB of Microsoft source code, did manage to hack into a single account and steal some data.

Google is now in discussions to acquire Mandiant Inc., a cybersecurity company that was previously approached by Microsoft. Google is reportedly ready to spend billions on the US-based firm to improve the security aspects of its cloud computing offerings.

Microsoft revealed today that it detected a new round of Russian cyberattacks on Ukraine in the hours leading up to the invasion.

Microsoft is reportedly exploring the acquisition of Mandiant Inc., a US-based cybersecurity firm that’s currently valued at $4.2 billion.

Google revealed today that a recent initiative to require customers to enable 2-Step Verification (2SV) has been incredibly successful.

Microsoft revealed that it is temporarily disabling an app installer protocol in Windows 10/11 to address a newly discovered vulnerability.

Lenovo recently announced that it would be the first hardware maker to ship PCs with Microsoft’s Pluton security chipset.

Over one year after Microsoft first announced its Pluton security chip, we’re finally seeing the first PCs that will deliver it to customers.

A new report from Microsoft accuses Russia of launching cyberattacks against technology service providers in the global IT supply chain.

In a new report, Microsoft states that Russia is responsible for more nation-state cyberattacks than all other nations combined.

Yubico, the leading provider of hardware authentication security keys, announced new biometric authentication security keys today.

Researchers have discovered an Exchange Autodiscover flaw that can be used to steal Windows users’ credentials.

Anyone with a Microsoft account can now remove their password from the account entirely to enable better security.