Recent Security Stories

Compact

Standard

Grid

A common passwordless sign-in sounds great. But only Microsoft has truly embraced passwordless sign-ins. Apple and Google have a lot more work to do.

Apple, Google, and Microsoft announced will be expanding support for the passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium.

Microsoft announced today that GitHub will require all contributors to enroll in two-factor authentication (2FA) by the end of 2023.

Microsoft has now disabled the SMB1 protocol by default on the latest Windows 11 Home Insider builds coming from the Dev Channel. 

I didn’t pay enough attention to the security announcements that came out of this week’s Windows 11 hybrid work event.

Microsoft has confirmed yesterday that the Lapsus$ hacker group, which previously claimed to have stolen 37 GB of Microsoft source code, did manage to hack into a single account and steal some data.

Google is now in discussions to acquire Mandiant Inc., a cybersecurity company that was previously approached by Microsoft. Google is reportedly ready to spend billions on the US-based firm to improve the security aspects of its cloud computing offerings.

Microsoft revealed today that it detected a new round of Russian cyberattacks on Ukraine in the hours leading up to the invasion.

Microsoft is reportedly exploring the acquisition of Mandiant Inc., a US-based cybersecurity firm that’s currently valued at $4.2 billion.

Google revealed today that a recent initiative to require customers to enable 2-Step Verification (2SV) has been incredibly successful.

Microsoft revealed that it is temporarily disabling an app installer protocol in Windows 10/11 to address a newly discovered vulnerability.

Lenovo recently announced that it would be the first hardware maker to ship PCs with Microsoft’s Pluton security chipset.

Over one year after Microsoft first announced its Pluton security chip, we’re finally seeing the first PCs that will deliver it to customers.

A new report from Microsoft accuses Russia of launching cyberattacks against technology service providers in the global IT supply chain.

In a new report, Microsoft states that Russia is responsible for more nation-state cyberattacks than all other nations combined.

Yubico, the leading provider of hardware authentication security keys, announced new biometric authentication security keys today.

Researchers have discovered an Exchange Autodiscover flaw that can be used to steal Windows users’ credentials.

Anyone with a Microsoft account can now remove their password from the account entirely to enable better security.

Microsoft has acknowledged a newly discovered vulnerability that could allow hackers to attack users with Microsoft Office files.

After a meeting with the U.S. president, Microsoft CEO Satya Nadella has agreed to quadruple cybersecurity spending over five years.

T-Mobile has admitted to the theft of personal data from about 7.8 million current and over 40 million former customers.

After a couple of months of struggling to figure out a string of printing-related vulnerabilities, Microsoft thinks it has found the fix.

ExpressVPN has announced the immediate availability of Lightway, a faster and more reliable VPN protocol that’s backed by an independent security audit.

Google is simplifying its Titan Security Key product lineup by adding NFC support and discontinuing the Bluetooth versions.

The Microsoft Browser Vulnerability Research team is working on a Super Duper Secure Mode for the Edge web browser. Yes, really.

Windows 10 versions 1809 and newer suffer from a vulnerability that can grant system privileges to hackers. Microsoft has issued a workaround.

The United States, in concert with the EU, UK, and NATO, has formally charged China with orchestrating the attacks on Microsoft Exchange servers.