How Microsoft is helping Ukraine’s cyberwar against Russia

One of the big surprises in Russia’s war against Ukraine has been how well Ukraine has fended off Russian cyberattacks. Ad hoc groups of white-hat hackers have helped, as have a number of nations and the US government.

Less well known is that tech companies, including Microsoft, are part of the effort. That aid ranges from giving advice to identifying attacks, offering fixes for them, and providing Ukraine with free tech and security services.

Microsoft isn’t just trying to help defend a country under siege from an aggressive, more-powerful neighbor. Russian cyberattacks against Ukraine can also get loose in the wild and do damage to enterprises and organizations that rely on Microsoft technology. (Russia could also deliberately target private companies with those attacks.)

To read this article in full, please click here

Read more

Microsoft to end direct sale of Windows 10 licenses at the end of January

Categories: News

Tags: windows 10

Tags: windows 11

Tags: microsoft

Tags: license

Tags: sale

Tags: third party

Tags: desktop

Tags: upgrade

Tags: hardware

We take a look at reports that Microsoft will shortly be ending the direct sale of Windows 10 licenses.

(Read more…)

The post Microsoft to end direct sale of Windows 10 licenses at the end of January appeared first on Malwarebytes Labs.

Read more

A week in security (January 9—15)

Categories: News

Tags: AWIS

Tags: weekly blog roundup

Tags: week in security

Tags: Slack

Tags: GitHub

Tags: Magecart

Tags: Microsoft

Tags: Pokemon NFT

Tags: Facebook

Tags: Instagram

Tags: Snapchat

Tags: TikTok

Tags: YouTube

Tags: Google

Tags: Meta

Tags: identity theft

Tags: Maternal & Family Health Services

Tags: 2023 predictions

Tags: Royal Mail

Tags: K-12 security

Tags: K-12

Tags: WhatsApp

Tags: NSO Group

Tags: Department of Interior

Tags: weak passwords

Tags: Vice Society

Tags: ransomware. Vice Society ransomware

The most interesting security related news from the week of January 9—15.

(Read more…)

The post A week in security (January 9—15) appeared first on Malwarebytes Labs.

Read more

Patch now to address critical Windows zero-day flaw

The first Patch Tuesday of the year from Microsoft addresses 98 security vulnerabilities, with 10 classified as critical for Windows. One vulnerability (CVE-2023-21674) in a core section of Windows code is a zero-day that requires immediate attention. And Adobe has returned with a critical update, paired with a few low-profile patches for the Microsoft Edge browser.

We have added the Windows and Adobe updates to our “Patch Now” list, recognizing that this month’s patch deployments will require significant testing and engineering effort. The team at Application Readiness has provided a helpful infographic that outlines the risks associated with each of the updates for this January update cycle.

To read this article in full, please click here

Read more

January 2023 patch roundup: Microsoft tees up 98 updates

Credit to Author: Angela Gunn| Date: Wed, 11 Jan 2023 02:05:40 +0000

Adobe greets the new year with patches for 18 vulns in Reader, Acrobat, and others; sun sets on the last of Win7, 8, RT support

Read more

Quick Heal Supports Windows 10 Version 22H2

Credit to Author: Quick Heal| Date: Tue, 10 Jan 2023 08:34:14 +0000

Quick Heal products are fully compatible with Microsoft’s latest feature update – Windows 10 2022. Quick Heal has ensured that your cyber security solution is up to speed and fully compatible with this feature update. Find out how you can enjoy a secure digital experience even with the latest OS update.

The post Quick Heal Supports Windows 10 Version 22H2 appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

Read more

Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability

Credit to Author: Microsoft Security Threat Intelligence| Date: Mon, 19 Dec 2022 18:00:00 +0000

Microsoft discovered a vulnerability in macOS, referred to as “Achilles”, allowing attackers to bypass application execution restrictions enforced by the Gatekeeper security mechanism.

The post Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability appeared first on Microsoft Security Blog.

Read more

The trials and tribulations of Microsoft’s KB5012170 patch

KB5012170 is many things to many Windows users. First, it’s a patch that either installs with no problems or leads to a blue screen of death (BSOD). It can also be an indicator we have a problem getting updated drivers on our systems. It can demonstrate how users don’t keep up with Bios updates. And it shows that some OEMs enable Bitlocker on the systems they sell (not necessarily in a good way).

In short, it’s a problematic patch that just keeps rearing its head.

Also known as “Security Update for Secure Boot DBX,” KB5012170 was released earlier this year and makes improvements to the Secure Boot Forbidden Signature Database (DBX).  Windows devices that have Unified Extensible Firmware Interface (UEFI)-based firmware have Secure Boot enabled. It ensures only trusted software can be loaded and executed on during the boot process by using cryptographic signatures to verify the integrity of the process and the software being loaded.

To read this article in full, please click here

Read more