Monday, July 7, 2025
Latest:

Cybersecurity

Networkworld
TH Author

4 lessons learned from the Atlassian network outage

Last month, software tools vendor Atlassian suffered a major network outage that lasted two weeks and affected more than 400 of their over 200,000 customers. The outage took down several of their products, including Jira, Confluence, Atlassian Access, Opsgenie, and Statuspage. While only a few customers were affected for the full two weeks, the outage was significant in terms of the depth of problems uncovered by the company’s engineers and the lengths they had to go to find and fix the problems.The outage was the result of a series of unfortunate internal errors by Atlassian’s own staff, and not the result of a cyberattack or malware. In the end, no customer lost more than a few minutes’ worth of data transactions, and the vast majority of customers didn’t see any downtime whatsoever.To read this article in full, please click here READ MORE HERE…

Read More
Microsoft Secure
TH Author

How a senior product manager is leading the passwordless movement at Microsoft

May 5, 2022, is World Password Day, a day we all use to create awareness around password security. At Microsoft, we choose to celebrate replacing passwords with better and more secure ways to sign in. I can’t think of a better person at Microsoft to represent this journey than Libby Brown, a senior product manager…
The post How a senior product manager is leading the passwordless movement at Microsoft appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn

Microsoft has discovered several vulnerabilities, collectively referred to as Nimbuspwn, that could be chained together, allowing an attacker to elevate privileges to root on many Linux desktop endpoints. Leveraging Nimbuspwn as a vector for root access could allow attackers to achieve greater impact on vulnerable devices by deploying payloads and performing other malicious actions via arbitrary root code execution.
The post Microsoft finds new elevation of privilege Linux vulnerability, Nimbuspwn appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

Microsoft best practices for managing IoT security concerns

The Internet of Things, or IoT, has expanded beyond the mere concept that it was when first introduced. IoT is now part of most individuals’ daily activities, from smart speakers and thermostats to smartwatches and vehicles. IoT devices and systems bring massive convenience and functionality. However, due to the complicated nature of IoT, when implementing and managing IoT, security must be top of mind.
The post Microsoft best practices for managing IoT security concerns appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

The future of compliance and data governance is here: Introducing Microsoft Purview

Hybrid work has connected us in ways unimaginable just two years ago. Today we routinely communicate across continents while collaborating in real-time. Protecting a decentralized hybrid work environment requires strong solutions built around clear principles designed to defend customers’ data, safeguard employees, and protect the business.
The post The future of compliance and data governance is here: Introducing Microsoft Purview appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Microsoft Secure
TH Author

A clearer lens on Zero Trust security strategy: Part 1

Today’s world is flooded with definitions and perspectives on Zero Trust, so we are kicking off a blog series to bring clarity to what Zero Trust is and means. This first blog will draw on the past, present, and future to bring a clear vision while keeping our feet planted firmly on the ground of reality.
The post A clearer lens on Zero Trust security strategy: Part 1 appeared first on Microsoft Security Blog. READ MORE HERE…

Read More
Networkworld
TH Author

US security agencies warn of threats to industrial, utility control networks

Key US government security organizations are warning that industrial control system (ICS)/supervisory control and data acquisition (SCADA)-based networks are being threatened by bad actors armed with custom software tools.The Department of Energy (DOE), Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and Federal Bureau of Investigation (FBI) issued a joint warning that certain advanced persistent threat (APT) actors have shown the ability to gain full system access to compromised ICS/SCADA systems.The alert did not identify which groups were making the threats, but it did recognize Dragos, Mandiant, Microsoft, Palo Alto Networks and Schneider Electric for helping put together the warning. Dragos has posted a paper about part of the threat.To read this article in full, please click here READ MORE HERE…

Read More