Serious Security: OAuth 2 and why Microsoft is finally forcing you into it
Microsoft calls it “Modern Auth”, though it’s a decade old, and is finally forcing Exchange Online customers to switch to it.
Cyber NewsAWS Private Link and VPC Endpoints
ACM.75 An alternative to NATs and Internet Gateways This is a continuation of my series on Automating Cybersecurity Metrics. We looked at adding a VPC configuration for our Lambda function in an earlier post in this series where I demonstrated how a Lambda function that had Internet access may be abused. I also mentioned two options […]
Cyber NewsEmail Defenses Under Siege: Phishing Attacks Dramatically Improve
About 1 in 5 phishing email messages reach workers’ inboxes, as attackers get better at dodging Microsoft’s platform defenses and defenders run into processing limitations.
Cyber NewsDNS and NTP on AWS
ACM.74 How these crucial services work by default and what happens if you want to use your own DNS and NTP servers on AWS This is a continuation of my series of posts on Automating Cybersecurity Metrics. It’s always DNS… Everything in AWS needs to access DNS or it will break. And I mean EVERYTHING. When we […]
Cyber NewsHackers Exploiting Unpatched RCE Flaw in Zimbra Collaboration Suite
A severe remote code execution vulnerability in Zimbra’s enterprise collaboration software and email platform is being actively exploited, with no patch currently available to remediate the issue. The shortcoming, assigned CVE-2022-41352, carries a critical-severity rating of CVSS 9.8, providing a pathway for attackers to upload arbitrary files and carry out malicious actions on affected
Cyber NewsMicrosoft Issues Improved Mitigations for Unpatched Exchange Server Vulnerabilities
Microsoft on Friday disclosed it has made more improvements to the mitigation method offered as a means to prevent exploitation attempts against the newly disclosed unpatched security flaws in Exchange Server. To that end, the tech giant has revised the blocking rule in IIS Manager from “.*autodiscover.json.*Powershell.*” to “(?=.*autodiscover.json)(?=.*powershell).” The list of
Cyber NewsCredential Harvesting Is Retail Industry’s Top Threat
Why bother with new tactics and exploits when the old tricks are still effective?
Cyber NewsFortinet Warns of New Auth Bypass Flaw Affecting FortiGate and FortiProxy
Fortinet has privately warned its customers of a security flaw affecting FortiGate firewalls and FortiProxy web proxies that could potentially allow an attacker to perform unauthorized actions on susceptible devices. Tracked as CVE-2022-40684, the high-severity flaw relates to an authentication bypass vulnerability that could permit an unauthenticated adversary to perform arbitrary operations on
Cyber NewsFriday Squid Blogging: Emotional Support Squid
The Monterey Bay Aquarium has a video—”2 Hours Of Squid To Relax/Study/Work To“—with 2.4 million views. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.
Cyber News