Segregation of Duties in Microsoft Dynamics 365
Understanding Segregation of Duties in Microsoft Dynamics 365 Segregation of Duties (SoD) is a crucial component of internal control, particularly in the context of implementing an ERP system such as Microsoft Dynamics 365 ...
Microsoft Issues Patches for 24 New Secure Boot Vulnerabilities
Secure Boot Matters We cannot blindly trust software. The software (and firmware) we know and (sometimes) love today simply cannot be trusted without validation. Several recent examples of supply chain breaches such ...
CSBR Slams Microsoft Over Storm-0558 Attacks | Key Insight
In recent news, the U.S. Cyber Safety Review Board (CSBR) has raised concerns over Microsoft’s handling of the Storm-0558 attacks, highlighting significant security lapses that allowed a China-based nation-state group to breach ...
CISA Warns of Compromised Microsoft Accounts
The directive is known as Emergency Directive 24-02 addresses the risk of compromised Microsoft accounts for federal agencies & corporations. The post CISA Warns of Compromised Microsoft Accounts appeared first on Enzoic ...
Microsoft Deprecates 1024-bit RSA Keys. Are You Prepared to Upgrade?
Microsoft recently announced that Windows will no longer support TLS server certificates with RSA encryption keys shorter than 2048 bits. The move is intended to bolster Windows security and promote secure digital ...
CISA: Russian Hackers Stole Emails Between U.S. Agencies and Microsoft
The U.S. cybersecurity agency in an emergency directive is ordering affected agencies to address risks stemming from the attack ...
Microsoft’s April 2024 Patch Tuesday: Updates for 150 Vulnerabilities and Two Zero-Days
In a significant security update, Microsoft has released its April 2024 Patch Tuesday updates, which address a hefty 150 vulnerabilities across its suite of products. This update is particularly noteworthy not only ...
Patch Tuesday Includes Microsoft Zero-Day Flaws in April Release
Microsoft zero-day proxy driver spoofing vulnerability (CVE-2024-26234) and SmartScreen prompt security feature bypass (CVE-2024-29988) require immediate patching : OFFICIAL CVE-2024-26234 and CVE-2024-29988 INFO : It’s the second Tuesday of April, which means ...
US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack
The US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. It was a serious attack by the Chinese government that accessed the emails ...
Microsoft Responsible for Made-in-China Hack that Targeted US Officials
A US government-backed investigation has determined that a China-sourced hack last year that infiltrated Microsoft’s networks and, subsequently, the email accounts of US officials was “ preventable.” A “cascade of security failures ...