it security

About half of organizations say cybercrime is under-reported at their organizations, even when reporting is required. Continue reading...

Appropriate response to risk requires presenting information in a way that makes the security consequences impossible to ignore. Link Removed

Date: Tuesday, December 18, 2018Time: 02:00 PM Eastern Standard TimeDuration: 1 hour Most people think firewalls when it comes to network security and defending against cyber-threats. But with today’s increasingly sophisticated cyber-security threats Continue reading...

Original release date: May 29, 2018 Systems Affected Network systems Overview This joint Technical Alert (TA) is the result of analytic efforts between the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI). Working with U.S. government partners, DHS and FBI...

Original release date: July 01, 2017 Systems Affected Microsoft Windows operating systems Overview On June 27, 2017, NCCIC was notified of Petya ransomware events occurring in multiple countries and affecting multiple sectors. Petya ransomware encrypts the master boot records of infected...

Microsoft solution available to protect additional products Today many of our customers around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Seeing businesses and individuals affected by cyberattacks, such as the ones reported today, was...

Original release date: April 27, 2017 Systems Affected Networked Systems Overview The National Cybersecurity and Communications Integration Center (NCCIC) has become aware of an emerging sophisticated campaign, occurring since at least May 2016, that uses multiple malware implants. Initial...

Severity Rating: Critical Revision Note: V1.0 (March 14, 2017): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Windows. The most severe of the vulnerabilities could allow remote code execution if an authenticated attacker on a guest operating system runs...

We anticipate threats like files being deleted from servers by disgruntled employees. 1. Can someone suggest what preventive measures that can be implemented ? (DLP implementation is in pipeline, but would like to see if there are alternate measures) 2. If somehow files are deleted, we would...

Severity Rating: Moderate Revision Note: V1.0 (October 11, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if an attacker successfully convinces a user of an affected system to visit a...

Severity Rating: Important Revision Note: V1.0 (October 11, 2016): Bulletin published. Summary: This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow elevation of privilege if an attacker logs on to an affected system and runs a specially crafted...

Severity Rating: Important Revision Note: V1.0 (June 14, 2016): Bulletin published. Summary: This security update resolves vulnerabilites in Microsoft Exchange Server. The most severe of the vulnerabilities could allow information disclosure if an attacker sends a specially crafted image URL in...

Continue reading...

We designed Windows 10 from the very beginning to be our most secure platform ever. With features like Credential Guard, Device Guard, Windows Hello, and Enterprise Data Protection, Windows 10 offers unique defenses from attacks. Windows Defender, our free anti-malware service, provides...

A security issue has been identified in a Microsoft software product that could affect your system. Link Removed

Revision Note: V1.0 (September 24, 2015): Advisory published. Summary: Microsoft is aware of four digital certificates that were inadvertently disclosed by D-Link Corporation that could be used in attempts to spoof content. The disclosed end-entity certificates cannot be used to issue other...

Severity Rating: Important Revision Note: V1.0 (September 8, 2015): Bulletin published. Summary: This security update resolves a vulnerability in Active Directory. The vulnerability could allow denial of service if an authenticated attacker creates multiple machine accounts. To exploit the...

Severity Rating: Critical Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves vulnerabilities in Internet Explorer. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Internet...

Severity Rating: Critical Revision Note: V1.0 (August 11, 2015): Bulletin published. Summary: This security update resolves vulnerabilities in Microsoft Office. The most severe of the vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file. An...

Revision Note: V1.0 (July 14, 2015): Summary: Microsoft is announcing the availability of an update to harden scenarios in which Data Encryption Standard (DES) encryption keys are used with accounts. Microsoft disabled DES by default starting in Windows 7 and Windows Server 2008 R2. However...