Microsoft says everyone can remove the password from their Microsoft account and use other methods to sign in starting today. The company rolled out the option to enterprise users earlier this year, and it plans to remove passwords from enterprise accounts completely. Rather than having to remember a password or using a password manager, you’ll…
Application Security , Breach Notification , Cyberwarfare / Nation-State Attacks Breach Notification Report Reveals Some PII Could Have Been Exposed Scott Ferguson (Ferguson_Writes) • September 16, 2021 The Republican Governors Association was one of several U.S. organizations targeted in March when a nation-state group took advantage of vulnerabilities in Microsoft Exchange email servers,…
It’s semi-official: Former 23-year Amazon Web Services veteran Charlie Bell has been named an executive vice president at AWS rival Microsoft, where he will lead a newly formed engineering organisation focused on security, compliance, identity and management – presuming he comes to an amicable agreement with his former employer. Bell will be a senior engineering…
Access Management , Application Security , Digital Identity Windows Users Can Now Use Other Methods to Access Microsoft Products Doug Olenick (DougOlenick) • September 15, 2021 (Source: Microsoft) Microsoft has officially gone fully passwordless, allowing Windows users to replace their alphanumeric passwords with one of several substitute sign-in technologies to gain entry into…
With system administrators eagerly waiting for a patch to CVE-2021-40444, this month’s Patch Tuesday comes with fixes for 86 vulnerabilities, including those previously released for Microsoft Edge, out of which three are classified as Critical and 56 as Important. Two zero-days have also been patched, one of which is being actively exploited. Needless to say,…
Critical Infrastructure Security , Cybercrime , Cybercrime as-a-service White House Has Been Identifying Top Suspects and Sharing Intelligence With Moscow Mathew J. Schwartz (euroinfosec) • September 15, 2021 U.S. President Joe Biden and Russian President Vladimir Putin meeting in Geneva on June 17, 2021 (Photo: Ministry of Foreign Affairs of Russia via Twitter/CC)…
Three former US intelligence operatives who provided hacker-for-hire services to the United Arab Emirates are facing federal charges in the US for conspiring to violate export control, computer fraud and access device fraud laws. Marc Baier, 49, Ryan Adams, 34, and a former U.S. citizen, Daniel Gericke, 40 are accused of helping the UAE government…
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday announced that it has appointed Kiersten Todt as its new chief of staff. Before joining CISA as chief of staff, Todt served as managing director of the non-profit Cyber Readiness Institute (CRI). She also served as president and managing partner at risk management consulting firm…
In order to bypass the possibility of getting hit by hackers, Apple just issued emergency software updates and is asking that everyone update their devices as soon as possible. On Sept. 13, Ivan Krstić, Apple’s head of security engineering and architecture, told the NYT that he is urging customers to install iOS 14.8, MacOS 11.6, and…
Three former US intelligence and military operatives broke America’s weapons export and computer security laws by, among other things, helping the United Arab Emirates hijack and siphon data from people’s iPhones, it emerged on Tuesday. US citizens Marc Baier, 49, and Ryan Adams, 34, and ex-citizen Daniel Gericke, 40, were charged [PDF] with using “illicit,…
