Microsoft will hold its annual technology Build event from May 23 to 24, 2023. Online registration is free; more information is available at the event FAQ page.
Category Archives: Security
LastPass Security Incident
LastPass issued a security advisory to its customers regarding an incident where there was unauthorized access to customer data. LastPass states that their products are functional and they will continue to investigate the issue.
Rackspace ransomware incident for Hosted Exchange environment
Rackspace reported a ransomware incident for Hosted Exchange environment in December 2022 which is causing service disruptions. Rackspace has contained the issue and is investigating the incident. More information is available at their status page.
Facebook finds malicious Android and iOS apps targeting credentials
Facebook has reported finding more than 400 malicious Android and iOS apps intended to copy Facebook login credentials from users who run these apps. Facebook contacted Apple and Google regarding these apps found in their app stores. A list of the apps may be found here.
Samsung cybersecurity incident affected some U.S. customers
Samsung has reported a cybersecurity incident that affected the data of some of its U.S. customers in September 2022. Samsung is in the process of contacting these customers by email. More information is at the Samsung FAQ page.
Equifax Data Breach Settlement and free credit monitoring
People who filed valid claims as part of the earlier Equifax data breach can request free credit monitoring. Equifax has emailed activation codes to these claimants and these codes must be used by June 27, 2022. More information about this legal settlement can be found at www.equifaxbreachsettlement.com.
IRS will transition away from third party facial recognition identification
The Internal Revenue Service (IRS) has changed its plans to require users to log in using the facial recognition identification service ID.me.
Originally the IRS had scheduled users to sign up for ID.me by the summer of 2022. Existing IRS user accounts who had previously signed up without using ID.me will still work for now.
Azure Cosmos DB Jupyter Notebook vulnerability resolved
Microsoft disclosed a potential vulnerability in the Azure Cosmos DB Jupyter Notebook feature. The issue was resolved and no customer data was accessed. The Cybersecurity and Infrastructure Security Agency (CISA) also released a statement regarding this database issue.
Web browsers have removed support for FTP
Major web browsers have removed support for FTP (File Transfer Protocol) for security reasons. This includes:
- Google Chrome version 88
- Firefox version 90
- Microsoft Edge version 88 (FTP still available under Edge IE mode)
FileZilla is an open-source option available for FTP servers.
PrintNightmare security issue resolved with latest Microsoft Windows update
PrintNightmare (CVE-2021-34527 and CVE-2021-36947) is a security vulnerability connected with the Print Spooler service in Windows 10 and Windows Server. This should be corrected by installing the currently available July 2021 Windows Update.