top of page
Search


Microsoft Fixes New Azure AD Vulnerability Impacting Bing Search and Major Apps
Microsoft has patched a misconfiguration issue impacting the Azure Active Directory (AAD) identity and access management service that...

Nathan Clark
Apr 1, 20231 min read
22 views
0 comments


SEC cyber risk management rule—a security and compliance opportunity
In my practice as a Microsoft Global Black Belt, I focus on the technical and business enablement aspects of protecting organizations...

Nathan Clark
Mar 1, 20235 min read
14 views
0 comments


Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms
Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system. Targeted attacks on Twilio...

Nathan Clark
Feb 1, 20233 min read
9 views
0 comments


Watering Hole Attacks Push ScanBox Keylogger
Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based...

Nathan Clark
Nov 2, 20224 min read
13 views
0 comments


Ransomware Attacks are on the Rise
Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group. After a recent dip,...

Nathan Clark
Sep 30, 20222 min read
10 views
0 comments


Phishing Attacks Skyrocket with Microsoft and Facebook as Most Abused Brands
Instances of phishing attacks leveraging the Microsoft brand increased 266 percent in Q1 compared to the year prior. The bloom is back on...

Nathan Clark
Aug 1, 20222 min read
8 views
0 comments


A Guide to Surviving a Ransomware Attack
Oliver Tavakoli, CTO at Vectra AI, gives us hope that surviving a ransomware attack is possible, so long as we apply preparation and...

Nathan Clark
Jul 5, 20224 min read
22 views
0 comments


RCE Bug in Spring Cloud Could Be the Next Log4Shell, Researchers Warn
The security bug could crop up, so to speak, in any number of Java applications. NOTE: This post is about the confirmed and patched...

Nathan Clark
Mar 31, 20224 min read
17 views
0 comments


Critical Firefox Zero-Day Bugs Allow RCE, Sandbox Escape
Both vulnerabilities are use-after-free issues in Mozilla’s popular web browser. Mozilla has released an emergency update for its Firefox...

Nathan Clark
Mar 9, 20222 min read
29 views
0 comments


5 Cybersecurity Trends to Watch in 2022
Here’s what cybersecurity watchers want infosec pros to know heading into 2022. No one could have predicted the sheer chaos the...

Nathan Clark
Dec 30, 20217 min read
20 views
0 comments


New zero-day exploit for Log4j Java library is an enterprise nightmare
Proof-of-concept exploits for a critical zero-day vulnerability in the ubiquitous Apache Log4j Java-based logging library are currently...

Nathan Clark
Dec 11, 20212 min read
13 views
0 comments


Google Chrome is Abused to Deliver Malware as ‘Legit’ Win 10 App
Crooks behind a newly identified malware campaign are targeting Windows 10 with malware that can infect systems via a technique that...

Nathan Clark
Nov 3, 20214 min read
24 views
0 comments


Microsoft’s 5 guiding principles for decentralized identities
Three years ago, as part of Microsoft’s mission to empower people and organizations to achieve more, we announced that we were incubating...

Nathan Clark
Oct 8, 20214 min read
13 views
0 comments


Defense in Depth (DiD): Think Like a Hacker
The current threat landscape is rapidly advancing, with cybercriminals constantly upgrading their toolset to break through security...

Nathan Clark
Sep 10, 20213 min read
11 views
0 comments


Actively Exploited Windows Zero-Day Gets a Patch
Microsoft’s August 2021 Patch Tuesday addressed a smaller set of bugs than usual, including more Print Spooler problems, a zero-day and...

Nathan Clark
Aug 11, 20216 min read
27 views
0 comments


NSA Warns Public Networks are Hacker Hotbeds
Agency warns attackers targeting teleworkers to steal corporate data. The U.S. National Security Agency is offering advice to security...

Nathan Clark
Aug 2, 20213 min read
20 views
0 comments


CISA’s Top 30 Bugs: One’s Old Enough to Buy Beer
There are patches or remediation's for all of them, but they’re still being picked apart. Why should attackers stop if the flaws remain...

Nathan Clark
Jul 29, 20215 min read
11 views
0 comments


The True Impact of Ransomware Attacks
Keeper research reveals that in addition to knocking systems offline, ransomware attacks degrade productivity, cause organizations to...

Nathan Clark
Jul 27, 20213 min read
16 views
0 comments


Microsoft Issues Windows 10 Workaround Fix for ‘SeriousSAM’ Bug
A privilege elevation bug in Windows 10 opens all systems to attackers to access data and create new accounts on systems. A privilege...

Nathan Clark
Jul 23, 20212 min read
51 views
0 comments


LetMeIn101: How the Bad Guys Get Your Password
Passwords are essential to your cyber-safety. You know it, but if you’re like the rest of the digital society, you probably have dozens...

Nathan Clark
Jan 6, 20202 min read
33 views
0 comments
bottom of page