Identity News & UpdatesNews & Updates

Hackers responsible for the SolarWinds hack also have their hands on Azure and Exchange source code

March 3, 2021
In an update released this Thursday, Microsoft disclosed that the hackers responsible for the SolarWinds attack have also stolen some source code related to Azure, Exchange, and Intune components. However, the tech giant added that their investigation did not point to any evidence of abuse targeted at their internal systems and its customers. Microsoft took notice of this compromise back on…
Read more
Conditional AccessMicrosoft Entra ID

Microsoft announced improvements in Azure Active Directory Conditional Access Policy and Sync

March 3, 2021
Microsoft has recently announced improvements to Azure Active Directory conditional access policy and sync services. The company also outlined security best practices for organizations across the world using on-premises Active Directory and Azure AD for identity and access management. Microsoft is advocating organizations to adopt zero trust for network traffic with Active Directory along with…
Read more
Identity News & UpdatesNews & Updates

Time to update: Google just fixed an actively exploited zero-day vulnerability in the Chrome browser

March 3, 2021
Google recently patched a potentially disastrous zero-day vulnerability in the desktop app of the Chrome web browser. The company also acknowledged that the exploit is being actively exploited in the wild. In the recent release update from the Chrome team, it patched the issue with an update for the Windows, Mac, and Linux app to fix the heap buffer overflow flaw (CVE-2021-21148) in its V8…
Read more
Identity News & UpdatesNews & Updates

5 Active Directory management challenges you are likely to face in 2021

March 3, 2021
The year 2020 has been quite tumultuous for IT pros. Organizations were tested on their cyber resilience like never before. IT teams were forced to quickly come up with sweeping changes to enable remote work for employees and ensure business continuity. As a result, many organizations were forced to prioritize service availability over security. This has unsurprisingly paved the way for…
Read more
Identity News & UpdatesNews & Updates

Healthcare data Breaches down almost 50 percent in the first month of 2021

March 3, 2021
According to new research by theHIPAA Journal, the start of 2021 has seen a 48% reduction in the month-on-month healthcare data breaches of 500 or more records in the United States. Compared to 62 incidents of data breaches reported in December last year, only 32 such incidents were reported in the first month this year. However, it is also important to note that though this number is…
Read more
Identity News & UpdatesNews & Updates

ZeroLogon vulnerability: What is it and what you need do about it.

March 3, 2021
The Zerologon vulnerability gained spotlight around late September 2020. By then, Microsoft had already released a partial patch for the flaw. However, most Active Directory admins chose to ignore the incomplete patch fearing it might cause network issues, despite it being recommended by Microsoft and the the U.S. Cybersecurity and Infrastructure Security Agency (CISA). If you weren’t aware…
Read more
Identity Protection & RiskMicrosoft Entra ID

California DMV customer data potentially at risk after ransomware attack on vendor

March 3, 2021
A ransomware attack on California DMV’s third party vendor, Automatic Funds Transfer Services Inc. In February may have potentially put millions of customer data at risk. Following the attack, the DMV said that it halted all data transfer operations to the Seattle-based company and immediately notified law enforcement officers including the Federal Bureau of Investigation. “AFTS does not…
Read more
Identity News & UpdatesNews & Updates

VC firm falls victim to phishing attack in Silicon Valley

March 3, 2021
Sequoia Capital, a venture capital firm based in California’s Silicon Valley informed its investors that after an employee’s email fell victim to a successful phishing attack, some personal and financial information may have been accessed by a third-party, according to Axios. A Sequoia spokesperson said that law enforcement was notified and they have hired leading cybersecurity experts to…
Read more
Identity News & UpdatesNews & Updates

Google patches the third browser-based zero-day vulnerability of 2021

March 3, 2021
Early this month, Google published astable channel updatefor Chrome for Desktop. The new version (88.0.4324.150) released by Google for Windows, Mac, and Linux contains a critical bugfix for a zero-day vulnerability that was exploited in the wild. This zero-day, labeled CVE-2021-21148, is a “heap overflow” memory corruption bug in the V8— Google Chrome’s open-source…
Read more
Identity News & UpdatesNews & Updates

Kia denies facing $20M DoppelPaymer Ransomware Attack

March 3, 2021
Earlier last week Kia Motors USA was experiencing a nationwide IT outage. The outage started on 13th February when the Kia Owners Portal went offline and began displaying the following error message on their website: “Kia is experiencing an IT service outage that has impacted some internal networks.” As per BleepingComputer reports, Kia Motors USA had reportedly been with a DoppelPaymer…
Read more