Monday 12/9
Windows 365 Link: A New Era for Thin Client Computing Unveiled at Ignite 2024
Microsoft unveiled the Windows 365 Link at its Ignite conference on November 19, 2024. This compact, fanless device is designed to provide seamless access to Windows 365 Cloud PCs, building upon the legacy of Windows CE, Microsoft's early thin client operating system.
https://www.gothamtg.com/blog/windows-365-link-a-new-era-for-thin-client-computing-unveiled-at-ignite-2024
How to Overcome MFA Challenges for Stronger Security (Adlumin)
Multi-Factor Authentication (MFA) plays a key role in strengthening security, but it’s not a silver bullet against all attacks. This blog will dive into why MFA is essential, despite its limitations, and how it fits into a broader security strategy that can help reduce risks without creating a false sense of total security.
https://adlumin.com/post/how-to-overcome-mfa-challenges-for-stronger-security/
Thwarting Evilginx Attacks on Microsoft Entra ID (HYPR)
Threat researchers and incident response teams have reported a noticeable surge in phishing campaigns utilizing Evilginx, exploiting MFA’s reliance on session validation. Even with MFA in place, Evilginx captures session cookies after authentication is complete, granting attackers unauthorized access to accounts.
https://blog.hypr.com/thwarting-evilginx-attacks-on-microsoft-entra-id
Tuesday 12/10
CIS Critical Security Controls Group 2
https://www.gothamtg.com/blog/cis-critical-security-controls-implementation-group-2
Ease your virtual machine device management with MCS & Intune (Citrix)
Citrix administrators can now create machine catalogs with the capability of Entra ID, Hybrid Entra ID joined, and Intune enrolled machines, achieving SSO to Entra ID-based applications, activation of Entra ID conditional access, and ensure compliance of MCS provisioned virtual machines.
https://www.citrix.com/blogs/2024/12/09/ease-your-virtual-machine-device-management-with-mcs-intune/
November 2024’s Most Wanted Malware: Androxgh0st Leads the Pack, Targeting IoT Devices and Critical Infrastructure (Check Point)
Check Point Software’s latest threat index highlights the rise of Androxgh0st, a Mozi-integrated botnet, and ongoing threats from Joker and Anubis, showcasing evolving cyber criminal tactics.
https://blog.checkpoint.com/research/november-2024s-most-wanted-malware-androxgh0st-leads-the-pack-targeting-iot-devices-and-critical-infrastructure/
Wednesday 12/11
The Rise of Cross-Domain Attacks Demands a Unified Defense (CrowdStrike)
Cross-domain attacks exemplify adversaries’ drive for speed and stealth. In these attacks, they pivot across multiple domains — including endpoint, identity and cloud systems — to maximize their reach and impact. Their goal is to exploit weaknesses in organizations’ rapidly growing and complex environments.
https://www.crowdstrike.com/en-us/blog/rise-cross-domain-attacks-demands-unified-defense/
Logins Are Cheap. Peace of Mind Is Priceless. (CyberArk)
When stolen credentials are up for sale on the dark web for less than a cup of coffee, hackers don’t need to hack. They can log in as any one of us and navigate our enterprise networks undetected. This ushers in troubling post-authentication threats like session hijacking, data theft, cookie manipulation and other threats that can be leveraged at scale using AI.
https://www.cyberark.com/resources/blog/logins-are-cheap-peace-of-mind-is-priceless
Thursday 12/12
Protecting Your Hybrid Cloud: The Future of Cloud Security in 2025 and Beyond (Darktrace)
In the coming years, cloud security will not only need to adapt to increasingly complex environments as ecosystems become more distributed, but also to rapidly evolving threats like supply chain attacks, advanced misconfiguration exploits, and credential theft. AI-powered cloud security tools can help security teams keep up.
https://darktrace.com/blog/protecting-your-hybrid-cloud-the-future-of-cloud-security-in-2025-and-beyond
Why Storage Is the Unsung Hero for AI (Pure Storage)
From autonomous vehicles to genomics research, AI is pushing the boundaries of what’s possible. See how storage is helping accelerate these discoveries.
https://blog.purestorage.com/perspectives/why-storage-is-the-unsung-hero-for-ai/
Friday 12/13
How to ensure SaaS security compliance (Axonius)
SaaS applications introduce various unknowns and added complexity to attack surfaces, making SaaS security compliance a critical component of ensuring the security, privacy, and integrity of data being accessed and processed by each app.
https://www.axonius.com/blog/how-to-ensure-saas-security-compliance
A Cloud-First Approach to Vulnerability Remediation: A Holistic Approach (Wiz)
The cloud has turned security on its head. The risk of lateral movement across code, cloud environments, and everything in between—driven by undetected vulnerabilities—creates significant challenges for security practitioners and CISOs.
https://www.wiz.io/blog/operationalize-vulnerability-remediation