Microsoft put the emphasis on security at Ignite 2022, launching Defender for DevOps and Defender Cloud Security Posture Management in public preview. The two offerings protect software development with runtime security across multicloud and multiple-pipeline environments. The company also touted improved protection tools for Windows and Office, beefing-up anti-ransomware capabilities for Microsoft 365 Defender, which now automatically repels attacks immediately on detection. To combat increasingly pervasive conditions like “tool sprawl” and “alert fatigue,” Microsoft combined six product lines into a single security portfolio. Continue reading New Microsoft Security Suite Focuses on Cloud, Ransomware

The Log4j code vulnerability has the media declaring the Internet in a state of crisis. Log4j is a Java-based logging framework developers use to track user activity within applications on the popular Apache web server. Security experts are rushing to patch the bug, which is being exploited to remotely assume control of vulnerable systems, stealing credentials, installing malware and launching other attacks that permeate consumer devices. Last week, the U.S. Cybersecurity and Infrastructure Security Agency issued a Log4j alert, as did Australia’s CERT emergency response team. Continue reading Major Security Vulnerability Triggers Worldwide Internet Crisis

Facebook shut down malware out of China that stole user credentials to serve ads for diet pills, sexual health products and counterfeit goods including designer handbags, shoes and sunglasses. The hackers used the consumer’s associated payment method to purchase the ads, at the cost to victims of $4 million. The social media company first exposed these attacks in 2018 and traced them to ILikeAd Media International, filing a civil suit against the firm and the two Chinese nationals who allegedly developed the malware. Continue reading Facebook Detects Malware That Was Being Used for Ad Fraud

Newsweek Media Group (NMG) is facing accusations of fake website traffic, amid a wider fraud investigation. Two advertising tech companies — AppNexus, which sold online ads for NMG, and SpotX, which sold video ads — have cut ties with the company, pointing specifically to fake traffic on NMG’s International Business Times websites. DoubleVerify, which offers software to verify the quality of locations where ads appear, has also warned advertisers about spurious traffic on the four IBTimes sites and Newsweek’s U.K. site. Continue reading Newsweek Media Group Faces New Charges of Fake Traffic