Windows Security

Windows Security | News, how-tos, features, reviews, and videos

Microsoft Windows update arrows on laptop and mobile phone
9 screen locking device lock down authentication

login password - user permissions - administrative control

How to protect against poor Windows password practices

Employees will reuse passwords for work systems for their personal online accounts. Here's how to set up multifactor authentication in a Windows environment to reduce the risk of password compromise.

malware cybersecurity skull crossbone

Qbot malware resurfaces in new attack against businesses

This new persistent and difficult-to-detect Qbot version is designed to steal financial information.

11 event logging

How to install PowerShell 5 on Windows 7

Have older Windows systems on your network? You can give them PowerShell 5's event logging capabilities even if they run Windows 7.

a hooded figure targets a coding vulnerability

Are zero-day exploits the new norm?

Research from Microsoft's Matt Miller shows that every actively exploited Windows vulnerability in 2017 was first done using a zero-day attack. Other research shows this trend extends across the IT landscape.

meltdown spectre

How to update Windows 10 for side channel vulnerability fixes

Since Spectre and Meltdown were discovered in 2018, other side channel vulnerabilities have emerged. These are the mitigations to consider for each of them.

managed security service providers

How to prevent and recover from an APT attack through a managed service provider

Threat actors are compromising their targeted victims through managed service providers (MSPs). These are the steps to take to minimize your exposure and to recover from these attacks if necessary.

Windows security and protection [Windows logo/locks]

How to harden Windows 10 workstations and servers: Disable SMB v1

Early versions of Server Message Block are still present on many Windows networks and devices, leaving them open to attack. Here's how to detect and disable them.

spear fishing

How to defend Office 365 from spear-phishing attacks

A recent successful zero-day Flash attack began with a spear-phishing email. These Windows 10 and Office 365 settings could have prevented it.

Microsoft Office logo within an environment of abstract binary code with shield and lock.

Center for Internet Security releases Microsoft 365 benchmarks

Follow the guidance in this CIS document to configure Microsoft 365 security settings to the level that suits your organization.

3 patch training update software band aid laptop with virus binary

Temporary micropatch available for zero-day Windows exploit

A publicly disclosed Windows zero-day vulnerability could allow attackers to take full control of systems once they compromise a low-privilege account. Here's a fix.

a hand holding a key moves toward an @ symbol with many locks

I can get and crack your password hashes from email

Malicious hackers can use a simple trick to get your Windows computer to authenticate to a remote server that captures your password hash — just by sending you an email. Take these steps to test for the vulnerability.

security audit - risk assessment - network analysis

How to enable audit logs in Microsoft Office 365

Audit logging of Office 365 mail reads makes forensics investigations of attacks much easier. Here's how to make sure it's enabled.

Microsoft Office logo within an environment of abstract binary code with shield and lock.

Best resources for setting up Microsoft Office 365 security

Office 365 presents admins with many choices and options. These information sources, online forums and script repositories can help you make the right decisions.

Computerworld Cheat Sheet - Microsoft Outlook 2016

How to set Microsoft Office 365 ATP policies to block malicious URLs

Windows Advanced Threat Protection allows admins to set link filters for email messages and attachments in Outlook.

bucket with holes breach security vulnerability

How to set up data loss prevention rules in Microsoft Office 365

Most data leakage occurs via emai. Set Office 365 DLP policies to stop sensitive data from leaving your organization.

secure two-step authentication via laptop and mobile phone

How to set up multifactor authentication for Office 365 users

Requiring MFA for some or all Microsoft Office 365 users will better protect your network and email system from attacks.

email security risk - phishing / malware

How to stop malicious email forwarding in Outlook

Microsoft Office 365 administrators can use these settings to find and delete hidden rules attackers use to intercept Outlook email messages.

update arrows in motion amid circuits

How to use Windows Update Delivery Optimization to distribute updates across your network

These are the Delivery Optimization settings you need to know to deliver feature and security updates without using Windows Software Update Services.

Load More