Month: February 2021

Apple Releases Security Updates

Original
release date: February 9, 2021

Apple has released security updates to address vulnerabilities in macOS Big
Sur 11.2, macOS Catalina 10.15.7, and macOS Mojave 10.14.6. An attacker could
exploit these vulnerabilities to take control of an affected system. 

CISA encourages users and administrators to review the Apple security
update and apply the necessary updates. 

This product is provided subject to this Notification
and this Privacy
& Use policy.

Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086

 Title:
Multiple Security Updates Affecting TCP/IP:  CVE-2021-24074, CVE-2021-24094,
and CVE-2021-24086

URL: https://msrc-blog.microsoft.com/2021/02/09/multiple-security-updates-affecting-tcp-ip/
Published On (YYYY-dd-MM):2021-09-02
Overview:
Today Microsoft released a set of fixes affecting Windows TCP/IP
implementation that include two Critical Remote Code Execution
(RCE) vulnerabilities (CVE-2021-24074, CVE-2021-24094) and
an Important Denial of Service
(DoS) vulnerability (CVE-2021-24086). The two RCE vulnerabilities are
complex which make it difficult to
create functional exploits, so they are not
likely in the short term. We believe attackers will be able to create
DoS exploits much more quickly and expect all three issues might
be exploited with a DoS attack shortly after
release. Thus, we recommend customers move …

Multiple Security Updates Affecting TCP/IP: 
CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086 Read More »

Azure AD B2C Deep Dive Webinar Series

 

Azure AD B2C
Deep Dive Webinar Series

Virtual
Event | 2/19 – 5/14, 2021 | 3:00 – 4:30pm, GMT

 

Please join us for Azure AD B2C
series. You can register for all sessions or pick topics of interest to you.

– Join
the entire series

Register here

 

Session 1 – February 19th –
Azure AD B2C overview

This session focuses on
understanding the use case and architecture for Azure AD B2C. When do I use
it? How does it work? How can I configure it? What is the roadmap? The
session will be a combination of slides and demos ranging from basic to more
advanced tasks.

Register here

 

Session 2 – March 12th – How
to deploy Azure AD B2C from scratch

Learn how to create your Azure
AD B2C environment, configure connections to identity providers, customize
attribute collection and add your branding:

  • Create your Azure
    AD B2C directory
  • Connect with
    social and enterprise identity providers
  • Integrate your
    applications and systems
  • Brand and
    customize the user experience

Register here

 

Session 3 – April 9th- Get started with Azure
AD B2C custom policies

Learn how to set up the Azure AD B2C policy and relying party
policies. Explorer the custom policy XML elements, and file structure.

  1. Deploy a custom
    policy starter pack (manual and automatically)
  2. Understanding the
    basics of custom policy: claims, claims transformation, user journeys, technical
    profile, and relying party policy.
  3. Customized your
    policy (add sign-in option with social IDP, customized the UX, and more)
  4. Troubleshooting

Register here

 

Session 4 – May 14th- Extend
B2C capability through ISV partner ecosystem

Learn how to extend B2C
capabilities through ISV partner ecosystem. Enable bot detection, fraud
protection, device fingerprinting and provide secure hybrid access to
on-premise/legacy applications with ISV partners.

Scenario:

  • Prevent
    fraudulent accounts from being created
  • Understand if
    user is logging in with a new or known device
  • Enable Azure AD
    B2C for on-premise  applications

Register here

 

We
look forward to you joining us!

Microsoft Warns of Windows Win32k Privilege Escalation

Original
release date: February 9, 2021

Microsoft has released a security advisory to address an escalation of
privileges vulnerability, CVE-2021-1732,
in Microsoft Win32k. A local attacker can exploit this vulnerability to take
control of an affected system. This vulnerability was detected in exploits in
the wild.

CISA encourages users and administrators to review Microsoft Advisory for
CVE-2021-1732 and apply the necessary patch to Windows 10 and Windows 2019
servers.

This product is provided subject to this Notification
and this Privacy
& Use policy.