Tag: Microsoft
America’s enemies strive to sway the US presidential election
Nations hostile to America, primarily Russia and China, are currently doubling down on their efforts to influence the outcome of the upcoming US elections. So far, their efforts appear to be directed at preventing Donald Trump from winning a second term as president, possibly fearing a Republican victory could herald the US taking a tougher stance on international affairs. According to an extensive nine-page Microsoft threat intelligence report: “Foreign malign influence concerning the 2024 US election started off slowly but has steadily picked up pace over the last six months due initially to Russian operations, but more recently from Iranian activity.”
Latest Microsoft outage ‘triggered’ by a cyber-attack
A second outage of several Microsoft services in two weeks, this one attributed to a cyber-attack, is fuelling further questions about the underlying security of the Windows operating system. According to Microsoft: "While the initial trigger event was a Distributed Denial-of-Service (DDoS) attack... initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it.” Services affected included Outlook, Azure, and Microsoft 365, with some people complaining on social media that they were unable to work. Starbucks customers also reported issues with the Starbucks app in Boston, New York, Washington DC, Dallas, Chicago, Los Angeles, Tampa and other cities. The disruption caused by this latest outage is, however, minor compared with the Windows outage caused by a mishandled CrowdStrike security upgrade, which resulted in canceled flights and marooned passengers in major international airports around the world last week.
Exclusive: CrowdStrike crash is only the beginning…
The famous “blue screen of death,” witnessed with horror by 8.5 million Microsoft Windows users worldwide as a result of the ongoing CrowdStrike outage, may soon become a far more familiar sight across a wide range of sectors. While there is no evidence that the widespread Microsoft Windows outage caused by the CrowdStrike upgrade was anything but accidental, many in the cybersecurity industry are seeing the past week’s experience as a dummy run for a full-fledged cyber-attack aimed at crippling critical infrastructure. As the current media pictures of people sleeping in airports testify, some sectors appear to be faring better than others.
‘Shadow IT’ poses a rapidly growing risk
The use of ‘shadow IT’, where staff purchase software without the approval of their IT department, is still on the rise. Despite being acutely aware of the cyber risks involved, three-quarters of security professionals admit to using off-the-shelf software-as-a-service (SaaS) applications in the last year. According to a survey of over 250 global security professionals carried out by cybersecurity firm Next DLP, 73 percent admitted to using SaaS applications, with over half of the respondents naming data loss (65 percent), lack of visibility and control (62 percent) and data breaches (52 percent) as the chief risks inherent in using unauthorized tools. One in ten also admitted they were certain their organization had suffered a data breach or data loss as a result.
Exclusive: Expanding AI data centers have become tempting targets
Big Tech’s rapidly-expanding server farms are becoming increasingly tempting targets for ransomware gangs. In their Gadarene rush to be first with AI-based services, companies such as Google and Microsoft are not only abandoning any previous pretences about reducing their greenhouse emissions and energy consumption, they are also inadvertently building increasingly tempting targets for organized cybercriminals and nation-state threat actors. The online industry’s vast data centers and server farms run on similar operational technology (OT) systems to other industrial facilities. Originally designed to run offline, these systems are notoriously difficult to secure, particularly when they need to interface with newer information technology (IT) systems.
Microsoft Pauses AI Copilot+ Feature Rollout Due to Safety Concerns – June 14th
Microsoft revealed that it's placing the AI-powered Copilot+ feature for PCs on hold due to critical safety concerns. "We are adjusting the release model for Recall to leverage the expertise of the Windows Insider community to ensure the experience meets our high standards for quality and security," Microsoft said in an update.
Microsoft accused of major security gaps
Microsoft is accused of failing to implement some basic security controls on its hugely popular Visual Studio Code (VSCode) extensions marketplace. An open letter from independent researchers published on Medium reports “an incredible number of security design flaws implemented by Microsoft that provide amazing ways for threat actors to gain credibility and access.” The researchers say the biggest security design flaw with VSCode extensions is the lack of any permission model. For example, a theme extension that should only change the colors of the user’s integrated development environment (IDE) may execute code and read or write files without any visibility or explicit authorization from the user. The researchers have also published research evidencing the security flaws highlighted in the open letter.
Musk deems “Apple Intelligence” offering insecure
Bereft of fresh ideas or new products, Apple’s main offering at its long-awaited annual Worldwide Developer's Conference in Cupertino, California, is a cobbled-together artificial intelligence (AI) offering. While AI may be Silicon Valley’s latest buzzword and marketing tool, “Apple Intelligence,” as Apple AI is branded, is already attracting heavy criticism – even from other tech giants. By pairing Microsoft-backed OpenAI’s ChatGPT with Apple’s voice-activated assistant, Siri, Apple hopes to make AI mainstream. But its critics say that all Apple has done is create a cybersecurity nightmare for corporations while sounding a death knell for the personal privacy of Apple users. "It's patently absurd that Apple isn't smart enough to make their own AI, yet is somehow capable of ensuring that OpenAI will protect your security & privacy!... Apple has no clue what's actually going on once they hand your data over to OpenAI. They're selling you down the river,” says Elon Musk, Tesla and SpaceX founder and the owner of X Corp, formerly Twitter.
Microsoft Helping US Hospitals from Cyber Attacks – June 11th
Microsoft announced the launch of its new cybersecurity program to support hospitals in rural America from cyber attacks. Microsoft's new security suite and cyber training offering will provide nonprofit pricing and discounts to critical access hospitals and rural emergency hospitals.
New cyber threat from North Korea
Microsoft has identified a new North Korean threat actor, Moonstone Sleet. Also known as Storm-1789, Moonstone Sleet has set up fake companies and job opportunities to engage with potential targets and has even created a fully functioning computer game designed to trap the unwary. The potentially hostile nation-state of North Korea has long been suspected of resorting to cybercrime, targeting the West to fund its military build-up and commit ongoing cyber espionage against countries such as the US and the UK. But Moonstone Sleet is taking cyber-attacks on the West to new levels of sophistication, posing a threat to all organizations. Microsoft says Moonstone Sleet “uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and cyberespionage objectives.”
Rubrik listing underlines strength of cyber sector
The cyber sector has received another boost with the initial public offering (IPO) of shares in Microsoft-backed cloud-based cybersecurity firm Rubrik, valuing the company at around $6.5 billion. Last week also saw that US private equity (PE) firm Thoma Bravo is to take UK cybersecurity company Darktrace private in a deal valuing the firm at over $5 billion. Orders for Rubrik’s IPO were reported to be oversubscribed for 20 times the 23.5 million shares on offer, with half of the shares allocated to top institutional investors. This investor appetite for the cyber stock is being seen as a testimony to the robustness of the cybersecurity sector, as Rubrik posted operating losses of $307 million last year. But it is the company’s current growth curve that seems to have spurred on investors, with annual recurring revenues reported at $784 million as of the end of 2023, up 47% on the year before.
Police rounding up LabHost users
International law enforcement is hailing last week’s bust of LabHost, the world’s largest phishing-as-a-service platform, as a major victory in the war against cybercrime. In addition to multiple arrests, the Europol-co-ordinated investigation also unearthed the identities of around 10,000 users of the illegal site, many of whom are now already under police investigation. The year-long investigation, led by the UK’s London Metropolitan Police, resulted in the arrest of 37 suspects worldwide following Europol-coordinated raids across 70 addresses worldwide. Partners in the investigation also included Chainalysis, Intel 471, Microsoft, The Shadowserver Foundation, and Trend Micro.