Microsoft - Security Ticks

US retailers under attack by gift card-thieving cyber gang

cybercrime, Don't miss, FBI, Hot stuff, Microsoft, News, Retail, tips / SecurityTicks

US retailers under attack by gift card-thieving cyber gang 2024-05-24 at 14:01 By Zeljka Zorz Earlier this month, the FBI published a private industry notification about Storm-0539 (aka Atlas Lion), a Morocco-based cyber criminal group that specializes in compromising retailers and creating fraudulent gift cards. Microsoft then went more in-dept on the group’s tactics, techniques, […]

React to this headline:

US retailers under attack by gift card-thieving cyber gang Read More »

Windows’ new Recall feature: A privacy and security nightmare?

data security, Don't miss, Hot stuff, Microsoft, News, Privacy, Windows / SecurityTicks

Windows’ new Recall feature: A privacy and security nightmare? 2024-05-22 at 15:32 By Zeljka Zorz Microsoft has announced the Copilot+ line of Windows 11-powered PCs that, among other things, will have Recall, a feature that takes screenshots every few seconds, encrypts them, saves them, and leverages AI to allow users to search through them for

React to this headline:

Windows’ new Recall feature: A privacy and security nightmare? Read More »

Google Cites ‘Monoculture’ Risks in Response to CSRB Report on Microsoft

CISA, cloud security, CSRB, Google Cloud, Government, Microsoft, Nation-State / SecurityTicks

Google Cites ‘Monoculture’ Risks in Response to CSRB Report on Microsoft 2024-05-20 at 22:01 By Ryan Naraine Google is invoking the ‘monoculture’ word in response to a scathing U.S. government report on Microsoft’s inadequate cybersecurity practices. The post Google Cites ‘Monoculture’ Risks in Response to CSRB Report on Microsoft appeared first on SecurityWeek. This article

React to this headline:

Google Cites ‘Monoculture’ Risks in Response to CSRB Report on Microsoft Read More »

Bitcoin would need to hit $93K to flip Silver right now

Amazon, apple, Crypto Fear & Greed Index, gold, Google, Microsoft, NVIDIA, Saudi Aramco, silver / SecurityTicks

Bitcoin would need to hit $93K to flip Silver right now 2024-05-20 at 09:01 By Cointelegraph by Brayden Lindrea Silver’s market cap has risen to over $500 billion larger than Bitcoin, despite the cryptocurrency flipping the precious metal just two months ago. This article is an excerpt from Cointelegraph.com News View Original Source React to

React to this headline:

Bitcoin would need to hit $93K to flip Silver right now Read More »

Microsoft faces multi-billion dollar fine in EU over Bing AI

Europe, European Union, Fines, Microsoft / SecurityTicks

Microsoft faces multi-billion dollar fine in EU over Bing AI 2024-05-19 at 03:01 By Cointelegraph by Tristan Greene The Redmond company could be fined as much as 1% of its annual revenue if it doesn’t respond by May 27. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

Microsoft faces multi-billion dollar fine in EU over Bing AI Read More »

‘We’re just scratching the surface’ of crypto and AI — Microsoft exec

Cryptocurrencies, Fintech, Microsoft, PayPal, Technology, Web3 / SecurityTicks

‘We’re just scratching the surface’ of crypto and AI — Microsoft exec 2024-05-16 at 17:01 By Cointelegraph by Andrew Singer The symbiotic relationship between AI and crypto is still in its nascent stages, according to tech execs. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

‘We’re just scratching the surface’ of crypto and AI — Microsoft exec Read More »

Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities

CVE-2024-30040, CVE-2024-30044, CVE-2024-30051, Featured, Malware & Threats, Microsoft, Patch Tuesday, Ransomware, Vulnerabilities / SecurityTicks

Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities 2024-05-14 at 22:47 By Ryan Naraine Patch Tuesday: Microsoft documents 60 security flaws in multiple software products and flags an actively exploited Windows zero-day for urgent attention. The post Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities appeared first on SecurityWeek. This article

React to this headline:

Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities Read More »

May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040)

0-day, Don't miss, Hot stuff, Kaspersky, Mandiant, Microsoft, News, Patch Tuesday, security update, SharePoint, Trend Micro, vulnerability / SecurityTicks

May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040) 2024-05-14 at 22:02 By Zeljka Zorz For May 2024 Patch Tuesday, Microsoft has released fixes for 59 CVE-numbered vulnerabilities, including two zero-days (CVE-2024-30051, CVE-2024-30040) actively exploited by attackers. CVE-2024-30051 and CVE-2024-30040 CVE-2024-30051 is a heap-based buffer overflow vulnerability affecting the Windows DWM Core Library that

React to this headline:

May 2024 Patch Tuesday: Microsoft fixes exploited zero-days (CVE-2024-30051, CVE-2024-30040) Read More »

May 2024 Patch Tuesday forecast: A reminder of recent threats and impact

Adobe, apple, Chrome, Don't miss, Expert analysis, Hot stuff, Ivanti, Microsoft, Mozilla, News, Office, patch, Patch Tuesday, security update / SecurityTicks

May 2024 Patch Tuesday forecast: A reminder of recent threats and impact 2024-05-10 at 08:46 By Help Net Security The thunderstorms of April patches have passed, and it has been pretty calm leading up to May 2024 Patch Tuesday. April 2024 Patch Tuesday turned out to be a busy one with 150 new CVEs addressed

React to this headline:

May 2024 Patch Tuesday forecast: A reminder of recent threats and impact Read More »

Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report

CISO Strategy, cloud security, CSRB, Exchange, Featured, Government, Microsoft / SecurityTicks

Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report 2024-05-03 at 21:17 By Ryan Naraine Microsoft security chief Charlie Bell pledges significant reforms and a strategic shift to prioritize security above all other product features. The post Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report Read More »

Microsoft, Google widen passkey support for its users

account protection, Bitwarden, consumer, Don't miss, enterprise, FIDO Alliance, Google, Hot stuff, Microsoft, News, passwordless, passwords / SecurityTicks

Microsoft, Google widen passkey support for its users 2024-05-03 at 14:46 By Zeljka Zorz Since 2013, the first Thursday in May is marked as World Password Day, a day dedicated to raising awareness about the need for using strong, unique passwords to secure out digital lives. Despite decades of often-repeated statements proclaiming the death of

React to this headline:

Microsoft, Google widen passkey support for its users Read More »

Microsoft pours $2.2B into Malaysia for cloud, AI expansion

AI, AI A, AI-skilling, Cloud, cybersecurity, data center, Europe, GDP, infrastructure, investment, Kearney, Malaysia, Microsoft, Prime Minister Anwar Ibrahim, Satya Nadella, Southeast Asia, Technology / SecurityTicks

Microsoft pours $2.2B into Malaysia for cloud, AI expansion 2024-05-02 at 13:01 By Cointelegraph by Amaka Nwaokocha In a statement, Microsoft said it will collaborate with the Malaysian government to establish a “national AI Center of Excellence” and improve cybersecurity capabilities. This article is an excerpt from Cointelegraph.com News View Original Source React to this

React to this headline:

Microsoft pours $2.2B into Malaysia for cloud, AI expansion Read More »

Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues

AI, Artificial Intelligence, Copilot, Data Protection, Microsoft, Privacy, Privacy & Compliance / SecurityTicks

Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues 2024-04-30 at 15:31 By Alastair Paterson Microsoft provides an easy and logical first step into GenAI for many organizations, but beware of the pitfalls. The post Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues appeared first on SecurityWeek. This

React to this headline:

Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues Read More »

Apple reportedly courting OpenAI to develop AI features for iPhone

apple, Google, iPhone, Microsoft, OpenAI / SecurityTicks

Apple reportedly courting OpenAI to develop AI features for iPhone 2024-04-27 at 20:05 By Cointelegraph by Tristan Greene The Cupertino company is also considering a partnership with Google. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

Apple reportedly courting OpenAI to develop AI features for iPhone Read More »

Biden’s Homeland Security team taps tech elite for AI defense board

Amazon, DHS, Google, IBM, Microsoft, NVIDIA, OpenAI, US Government, White House / SecurityTicks

Biden’s Homeland Security team taps tech elite for AI defense board 2024-04-26 at 23:03 By Cointelegraph by Tristan Greene The board includes the CEOs of Adobe, Alphabet, Anthropic, AMD, AWS, IBM, Microsoft, and Nvidia, as well as other business, civil rights, and academic leaders. This article is an excerpt from Cointelegraph.com News View Original Source

React to this headline:

Biden’s Homeland Security team taps tech elite for AI defense board Read More »

LSA Whisperer: Open-source tools for interacting with authentication packages

cybersecurity, GitHub, Microsoft, News, open source, red team, software / SecurityTicks

LSA Whisperer: Open-source tools for interacting with authentication packages 2024-04-26 at 07:32 By Mirko Zorz LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, schannel packages and cloudap’s AzureAD plugin. Partial or unstable support is provided

React to this headline:

LSA Whisperer: Open-source tools for interacting with authentication packages Read More »

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)

0-day, CISA, Cisco, Don't miss, firewall, government-backed attacks, Hot stuff, Lumen, Microsoft, NCSC, News, security update / SecurityTicks

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) 2024-04-24 at 21:31 By Zeljka Zorz A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, Cisco Talos researchers have shared on Wednesday.

React to this headline:

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) Read More »

Coca‑Cola pours $1.1B into generative AI experiment with Microsoft

Azure, Cloud Services, Microsoft / SecurityTicks

Coca‑Cola pours $1.1B into generative AI experiment with Microsoft 2024-04-24 at 14:01 By Cointelegraph by Arijit Sarkar Microsoft intends to use services like Azure OpenAI Service and Copilot for Microsoft 365 to help drive AI innovation for the Coca‑Cola Company and its network of independent bottlers worldwide. This article is an excerpt from Cointelegraph.com News

React to this headline:

Coca‑Cola pours $1.1B into generative AI experiment with Microsoft Read More »

Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations

APT28, espionage, Malware, Malware & Threats, Microsoft, Nation-State, Russia / SecurityTicks

Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations 2024-04-23 at 17:16 By Ionut Arghire Russia-linked APT28 deploys the GooseEgg post-exploitation tool against numerous US and European organizations. The post Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations Read More »

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)

0-day, APT, CVE, cyber espionage, Don't miss, exploit, Hot stuff, Microsoft, News, Windows / SecurityTicks

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028) 2024-04-23 at 17:01 By Zeljka Zorz For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a

React to this headline:

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028) Read More »