Microsoft - Security Ticks

May 2024 Patch Tuesday forecast: A reminder of recent threats and impact

Adobe, apple, Chrome, Don't miss, Expert analysis, Hot stuff, Ivanti, Microsoft, Mozilla, News, Office, patch, Patch Tuesday, security update / SecurityTicks

May 2024 Patch Tuesday forecast: A reminder of recent threats and impact 2024-05-10 at 08:46 By Help Net Security The thunderstorms of April patches have passed, and it has been pretty calm leading up to May 2024 Patch Tuesday. April 2024 Patch Tuesday turned out to be a busy one with 150 new CVEs addressed […]

React to this headline:

May 2024 Patch Tuesday forecast: A reminder of recent threats and impact Read More »

Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report

CISO Strategy, cloud security, CSRB, Exchange, Featured, Government, Microsoft / SecurityTicks

Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report 2024-05-03 at 21:17 By Ryan Naraine Microsoft security chief Charlie Bell pledges significant reforms and a strategic shift to prioritize security above all other product features. The post Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report Read More »

Microsoft, Google widen passkey support for its users

account protection, Bitwarden, consumer, Don't miss, enterprise, FIDO Alliance, Google, Hot stuff, Microsoft, News, passwordless, passwords / SecurityTicks

Microsoft, Google widen passkey support for its users 2024-05-03 at 14:46 By Zeljka Zorz Since 2013, the first Thursday in May is marked as World Password Day, a day dedicated to raising awareness about the need for using strong, unique passwords to secure out digital lives. Despite decades of often-repeated statements proclaiming the death of

React to this headline:

Microsoft, Google widen passkey support for its users Read More »

Microsoft pours $2.2B into Malaysia for cloud, AI expansion

AI, AI A, AI-skilling, Cloud, cybersecurity, data center, Europe, GDP, infrastructure, investment, Kearney, Malaysia, Microsoft, Prime Minister Anwar Ibrahim, Satya Nadella, Southeast Asia, Technology / SecurityTicks

Microsoft pours $2.2B into Malaysia for cloud, AI expansion 2024-05-02 at 13:01 By Cointelegraph by Amaka Nwaokocha In a statement, Microsoft said it will collaborate with the Malaysian government to establish a “national AI Center of Excellence” and improve cybersecurity capabilities. This article is an excerpt from Cointelegraph.com News View Original Source React to this

React to this headline:

Microsoft pours $2.2B into Malaysia for cloud, AI expansion Read More »

Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues

AI, Artificial Intelligence, Copilot, Data Protection, Microsoft, Privacy, Privacy & Compliance / SecurityTicks

Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues 2024-04-30 at 15:31 By Alastair Paterson Microsoft provides an easy and logical first step into GenAI for many organizations, but beware of the pitfalls. The post Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues appeared first on SecurityWeek. This

React to this headline:

Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues Read More »

Apple reportedly courting OpenAI to develop AI features for iPhone

apple, Google, iPhone, Microsoft, OpenAI / SecurityTicks

Apple reportedly courting OpenAI to develop AI features for iPhone 2024-04-27 at 20:05 By Cointelegraph by Tristan Greene The Cupertino company is also considering a partnership with Google. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

Apple reportedly courting OpenAI to develop AI features for iPhone Read More »

Biden’s Homeland Security team taps tech elite for AI defense board

Amazon, DHS, Google, IBM, Microsoft, NVIDIA, OpenAI, US Government, White House / SecurityTicks

Biden’s Homeland Security team taps tech elite for AI defense board 2024-04-26 at 23:03 By Cointelegraph by Tristan Greene The board includes the CEOs of Adobe, Alphabet, Anthropic, AMD, AWS, IBM, Microsoft, and Nvidia, as well as other business, civil rights, and academic leaders. This article is an excerpt from Cointelegraph.com News View Original Source

React to this headline:

Biden’s Homeland Security team taps tech elite for AI defense board Read More »

LSA Whisperer: Open-source tools for interacting with authentication packages

cybersecurity, GitHub, Microsoft, News, open source, red team, software / SecurityTicks

LSA Whisperer: Open-source tools for interacting with authentication packages 2024-04-26 at 07:32 By Mirko Zorz LSA Whisperer consists of open-source tools designed to interact with authentication packages through their unique messaging protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, schannel packages and cloudap’s AzureAD plugin. Partial or unstable support is provided

React to this headline:

LSA Whisperer: Open-source tools for interacting with authentication packages Read More »

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359)

0-day, CISA, Cisco, Don't miss, firewall, government-backed attacks, Hot stuff, Lumen, Microsoft, NCSC, News, security update / SecurityTicks

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) 2024-04-24 at 21:31 By Zeljka Zorz A state-sponsored threat actor has managed to compromise Cisco Adaptive Security Appliances (ASA) used on government networks across the globe and use two zero-day vulnerabilities (CVE-2024-20353, CVE-2024-20359) to install backdoors on them, Cisco Talos researchers have shared on Wednesday.

React to this headline:

Hackers backdoored Cisco ASA devices via two zero-days (CVE-2024-20353, CVE-2024-20359) Read More »

Coca‑Cola pours $1.1B into generative AI experiment with Microsoft

Azure, Cloud Services, Microsoft / SecurityTicks

Coca‑Cola pours $1.1B into generative AI experiment with Microsoft 2024-04-24 at 14:01 By Cointelegraph by Arijit Sarkar Microsoft intends to use services like Azure OpenAI Service and Copilot for Microsoft 365 to help drive AI innovation for the Coca‑Cola Company and its network of independent bottlers worldwide. This article is an excerpt from Cointelegraph.com News

React to this headline:

Coca‑Cola pours $1.1B into generative AI experiment with Microsoft Read More »

Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations

APT28, espionage, Malware, Malware & Threats, Microsoft, Nation-State, Russia / SecurityTicks

Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations 2024-04-23 at 17:16 By Ionut Arghire Russia-linked APT28 deploys the GooseEgg post-exploitation tool against numerous US and European organizations. The post Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

Russian Cyberspies Deliver ‘GooseEgg’ Malware to Government Organizations Read More »

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028)

0-day, APT, CVE, cyber espionage, Don't miss, exploit, Hot stuff, Microsoft, News, Windows / SecurityTicks

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028) 2024-04-23 at 17:01 By Zeljka Zorz For nearly four years and perhaps even longer, Forest Blizzard (aka Fancy Bear, aka APT28) has been using a custom tool that exploits a specific vulnerability in Windows Print Spooler service (CVE-2022-38028). Dubbed GooseEgg, the tool is a

React to this headline:

Russian hackers’ custom tool exploits old Windows Print Spooler flaw (CVE-2022-38028) Read More »

Meta launches ‘most capable openly available LLM to date’ rivalling GPT and Claude

ChatGPT, Google, Meta, Microsoft, OpenAI / SecurityTicks

Meta launches ‘most capable openly available LLM to date’ rivalling GPT and Claude 2024-04-18 at 23:01 By Cointelegraph by Tristan Greene Llama-3 may be the company’s most ambitious artificial intelligence project yet. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

Meta launches ‘most capable openly available LLM to date’ rivalling GPT and Claude Read More »

Microsoft pours $1.5B into UAE AI company, sets sights on global expansion

AI development, G42, global reach, Microsoft, strategic partnership, technology innovation / SecurityTicks

Microsoft pours $1.5B into UAE AI company, sets sights on global expansion 2024-04-16 at 12:01 By Cointelegraph by Savannah Fortis The strategic partnership between Microsoft and Abu Dhabi’s G42 aims to bolster AI innovation and expand global accessibility to cutting-edge technologies. This article is an excerpt from Cointelegraph.com News View Original Source React to this

React to this headline:

Microsoft pours $1.5B into UAE AI company, sets sights on global expansion Read More »

UK watchdog worries about tech giants’ AI market control

Amazon, Meta, Microsoft, OpenAI, Technology, UK Government / SecurityTicks

UK watchdog worries about tech giants’ AI market control 2024-04-12 at 13:01 By Cointelegraph by Amaka Nwaokocha The regulator acknowledges tech partnerships’ potential benefits but warns against dominant ones, which could harm competition. This article is an excerpt from Cointelegraph.com News View Original Source React to this headline:

React to this headline:

UK watchdog worries about tech giants’ AI market control Read More »

US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft

CISA, Data Breaches, Featured, Incident Response, Microsoft, Midnight Blizzard, Nation-State, Nobelium, Russia / SecurityTicks

US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft 2024-04-11 at 23:46 By Ryan Naraine The US government says Midnight Blizzard’s compromise of Microsoft corporate email accounts “presents a grave and unacceptable risk to federal agencies.” The post US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft

React to this headline:

US Government on High Alert as Russian Hackers Steal Critical Correspondence From Microsoft Read More »

Microsoft patches actively exploited security feature bypass vulnerability (CVE-2024-29988)

CISA, CVE, Don't miss, Hot stuff, Microsoft, News, Patch Tuesday, security update, SonicWall, Tenable, Trend Micro, vulnerability, vulnerability management / SecurityTicks

Microsoft patches actively exploited security feature bypass vulnerability (CVE-2024-29988) 2024-04-09 at 22:35 By Zeljka Zorz On this April 2024 Patch Tuesday, Microsoft has fixed a record 147 CVE-numbered vulnerabilities, including CVE-2024-29988, a vulnerability that Microsoft hasn’t marked as exploited, but Peter Girnus, senior threat researcher with Trend Micro’s Zero Day Initiative (ZDI), has found being

React to this headline:

Microsoft patches actively exploited security feature bypass vulnerability (CVE-2024-29988) Read More »

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers

cloud security, CVE-2024-29990, Kubernetes, Microsoft, Patch Tuesday, Vulnerabilities / SecurityTicks

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers 2024-04-09 at 22:02 By Ryan Naraine Patch Tuesday: Microsoft warns that unauthenticated hackers can take complete control of Azure Kubernetes clusters. The post Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Microsoft Plugs Gaping Hole in Azure Kubernetes Service Confidential Containers Read More »

April 2024 Patch Tuesday forecast: New and old from Microsoft

Adobe, apple, Don't miss, Expert analysis, Google, Hot stuff, Microsoft, Mozilla, News, opinion, Patch Tuesday, Windows / SecurityTicks

April 2024 Patch Tuesday forecast: New and old from Microsoft 2024-04-08 at 08:31 By Help Net Security This month, we have a new product preview from Microsoft, and some older products are being prepared for end-of-support. But before we go there, March 2024 Patch Tuesday was pretty mild, with 60 unique vulnerabilities addressed. We saw

React to this headline:

April 2024 Patch Tuesday forecast: New and old from Microsoft Read More »

Microsoft’s Security Chickens Have Come Home to Roost

China APT, cloud security, CSRB, Government, M365, Microsoft, Nation-State / SecurityTicks

Microsoft’s Security Chickens Have Come Home to Roost 2024-04-04 at 13:16 By Ryan Naraine News analysis: SecurityWeek editor-at-large Ryan Naraine reads the CSRB report on China’s audacious Microsoft’s Exchange Online hack and isn’t at all surprised by the findings. The post Microsoft’s Security Chickens Have Come Home to Roost appeared first on SecurityWeek. This article

React to this headline:

Microsoft’s Security Chickens Have Come Home to Roost Read More »