Microsoft
Russian group hacks emails of Microsoft’s “senior leadership” and cybersecurity staff
"We will act immediately to apply our current security standards to Microsoft-owned legacy systems and internal business processes..."
AI
Microsoft open-sources “TaskWeaver” AI framework
Stateful. A Web UI. Customisable plugins. Six LLMs supported. Nice work, Microsoft.
Patch Tuesday
Patch Tuesday brings lots of chaff, a little buggy wheat too. Some CVE highlights to review.
One vulnerability bears a striking resemblance to an 0day that was actively exploited in the wild in November 2023.
Windows 11
Windows 10 end of life could kill 240 million PCs
Microsoft's decision to switch to a new version of Windows could create an epic wave of e-waste as some 240 million PCs stand to lose support according to industry analysts
Microsoft
Microsoft won't get back to mixed reality
Microsoft has dropped support for its augmented reality system, signaling a major shift for the company and its vision of the future
CISO
Microsoft appoints a new Global CISO amid security leadership shakeup
"A storied career in high-scale/high-security, demanding environments"
Microsoft
20,000+ EOL Exchange Servers are still sitting there and sucking it up
Attacks on Exchange Server Attacks in 2022 were so rife that threat groups were observed cleaning up .aspx and .bat files to remove other attackers
OpenAI
Sam Altman joins Microsoft as Nadella pounces - and OpenAI appoints former Twitch CEO
"We’ve learned a lot over the years about how to give founders and innovators space to build independent identities and cultures within Microsoft"
OpenAI
OpenAI abruptly fires CEO Sam Altman -- days after Microsoft briefly blocked access to ChatGPT over "security and data" concerns
Altman was "not consistently candid in his communications with the board, hindering its ability to exercise its responsibilities. The board no longer has confidence in his ability to continue leading OpenAI.”
Microsoft
Microsoft unveils “the last puzzle piece” – its own semiconductors
Big claims by Satya Nadella, big news for the industry, but no benchmarks or hard specifications yet.
Microsoft
Microsoft pledges a dramatic software security overhaul, as Amazon veteran shakes the tree
Biggest overhaul of Redmond's security in 20 years sees promises of "code analysis [of] 100% of commercial product”, cryptographic keys to be kept in a hardened Azure HSM, more.
ransomware
English-speaking ransomware group expanding ops, deploying diverse tools, threats
Both blunt and more advanced social engineering approaches used for initial access; the group also has sophisticated hands-on-keyboards capabilities and a diverse toolset.