Tag: Microsoft’s | Page 3

Cybersecurity needs to be one of India’s topmost priorities for long term growth: Leaders at Microsoft’s ‘Future of Security’ Roundtable

October 25, 2022/in Computer Security

As we navigate an increasingly complex, boundaryless hybrid world, cybersecurity has never been more critical. With cyberattacks growing in size, scale and sophistication, cybersecurity becomes mission-critical for protecting individuals, businesses, and governments.

Against this backdrop, and as part of Cybersecurity Awareness Month, Microsoft hosted a Future of Security curated dialogue with industry experts, on building India’s cyber resilience. Terence Gomes, Country Head – Security, Microsoft India, was in conversation with Seema Khanna, Deputy Director General, National Informatics Centre (NIC), Government of India, Rama Vedashree, Former CEO, Data Security Council of India (DSCI), and Satish Kumar Dwibhashi, SVP and CISO, InMobi, on the evolution of the cybersecurity landscape and the need for public-private partnerships to protect India at scale.

Trust in technology, need for stronger collaboration between the public and private sectors, driving consumer awareness, and the role of secure, trusted, ethical tech in driving innovation for India were some of the topics that were discussed.

Anchoring these discussions, Microsoft shared its commitment to building a trusted tech ecosystem in the country, making available the technology and threat intelligence expertise required to protect against cyber threats.

Key excerpts from the discussion:

Trust in technology

Seema Khanna: “Trust in technology cannot work in silos, they go hand-in-hand. Earning trust is easy, but we only get one shot at it. Both as government and industry, we must navigate earning the trust from users. For this, we need to have an enabling framework for services. Security must be by design and every service we provide needs to be built with trust, especially in the hybrid world.”

Satish Kumar Dwibhashi: “We are living in a digital world. So, digital trust is a necessity. It is no longer a choice, but imperative in today’s world.”

Rama Vedashree: “We need to take a step back and acknowledge how much has moved to digital now. Digital technologies are now being used for very personal, very sensitive information. This is exactly why trust in technology is receiving so much…

Source…

Microsoft’s own mistake may have left users at risk of malware attacks

October 18, 2022/in Computer Security

Microsoft appears to have finally addressed an issue that could have left Windows users at risk of all kinds of cyberattacks.

A cyberattacking method called Bring Your Own Vulnerable Driver, or BYOVD for short. It revolves around the attackers installing older, legitimate software drivers, known for carrying vulnerabilities, on target endpoints (opens in new tab). Installing a legit driver will not trigger any antivirus (opens in new tab) alarms, but will open up the backdoors for attackers to deliver more dangerous payload.

However the researchers aren’t happy with how the company addressed the issue, as it would seem Microsoft only created a one-time solution for a problem that needs continuous support.

No updates

The number of BYOVD attacks rose significantly in the past couple of months, prompting researchers from Ars Technica to investigate if Microsoft’s solutions to the problem (which it dubbed “Secured Core” PCs) work as intended, or not. That’s when they realized the list hadn’t been updated in quite some time.

“But as I was reporting on the North Korean attacks mentioned above, I wanted to make sure this heavily promoted driver-blocking feature was working as advertised on my Windows 10 machine,” Ars Technica’s Dan Godin writes. “Yes, I had memory integrity turned on in Windows Security > Device security > Core isolation, but I saw no evidence that a list of banned drivers was periodically updated.”

Microsoft dismissed the initial findings as irrelevant, but as other researchers chimed in, it later changed its stance, saying it was “fixing the issues with our servicing process which has prevented devices from receiving updates to the policy,” Godin added.

“The vulnerable driver list is regularly updated, however we received feedback there has been a gap in synchronization across OS versions,” Microsoft was cited saying. “We have corrected this and it will be serviced in upcoming and future Windows Updates. The documentation page will be updated as new updates are released.”

While Microsoft claimed it solved the problem by having a driver blocklist that’s constantly being updated, researchers discovered that the company hasn’t…

Source…

Top 5 stories of the week: DeepMind and OpenAI advancements, Intel’s plan for GPUs, Microsoft’s zero-day flaws

October 9, 2022/in Internet Security

Learn how your company can create applications to automate tasks and generate further efficiencies through low-code/no-code tools on November 9 at the virtual Low-Code/No-Code Summit. Register here.

This week, Googled-owned tech lab, DeepMind, unveiled its first AI that is capable of creating its own algorithms to speed up matrix multiplication. Though it’s taught in high school math, matrix multiplication is actually fundamental to computational tasks and remains a core operation in neural networks.

In the same vein, OpenAI this week announced the release of Whisper — its open-source, deep learning model for speech recognition. The company claims the technology already shows promising results transcribing audio in several languages.

Joining the innovation sprint this week, Intel detailed a plan to make developers’ lives a bit easier, with a goal to make it possible to build an application once that can run on any operating system. Historically, this was a goal of the Java programming language, but even today the process is not uniform across the computing landscape — something Intel hopes to change.

On the security front, enterprise leaders had several new announcements to take note of this week, including the zero-day flaw exploit in Microsoft’s Exchange Server. The company confirmed that a suspected state-sponsored threat actor was able to successfully exfiltrate data from fewer than 10 organizations using its staple platform.

Event

Low-Code/No-Code Summit

Join today’s leading executives at the Low-Code/No-Code Summit virtually on November 9. Register for your free pass today.

Register Here

While it’s no secret that attacks like these continue to expand in both volume and intensity — the methods for preventing attacks are also evolving. Vulnerability solutions provider Tenable is one that has evolved to change its main focus, too. This week, the company announced it’s shifting its focus from vulnerability management to attack surface management and released a new tool for enterprises with…

Source…

Microsoft’s third mitigation update for Exchange Server zero-day exploit bypassed within hours

October 7, 2022/in Internet Security

Microsoft has published its third update for its mitigation of an exploit abusing two zero-day vulnerabilities in Microsoft Exchange Server.

It marks the latest step towards providing a fix for the exploit, dubbed ‘ProxyNotShell’, in what has been a confusing week for system admins attempting to understand the threat.

Security researcher Kevin Beaumont highlighted on Friday that there is already a bypass for the Microsoft-provided mitigation. It means every one of the company’s attempts to prevent the exploit from harming customers has been circumvented within hours of publication.

The issue is in the way Microsoft’s signatures detect the exploit. Signatures monitor the w3wp.exe internet information services (IIS) module but for customers of Windows Server 2016 and above, w3wp.exe is excluded automatically by Exchange Server when IIS is installed.

“The only way to correct this is to turn off automatic exclusions,” he said, but Microsoft states explicitly in its documentation to not do this.

The original vulnerability disclosure for the ProxyNotShell exploit was atypical in nature and the information regarding potential fixes has been fragmented and confusing to follow for many.

Discovered last week by security researchers at Vietnam-based company GTSC, the pair of zero-days has received a number of attempted fixes – the first of which was bypassed “easily”.

GTSC said in its report that it had noticed in-the-wild exploitation of both vulnerabilities for at least a month before publishing its findings.

The security issues are related to, but different from, the ProxyShell exploit which was developed in 2021 and are not protected by the patch Microsoft provided for ProxyShell that year.

Tracked as CVE-2022-41040 and CVE-2022-41082, they each received a CVSSv3 severity score of 8.8/10. Microsoft Exchange versions 2013, 2016, and 2019 are affected.

Exploitation requires access to an authenticated user account but initial tests indicated that any email user’s account, regardless of the level of privileges they had, could be used to launch an attack.

Microsoft Exchange Server customers are advised to monitor the official mitigation page and apply new ones as they become…

Source…

Tag Archive for: Microsoft’s

Event