Microsoft

• [New] Chat from Microsoft Teams is integrated into the taskbar, a new Microsoft Store will be available, and Snap Layouts, Snap Groups and Desktops will allow users to multitask and optimise their screen space. TechCentral.ie
• [New] Microsoft announced it will invest $20 billion over the next 5 years to accelerate efforts to integrate cyber security by design and deliver advanced security solutions. The White House
• [New] Starting today, the software giant will let consumers sign into Microsoft accounts with its Microsoft Authenticator app, Windows Hello, a security key, or an SMS / email verification code instead of a password. The Verge
• [New] Since the public disclosure, Microsoft has observed multiple threat actors, including ransomware-as-a-service affiliates, adopting publicly disclosed proof-of-concept code into their toolkits. Microsoft Security Blog
• [New] Last week, Microsoft warned of a zero-day vulnerability in Internet Explorer that is actively exploited by threat actors to hijack vulnerable Windows systems. Information Security Magazine
• [New] Microsoft has patched multiple flaws that could allow an Azure user to infiltrate other customers' cloud instances within Microsoft's container-as-a-service offering. Check Point Research
• [New] With Windows 11, Microsoft plans to cater to developers even more with better window management through its Snap Layouts that allow power users to quickly open several applications to pre-set positions on their screens. TechRadar pro
• [New] Since early last year, Google has blocked new AI features analyzing emotions, fearing cultural insensitivity, while Microsoft restricted software mimicking voices and IBM rejected a client request for an advanced facial-recognition system. Reuters
• [New] While most consider multi-factor authentication to be highly secure, companies like Microsoft now urge users to stop using SMS and voice authentication methods due to their increased security risks. Exploding Topics
• Microsoft has indicated that Home windows Hey will proceed to supply customers passwordless entry in Home windows 11, the place it would profit from the Trusted Platform Module, a cryptoprocessor chip required in Home windows 11 units. ADMET
• Since early last year, Google has blocked new AI features analysing emotions, fearing cultural insensitivity, while Microsoft restricted software mimicking voices and IBM rejected a client request for an advanced facial-recognition system. 2021
• Multiple threat actors are now coalescing their activity around the ProxyShell vulnerabilities in Microsoft Exchange Server, which sparked alarm in cyber security circles in August following a botched disclosure process. ComputerWeekly.com
• Phishing using disc images have never been super popular, but expect an uptick in their use during Microsoft's Windows 11 rollout. beware-the-long-con-phish?&hss_channel=tw-27654355
• Apple, Google, Amazon, Microsoft and Facebook are still working on an advanced artificial intelligence that could potentially surpass the human mind. GAVS TECHNOLOGIES
• The growing pattern of remote work is similar in China - Microsoft projected a 60-40 split between on-site and remote work within 10 years. SmartBrief
• Microsoft has urged customers to take action following the discovery of an Azure Cloud vulnerability allowing remote account takeover in Cosmos DB. The Daily Swig
• Google and Microsoft will invest $30 billion in cybersecurity over the next five years >> The Divide: Tackling the global broadband gap with aerial mapping >> The US may have a new top secret space weapon. Futureseek Link Digest
• The Conti ransomware gang is hacking into Microsoft Exchange servers and breaching corporate networks using recently disclosed ProxyShell vulnerability exploits. BleepingComputer
• Microsoft researchers discovered that the threat actors likely used DLL libraries compiled without ASLR loaded by the Serv-U process to facilitate exploitation. Security Affairs
• New threat monitoring application that detects breaches like ransomware, issues real-time alerts, and permits instant threat deletion for Microsoft 365. Asia Newsday
• UPDATED Microsoft has patched a fresh security vulnerability in Exchange Server that enables attackers to bypass authentication and snoop on employee emails. The Daily Swig

Last updated: 19 September 2021