Artificial Intelligence Microsoft Releases Red Teaming Tool for Generative AI Microsoft releases PyRIT red teaming tool to help identify risks in generative AI through automation. Ionut ArghireFebruary 23, 2024
Artificial Intelligence Microsoft Catches APTs Using ChatGPT for Vuln Research, Malware Scripting Microsoft threat hunters say foreign APTs are interacting with OpenAI’s ChatGPT to automate malicious vulnerability research, target reconnaissance and malware creation tasks. Ryan NaraineFebruary 14, 2024
Data Breaches Microsoft Says Russian Gov Hackers Stole Email Data From Senior Execs A Russian government-backed hacking team broke into Microsoft’s corporate network and stole emails and attachments from senior executives. Ryan NaraineJanuary 19, 2024
Malware & Threats Microsoft: Iranian APT Impersonating Prominent Journalist in Clever Spear-Phishing Attacks Microsoft says an APT with links to Iran’s military intelligence is impersonating a prominent journalist in clever spear-phishing attacks. Ryan NaraineJanuary 17, 2024
Network Security Remotely Exploitable ‘PixieFail’ Flaws Found in Tianocore EDK II PXE Implementation Quarkslab finds serious, remotely exploitable vulnerabilities in EDK II, the de-facto open source reference implementation of the UEFI spec. Ryan NaraineJanuary 16, 2024
Cloud Security Microsoft Lets Cloud Users Keep Personal Data Within Europe to Ease Privacy Fears Microsoft said that it is upgrading its cloud computing service to let customers store all personal data within the European Union. Associated PressJanuary 11, 2024
Network Security Microsoft Ships Urgent Fixes for Critical Flaws in Windows Kerberos, Hyper-V Patch Tuesday: Redmond patches critical, remote code execution vulnerabilities haunting Windows Kerberos and Windows Hyper-V. Ryan NaraineJanuary 9, 2024
Cloud Security Cisco to Acquire Isovalent, Add eBPF Tech to Cloud Portfolio Isovalent raised about 70 million in funding from prominent investors including Microsoft's venture fund, Google, and Andreessen Horowitz. Ryan NaraineDecember 21, 2023
Malware & Threats Outlook Plays Attacker Tunes: Vulnerability Chain Leading to Zero-Click RCE Akamai researchers document more vulnerabilities and patch bypasses leading to zero-click remote code execution in Microsoft Outlook. Ionut ArghireDecember 19, 2023
Cybercrime Microsoft Disrupts Cybercrime Service That Created 750 Million Fraudulent Accounts Microsoft disrupts Storm-1152, a cybercrime-as-a-service business facilitating phishing, identity theft, and DDoS attacks. Ionut ArghireDecember 14, 2023
Artificial Intelligence New AI Safety Initiative Aims to Set Responsible Standards for Artificial Intelligence Major software vendors sign on to a new security initiative to create trusted best practices for artificial intelligence deployments. SecurityWeek NewsDecember 13, 2023
Phishing Microsoft Patch Tuesday: Critical Spoofing and Remote Code Execution Flaws Microsoft warns of critical spoofing and remote code execution bugs in the Windows MSHTML Platform and Microsoft Power Platform Connector. Ryan NaraineDecember 12, 2023