Tux Machines

Proprietary Failures and Security Breaches (Microsoft)

Posted by Roy Schestowitz on Aug 23, 2023

Linux Devices and Open Hardware

Microsoft's Monopoly Scrutiny

2023-08-18 [Older] Microsoft retracts AI-written article advising tourists to visit a food bank on an empty stomach

↺ 2023-08-18 [Older] Microsoft retracts AI-written article advising tourists to visit a food bank on an empty stomach

2023-08-17 [Older] Microsoft is the world's most impersonated brand: report [Ed: Is this a badge of honour? No. That just means Microsoft positioned itself to abuse people.]

↺ 2023-08-17 [Older] Microsoft is the world's most impersonated brand: report

2023-08-16 [Older] Microsoft acknowledges complaints about the waning quality of Bing Chat AI

↺ 2023-08-16 [Older] Microsoft acknowledges complaints about the waning quality of Bing Chat AI

2023-08-15 [Older] Apple Will Start Sending Payouts for $500 Million 'Batterygate' Lawsuit Soon

↺ 2023-08-15 [Older] Apple Will Start Sending Payouts for $500 Million 'Batterygate' Lawsuit Soon

2023-08-14 [Older] Apple to Finally Pay Out $500M Over iPhone Slowdown Lawsuit - CNET

↺ 2023-08-14 [Older] Apple to Finally Pay Out $500M Over iPhone Slowdown Lawsuit - CNET

Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

↺ Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

> In large metropolitan areas, tourists are often easy to spot because they’re far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like data theft and ransomware, and that more organizations should set simple virtual tripwires that sound the alarm when authorized users and devices are spotted exhibiting this behavior.

2023-08-15 [Older] Republican Congressman Says China Hacked His Emails Thanks to Microsoft Bug

↺ 2023-08-15 [Older] Republican Congressman Says China Hacked His Emails Thanks to Microsoft Bug

Windows TCO

RIA records 'above average' number of cyberattacks in July

↺ RIA records 'above average' number of cyberattacks in July

> At the beginning of July, an Estonian healthcare institution notified CERT-EE of a [successful] cyber attack.

> "The file server of the hospital had been wiped of data relating to the day-to-day operations and administration of the institution, but the health records of patients remained intact," RIA said.

Ransomware Group Starts Leaking Data From Japanese Watchmaking Giant Seiko

↺ Ransomware Group Starts Leaking Data From Japanese Watchmaking Giant Seiko

> The ransomware group known as BlackCat and ALPHV has now taken credit for the attack and has started leaking files apparently taken from Seiko systems after the victim refused to respond to its extortion attempts.

> The cybercriminals claim to have stolen 2 Tb worth of files, including employee information, production technology details, video and audio recordings of management meetings, emails, and copies of passports belonging to employees and foreign visitors.

US Military Targeted in Recent HiatusRAT Attack

↺ US Military Targeted in Recent HiatusRAT Attack

> Following initial reporting on HiatusRAT, the threat actor changed tactics and, in attacks observed in June 2023, shifted focus to performing reconnaissance against a US military procurement system and to targeting Taiwan-based organizations.

No rest for the wicked: HiatusRAT takes little time off in a return to action

↺ No rest for the wicked: HiatusRAT takes little time off in a return to action

> Despite our prior reporting, this group continued with their operations nearly unabated; in a truly brazen move, they recompiled malware samples for different architectures that contained the previously identified C2 servers. The actor then hosted this newly compiled malware on different procured virtual private servers (VPSs). One of which was used almost exclusively to target entities across Taiwan, including commercial firms and at least one municipal government organization. We subsequently observed a different VPS node performing a data transfer with a U.S. military server used for contract proposals and submissions. Given that this website was associated with contract proposals, we suspect the threat actor could gather publicly available information about military requirements, or search for organizations involved in the Defense Industrial Base (DIB).

gemini.tuxmachines.org