Recently Browsing 0 members
No registered users viewing this page.
By Usama Jawad96
Microsoft has disabled 94% of Trickbot's critical operational infrastructure
by Usama Jawad
A little over a week ago, Microsoft announced that it has partnered with various cybersecurity and telecom firms to disrupt the Trickbot botnet as part of a U.S. court order that it secured. The company stated that this botnet is quite advanced and uses malware-as-a-service model to infect consumer machines and IoT devices with ransomware. While the identities of the operators of Trickbot are currently unknown, Microsoft stated that it has been used both for individual criminal operations as well as nation-state objectives, making it even more dangerous with the U.S. presidential elections looming.
Today, the company has provided more details on how it has disrupted Trickbot's network and has outlined what it plans to do next.
In a blog post, Microsoft has claimed that as of October 18, it has eliminated 94% of Trickbot's critical operational infrastructure since it began its operation a few days ago. Out of 69 major Trickbot servers identified, 62 have already been taken down and the malicious actors operating this botnet have been struggling to add new infrastructure. Microsoft stated that these criminals set up 59 new servers and that the company has disabled all of them, bringing the eliminated servers tally to 120 out of 128.
The Redmond tech giant has noted that since this is an active operation and a painstaking process with action being taken from the opposing side as well, expect these figures to change regularly. However, the company does have three key takeaways from its work so far.
First and foremost, since securing its initial court order allowing it to disable core Trickbot infrastructure a few days ago, Microsoft has procured several other court orders to ensure that other components of the infrastructure are taken down as well in a legal manner, and the company will continue doing so until election day on November 3. It has also been working with its global partners and hosting providers who have shared key information about the botnet to uncover new command-and-control servers as well as compromised IoT devices. The company will continue working with ISPs to ensure that compromised devices in households and businesses are remediated so these do not cause further harm.
Secondly, Microsoft has noticed that the individuals operating Trickbot have been scrambling to set up new infrastructure and collaborate with other criminals to deploy malicious payload, and while this move is not as dangerous as Trickbot's native capabilities, it is still something to keep your guard up against. The company says that the purpose of this operation has always been to disrupt the botnet during peak election activity, so the fact that the operators have had to divert their attention elsewhere is certainly positive with respect to the operation's success.
Lastly, Microsoft says that its Digital Crimes Unit is well-versed and highly-trained in Trickbot's infrastructure and identifying malicious activities, and will continue to disrupt the botnet's operation in the coming weeks. It has established direct contact with local ISPs, telecom companies, and global partners who are monitoring and sharing information about Trickbot's activities 24/7. The company says:
Microsoft has also recommended that people directly involved in the elections to utilize the company's tooling such as AccountGuard, Microsoft 365 for Campaigns, and Election Security Advisors to protect themselves from similar threats.
By Usama Jawad96
Microsoft urges organizations to ensure data privacy instead of relying on state legislature
by Usama Jawad
With remote working environments becoming the new normal with the ongoing pandemic, digital data privacy and security has become more important than ever. To that end, over the past few weeks, Microsoft has launched the Zero Trust Deployment Center, new Threat Protection APIs, and initiatives to promote cybersecurity awareness.
Now, the company is urging individual organizations to do more in ensuring the privacy and security of customer data rather than solely relying on the state legislature in the U.S.
In a blog post penned by Julie Brill, Corporate Vice President for Global Privacy and Regulatory Affairs and Chief Privacy Officer at Microsoft, the executive has stated that as society transitions to recovering from the pandemic, data will play a critical role in rebuilding an equitable economy that is just for all. This data includes personal information and in order to fully utilize it, it is essential that people trust that their data will not be misused. Over the past few years, data breaches have led people to be extra cautious about how companies store and use their data, and Microsoft says that customer trust is quite fragile currently.
Brill went on to say that while some U.S. states, the EU, and other countries have recently developed individual data privacy laws like General Data Protection Regulation (GDPR), the United States as a whole is still using decades-old laws that are only limited to protecting a subset of data. The executive stated:
Moving forward, Brill believes that while laws are important, the responsibility to ensure data security and privacy still lies with individual organizations. Recent YouGov surveys have shown that people in the United States believe that this is the responsibility of companies rather than the government. However, companies are instead placing this responsibility on customers themselves by pressuring them to navigate across various websites and apps to make decisions about how their data will be used. Brill stated:
To that end, Microsoft has outlined four principles that it believes will create a framework of trust. These are:
Microsoft believes that building this trust with customers is doable provided that both organizations as well as the government actively work together to develop and enforce laws about data privacy. It has also encouraged companies to take responsibility for protecting customer data, stating that it is the only way forward in the path to a robust and just economic recovery.
By Usama Jawad96
Microsoft announces launch of Zero Trust Deployment Center
by Usama Jawad
Microsoft has been promoting cybersecurity initiatives for quite some time. In September, it released new Threat Protection APIs, and this month, it announced plans to promote cybersecurity awareness month.
However, with the pandemic resulting in numerous people across various industries working remotely, many have been resorting to Zero Trust security models. Now, Microsoft has announced the launch of its Zero Trust Deployment Center to ease businesses transitioning to this model.
For the uninitiated, here's how Microsoft describes the Zero Trust security model:
Microsoft states that while businesses have been working hard to utilize this model, one thing that they still encounter difficulties is in the area of additional deployment support. To tackle this problem, the firm has announced the Zero Trust Deployment Center.
Simply put, this is a set of documentation that dives into details about how to implement principles of Zero Trust, setting up infrastructure, network, data, and environment-readiness, among many other things. Microsoft says that it has ensured this repository of information contains guidance about Zero Trust deployment in plain-level objectives and action items to ease the environment setup. For organizations already implementing Zero Trust security models, this repository will be useful in determining their progress.
Those interested in setting up their Zero Trust environment can visit the Deployment Center here while organizations who have already implemented it to some extent can test its maturity using Microsoft's tool here.
End-to-end encryption coming to Zoom next week
by Paul Hill
Zoom has announced that it will finally roll out end-to-end encryption (E2EE) from next week. Initially, it will be launched as a technical preview where Zoom will ask for feedback from users. This period will last for about 30 days so that any issues can be ironed out.
Once E2EE is launched to the public, users on both the free and paid tiers will be able to host up to 200 participants in an E2EE meeting on Zoom. These meeting rooms will provide increased privacy and security for those who need it.
According to the firm, Zoom’s E2EE uses the same GCM encryption that is in use right now in Zoom meetings, the difference is that with E2EE, the meeting’s host generates encryption keys and uses public-key cryptography to distribute these keys to other participants. This means that Zoom’s servers never see the encryption keys required to decrypt a meeting’s content.
Commenting on the launch of E2EE, Zoom CEO Eric S. Yuan, said:
To begin using E2EE when it launches next week, users will need to enable E2EE meetings at the account level and opt-in on a per-meeting basis. It should be noted that not all of Zoom’s features are available in E2EE mode, these include join before host, cloud recording, streaming, live transcription, Breakout Rooms, polling, 1:1 private chat, and meeting reactions. To learn more about E2EE on Zoom, check out the FAQ at the bottom of the announcement.
By Abhay V
Microsoft releases Flight Simulator patch version 22.214.171.124 with a bunch of fixes
by Abhay Venkatesh
As promised last week, Microsoft has released a new patch for Flight Simulator, bringing version 126.96.36.199 to all users. Today’s update contains a bunch of fixes and improvements to various areas such as the UI, airports, planes, and more. The changelog also notes that multiplayer has been deactivated in the Japan discovery flight.
While the patch notes are short – in comparison to earlier patches –, the download from the Store is a 569MB package, with the in-game content download size reaching 2.4GB. The company is quick to add that these notes do not include “every single item that was updated”. Regardless, fixes for the VFR screen causing game crashes and issues in the Avionics screens will be welcome additions for those who have been experiencing them. There are other fixes for auto-generated scenery.
Here is the complete list of fixes in patch version 188.8.131.52:
Interestingly, the company has not listed if the ‘Press any key to start’ prompt has been removed from the game. The firm listed this ‘Top wishes’ item as fixed and slated for release in the fourth update, which is what today’s patch is. Another item in the latest Feedback Snapshot denoted as fixed in ‘Update 4’ is the issue with the left engine failing to start on the A320, which also isn’t present in the release notes.
In addition to the patch notes, the company has also updated the list of known issues and the possible workarounds. These include issues with various aircraft, airports, weather, and more. Users can head here to read through all the known issues and workarounds.