Windows TCO and Microsoft Getting Cracked Again
-
Sean Conner ☛ “Now, here, you see, it takes all the running you can do, to keep in the same place.”
I'm a bit relunctant to write this, as I'll come across as an old man yelling at the clouds to get off his lawn, but the whole “update treadmill” the Computer Industry has foisted on us is getting tiresome.
-
Data Breaches ☛ Four-in-ten employees sacked over email security breaches as firms tackle “truly staggering” increase in attacks
Comment: If four in ten are being fired email security breaches, then maybe it’s not the employees who should be fired but those at the top who haven’t invested in solutions that do not rely on or require human beings to be perfect detectors of phishing attempts, BEC, or other social engineering attacks involving email. And now that AI is making such attacks even more convincing or difficult to detect, firing employees for falling prey is even less justifiable or effective.
-
IT Pro ☛ Four-in-ten employees sacked over email security breaches as firms tackle “truly staggering” increase in attacks
Research from cyber security firm Egress found that 94% of organizations globally have experienced a serious email security incident in the past 12 months.
-
Egress Software Technologies Ltd ☛ 2024 Email Security Risk Report
[...] Almost every organization has had email security incidents in their Microsoft 365 environments.
-
New York Times ☛ Microsoft Executives’ Emails [Breached] by Group Tied to Russian Intelligence [Ed: Just blame Russia?]
An elite [cracking] group sponsored by Russian intelligence gained access to the emails of some of Microsoft’s senior executives beginning in late November, the company disclosed in a blog post and regulatory filing on Friday.
-
Hindustan Times ☛ Microsoft claims Russian state-sponsored group [breached] its employees' emails: ‘Password spray attack’
Microsoft has claimed that a Russian state-sponsored group [broke] into its corporate systems on January 12 and accessed the accounts of members of the company's leadership team, as well as those of employees on its cybersecurity and legal teams.
-
The Register UK ☛ Russians invade Microsoft exec mail while China jabs at VMware vCenter Server
Microsoft on Friday admitted a Moscow-backed crew broke into "a very small percentage of Microsoft corporate email accounts" and stole internal messages and files.
These inboxes included those belonging to the leadership team, cybersecurity and legal employees, and others. The criminals exfiltrated not only emails but their attached documents, too.
-
Security Week ☛ Microsoft Says Russian Gov [Crackers] Stole Email Data from Senior Execs
A Russian government-backed [cracking] team successfully hacked into Microsoft’s corporate network and stole emails and attachments from senior executives and targets in the cybersecurity and legal departments, the company disclosed late Friday.
-
Data Breaches ☛ Microsoft says Russian government [crackers] stole email from its leaders
It also disclosed the intrusion in a filing with the Securities and Exchange Commission, which last year began requiring public companies to do so within four days of determining that a breach is material, including when a reasonable investor would want to know about a potential impact on reputation or relationships with customers.
-
The Washington Post ☛ Microsoft says Russian government [attackers] stole email from its leaders
Microsoft said in a late Friday blog post that it had detected the November breach on Jan. 12 and was beginning to notify staffers whose communications were intercepted.
It also disclosed the intrusion in a filing with the Securities and Exchange Commission, which last year began requiring public companies to do so within four days of determining that a breach is material, including when a reasonable investor would want to know about a potential impact on reputation or relationships with customers.
-
SEC ☛ FORM 8-K, CURRENT REPORT PURSUANT TO SECTION 13 OR 15(D) OF THE SECURITIES EXCHANGE ACT OF 1934, Date of Report (Date of earliest event reported) January 17, 2024, Microsoft Corporation [Warning for javascript]
On January 12, 2024, Microsoft (the “Company” or “we”) detected that beginning in late November 2023, a nation-state associated threat actor had gained access to and exfiltrated information from a very small percentage of employee email accounts including members of our senior leadership team and employees in our cybersecurity, legal, and other functions, on the basis of preliminary analysis. We were able to remove the threat actor’s access to the email accounts on or about January 13, 2024. We are examining the information accessed to determine the impact of the incident. We also continue to investigate the extent of the incident. We have notified and are working with law enforcement. We are also notifying relevant regulatory authorities with respect to unauthorized access to personal information. As of the date of this filing, the incident has not had a material impact on the Company’s operations. The Company has not yet determined whether the incident is reasonably likely to materially impact the Company’s financial condition or results of operations.
-
El País ☛ Microsoft says state-backed Russian [crackers] accessed emails of senior leadership team members
A company spokesperson said Microsoft had no immediate comment on which or how many members of its senior leadership had their email accounts breached. In a regulatory filing Friday, Microsoft said it was able to remove the [intruders]’ access from the compromised accounts on or about Jan. 13.