Microsoft unveils OpenAI-based cyber tools, Google accused of destroying antitrust evidence, A million pen tests show security is getting worse
Microsoft unveils OpenAI-based chat tools to combat cyberattacks
On Tuesday, Microsoft announced its new AI Security Copilot, which brings generative AI capabilities to its in-house security suite. The GPT-4-based chat tool integrates with existing Microsoft security products, including Defender, Sentinel, Entra, Purview, Priva, and Intune. Copilot can analyze data from those tools and provide in-depth explanations (including visualizations) and suggested remedies. The tool can also take action against certain threats such as deleting email messages containing malicious content identified through prior analysis.
(CSO )
Google accused of willfully destroying evidence in antitrust battle
Google is finding itself in legal hot water after a mix of state government, corporate, and individual plaintiffs accused the tech giant’s employees of intentionally disposing of chat history related to Google’s anticompetitive agreements among other issues. In a legal brief filed Monday, the plaintiffs argue that Google hindered the Android antitrust case and called for a substantial penalty from the San Francisco federal courts. According to the Department of Justice, Google defaulted most chat sessions to history-off, when it should have kept history-on due to requirements associated with ongoing litigation.
(The Register )
A million pen tests show companies’ security postures are getting worse
On Tuesday, analysis from 1 million pen tests revealed that data-exfiltration risk increased to an average score of 44 out of 100 in 2022, from an average risk score of 30 the prior year. This from a report from Cymulate, who said one key reason for the increased risk is attackers improving tactics to circumvent network and group policies. Additionally, the company found issues with patching hygiene, with four of the top-10 CVEs identified in customer environments being more than two years old. On a positive note, companies have improved malware detection across major platforms with many attacks being blocked by Web gateways.?
(Dark Reading )
North Korea now mining crypto to launder stolen loot
According to a new report from Mandiant, North Korean state-sponsored hackers have begun adopting a new trick to launder stolen crypto. The group, dubbed APT43, are paying their stolen coins to rent time on computers to mine for clean crypto. The new tactic comes as regulators worldwide have tightened their grip on crypto exchanges and laundering services that hackers have traditionally used to cash out their tainted coins.?
(Wired )
领英推荐
And now a word from our sponsor, 趋势科技
Exchange Online will soon block emails from vulnerable on-prem servers
Microsoft is slowly working to prevent risks associated with unsupported and unpatched on-prem Exchange servers. The company is enabling a transport-based enforcement system in Exchange Online that enables reporting, throttling, and blocking of these risky servers. The new system will alert admins that a particular server is unsupported or out-of-date via a new mail flow report in Exchange Online and a post in the Exchange Server Message Center. If after 30 days, the vulnerable server is not patched or upgraded, delivery of emails from that server to Exchange Online will be delayed (or “throttled”) for 5 minutes. Throttling will gradually increase over a period of 60 days, after which Exchange Online will no longer accept any messages from the server.
Russia supplies Iran cyber weapons in growing military cooperation?
According to WSJ, Russia is helping Iran gain advanced digital-surveillance capabilities including eavesdropping devices, advanced photography devices and lie detectors. This comes on the heels of Iran selling Russia drones for use in Ukraine, agreeing to provide them with short-range missiles and shipping ammunition to the battlefield. Russia and Iran, who both have sophisticated cyber capabilities, signed an agreement two years ago that mainly focused on cyber-defense networks.?
(Slashdot )
Lawmakers call on USPS to combat surge in fraud
A group of bipartisan lawmakers has called on the US Postal Service to strengthen safeguards against change of address fraud. Change of address fraud is a low-tech technique that exploits gaps in how USPS handles in-person address change requests. While USPS is supposed to check a government-issued ID (such as a passport or driver’s license), they were found relying solely on signed paper forms, often without any verification checks. The USPS inspector general recorded more than 23,000 such fraud cases in 2021 alone. The proposed provisions from House lawmakers would include allowing citizens to freeze an address change, just as they could freeze their credit to protect themselves.?
(TechCrunch )
CISA director says cutting agency’s budget would return it to ‘pre-SolarWinds world’
During a hearing with House Appropriation members on Tuesday, Cybersecurity and Infrastructure Security Agency Director Jen Easterly defended the request to increase her agency’s funding over the past year by around 5% to $3.1 billion. Easterly pointed to growing cybersecurity threats from China and the need to better safeguard US critical infrastructure to justify the increase. Easterly then warned if the agency’s budget falls below 2022 totals of around $2.6 billion or if the agency has to cut back on its regional partnerships, it would, “put us back in a pre-SolarWinds world where we’ll lose that visibility that we’ve developed and that’s harmful to our security as a nation.”?
(CyberScoop )