Microsoft

Subscribe to Microsoft via RSS

A Microsoft blog post reported that incident response researchers uncovered a remote access trojan in November 2024 (dubbed StilachiRAT) that “demonstrates sophisticated techniques to evade detection, persist in the target environment, and exfiltrate sensitive data.” 

According to Microsoft, the StilachiRAT threat actors use different methods to steal information from the victim, including credentials stored in

Thomson Reuters scored a major victory in one of the first cases dealing with the legality of using copyrighted data to train artificial intelligence (AI) models. In 2020, Thomson Reuters sued the now-defunct AI start-up Ross Intelligence for alleged improper use of Thomson Reuters materials, including case headnotes in its Westlaw search engine, to train

Microsoft is developing a way to eliminate hallucinations, or false responses, in artificial intelligence (AI) models. It filed U.S. Patent Application No. 18/140,658, entitled “Interacting with a Language Model using External Knowledge and Feedback,” in April 2023. The application published on October 31, 2024, and became available for public inspection.

The patent specification describes a

On October 22, 2024, Microsoft issued a threat trend research report entitled “US Healthcare at risk: Strengthening resilience against ransomware attacks.” In it, Microsoft declares that ransomware attacks against the healthcare sector are “emerging as one of the most significant” cybersecurity threats to healthcare organizations. The attack surface of hospitals “grows more complex” with digital

We previously reported on the concerning mash-up of worldwide cybercriminals, known as Scattered Spider, working together to attack victims.

New reports from Microsoft and others indicate that since the second quarter of 2024, Scattered Spider is now using RansomHub and Qilin ransomware against victims. Scattered Spider is suspected of attacking hundreds of organizations since its

TeamViewer, which provides remote connectivity products and services, announced that it detected a cybersecurity event on its internal IT system on June 26, 2024. TeamViewer stated that it did not affect the TeamViewer product environment, connectivity platform, or any customer data.

A recent update by TeamViewer states: “According to current findings, the threat actor leveraged

It is being reported that Black Basta (aptly named) exploited a Microsoft zero-day prior to Microsoft’s release of a patch for the vulnerability back in March.

The vulnerability, CVE-2024-26169, was on Microsoft’s March update’s Patch Tuesday List. Unpatched, it allows the threat actor to escalate privileges. Symantec’s threat hunter team has discovered that Black Basta

The UK’s data privacy regulator, the Information Commissioner’s Office (ICO), is investigating Microsoft over potential privacy concerns with its recently announced AI-powered “Recall” feature for Windows PCs. Microsoft Recall is designed to continuously capture screenshots of a user’s PC activity and use AI to create a searchable computer usage history. While these screenshots would be

Patching vulnerabilities is a difficult task. Keeping up with and patching them without disrupting users’ experience is tricky. Nonetheless, it is a necessary evil and crucial to cybersecurity hygiene and incident prevention.

On March 12, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) issued three Cybersecurity Alerts for Adobe, Microsoft, and Fortinet security patches.

The