Security News

Microsoft's new AI image generation Paint tool powered by OpenAI's DALL-E text-to-image model is now rolling out to Windows Insiders in Dev and Canary channels. "With this update, we are excited to introduce Paint Cocreator, a new AI-powered experience powered by DALL-E that helps you create amazing artwork in Paint by describing in a few words what you'd like to create," said Dave Grochocki, Principal Product Manager Lead for Windows Inbox Apps.

Microsoft has unveiled Azure Update Manager, a SaaS tool tailored for enterprise clients to simplify the software update management process across different platforms. This tool represents an enhancement over the previous Azure Automation Update management solution. It empowers IT professionals to oversee software updates on Windows and Linux systems across Azure, on-premises, and multi-cloud settings.Azure Update Manager offers a suite of functionalities to IT administrators, enabling them to monitor the update compliance of their machines, whether they're based in Azure, on-premises, or other cloud infrastructures. Critical updates can be immediately deployed, ensuring systems remain secure. The tool also provides the capability to manage extended security updates for Azure Arc-enabled virtual machines. Furthermore, administrators have the option to schedule regular patching, determining specific time frames for the rollout of updates and system reboots.

Microsoft is officially rolling out support for passkeys in Windows 11 today as part of a major update to the desktop operating system.The feature allows users to login to websites and applications without having to provide a username and password, instead relying on their device PIN or biometric information to complete the step. Based on FIDO standards, Passkeys were first announced in May.

An inside look at NetSPI's impressive Breach and Attack Simulation platformIn this Help Net Security interview, Scott Sutherland, VP of Research at NetSPI, delves into the intricacies of their Breach and Attack Simulation platform and discusses how it offers unique features - from customizable procedures to advanced plays - that help organizations maximize their ROI. How companies can take control of their cybersecurityIn this Help Net Security interview, Baya Lonqueux, CEO at Reciproc-IT, discusses the evolving cybersecurity landscape and the essential skillsets needed for teams working in this field. Critical Trend Micro vulnerability exploited in the wildTrend Micro has fixed a critical zero-day vulnerability in several of its endpoint security products for enterprises that has been spotted being exploited in the wild.

Microsoft will start rolling out its Copilot digital assistant to all customers next week, on September 26th, together with a host of new AI-powered capabilities as part of a new Windows 11 22H2...

Here's a list of free Azure cybersecurity resources that Microsoft offers to anyone interested in learning. Prepare for cloud security by using the Microsoft Cloud Adoption Framework for Azure.

Microsoft said today that the Exchange Web Services API for Exchange Online and Office 365 will be retired in approximately three years. These resources can be retrieved from various sources, including Exchange Online, Exchange Online as part of Office 365, and on-premises editions of Exchange.

Microsoft on Monday said it took steps to correct a glaring security gaffe that led to the exposure of 38 terabytes of private data. "The exposure came as the result of an overly permissive SAS token - an Azure feature that allows users to share data in a manner that is both hard to track and hard to revoke," Wiz said in a report.

Microsoft has patched a vulnerability that exposed 38TB of private data from its AI research division. The repository held 38TB of private data, secrets, private keys, passwords and the open-source AI training data.

A Microsoft employee accidentally exposed 38 terabytes of private data while publishing a bucket of open-source AI training data on GitHub, according to Wiz security researchers who spotted the leaky account and reported it to the Windows giant.This is despite Wiz claiming the leaky data bucket had private keys, passwords, and over 30,000 internal Microsoft Teams messages, as well as backup data from two employees' workstations.