Security News

The "Unique" native English-speaking group is tracked by Microsoft as Octo Tempest and in the space of a year has demonstrated a consistent and rapid evolution to become one of the most well-equipped cybercrime groups in existence. After initially exploring ransomware as part of its toolset, Octo Tempest originally conducted attacks without dropping an encryption payload, sticking with the data extortion tactics it had adopted starting in late 2022.

Microsoft has published a detailed profile of a native English-speaking threat actor with advanced social engineering capabilities it tracks as Octo Tempest, that targets companies in data extortion and ransomware attacks. Microsoft says that Octo Tempest also used direct physical threats in some cases to obtain logins that would advance their attack.

Microsoft has published a detailed profile of a native English-speaking threat actor with advanced social engineering capabilities it tracks as Octo Tempest, that targets companies in data extortion and ransomware attacks. Microsoft says that Octo Tempest also used direct physical threats in some cases to obtain logins that would advance their attack.

Microsoft plans to more than double its cloud computing capacity in Australia over the next two years and expand its support for critical national cyber security and technology skills priorities. Fast-growing demand for cloud computing services across Australia has seen Microsoft announce the injection of AU $5 billion into the market, in a move it says will support Australia's ability to seize the economic and productivity advantages of artificial intelligence.

The prolific threat actor known as Scattered Spider has been observed impersonating newly hired employees in targeted firms as a ploy to blend into normal on-hire processes and takeover accounts...

Microsoft is testing support for the Discovery of Network-designated Resolvers internet standard, which enables automated client-side discovery of encrypted DNS servers on local area networks. Without DNR support, users must manually enter the info of encrypted DNS servers on their local area network within the network settings.

About Bruce Schneier I am a public-interest technologist, working at the intersection of security, technology, and people. I've been writing about security issues on my blog since 2004, and in my monthly newsletter since 1998.

Copilotization of all things continues... as helper offers incident reports to share with the boss and more Microsoft is opening up the early access program for its flagship cybersecurity AI...

"Security Copilot is an AI assistant for security teams that builds on the latest in large language models and harnesses Microsoft's security expertise and global threat intelligence to help security teams outpace their adversaries," said Vasu Jakkal, corporate vice president, security, compliance, identity, and management at Microsoft. Available in private preview since March 2023, Security Copilot allows security analysts to submit prompts in natural language, much like ChatGPT, to get actionable responses and simplify threat hunting.

Microsoft announced this week that its ChatGPT-like Security Copilot AI assistant is now available in early access for some customers.Security Copilot, Redmond's AI-driven security analysis tool, makes it faster for security teams to counter threats using Microsoft's global threat intelligence expertise and the latest large language models.