Security News

Microsoft has introduced Microsoft Incident Response Retainer, allowing customers to pre-pay and count on help from Microsoft incident responders before, during and after a cybersecurity crisis.Firms, especially small ones, often don't have dedicated teams that can deal with a cyber incident - they simply don't have the time, resources, or expertise to build an in-house incident response program.

Microsoft on Tuesday unveiled Security Copilot in preview, marking its continued push to embed AI-oriented features in an attempt to offer "End-to-end defense at machine speed and scale."Powered by OpenAI's GPT-4 generative AI and its own security-specific model, it's billed as a security analysis tool that enables cybersecurity analysts to quickly respond to threats, process signals, and assess risk exposure.

Microsoft today announced Security Copilot, a new ChatGPT-like assistant powered by artificial intelligence that takes advantage of Microsoft's threat intelligence footprint to make faster decisions during incident response and to help with threat hunting and security reporting. "Microsoft Security Copilot is an AI-powered security analysis tool that enables analysts to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes," Redmond says.

New York law firm Heidell, Pittoni, Murphy and Bach has agreed to pay $200,000 to settle a data-breach lawsuit related to the now-notorious Hafnium Microsoft Exchange attacks that siphoned sensitive data from victims around the world. New York Attorney General Letitia James, who brought the lawsuit against the lawyers, blamed HPMB's poor data security practices for the privacy breach.

Traditional, well-behaved image viewers, including the very tool you just used to crop the file, would ignore the extra data, but deliberately-coded data recovery or snooping apps might not. The low-level details of the bug were different, not least because Google's app was coded in Java and used Java libraries, while Microsoft's apps are written in C++ and use Windows libraries, but the leaky side-effects were identical.

Microsoft has unveiled a faster and redesigned version of its Microsoft Teams communication and collaboration software that has begun rolling out to Windows users today as a preview release. The company describes the new Teams client as being twice as faster and consuming 50% less memory and up to 70% less disk space when compared to the current app.

Microsoft has unveiled a faster and redesigned version of its Microsoft Teams communication and collaboration software that has begun rolling out to Windows users today as a preview release. The company describes the new Teams client as being twice as faster and consuming 50% less memory and up to 70% less disk space when compared to the current app.

Microsoft has released an out-of-band update to address a privacy-defeating flaw in its screenshot editing tool for Windows 10 and Windows 11. "If you take a screenshot of your bank statement, save it to your desktop, and crop out your account number before saving it to the same location, the cropped image could still contain your account number in a hidden format that could be recovered by someone who has access to the complete image file," Microsoft explains.

Microsoft released an emergency security update for the Windows 10 and Windows 11 Snipping tool to fix the Acropalypse privacy vulnerability. With this bug, both the Google Pixel's Markup Tool and the Windows Snipping Tool were found to be leaving the cropped data within the original file.

Microsoft on Friday shared guidance to help customers discover indicators of compromise associated with a recently patched Outlook vulnerability.Tracked as CVE-2023-23397, the critical flaw relates to a case of privilege escalation that could be exploited to steal NT Lan Manager hashes and stage a relay attack without requiring any user interaction.