CrowdStrike | Endpoint & Cloud Security | Incident Response | Threat Intel | Next-Gen SIEM | Identity Protection
Microsoft continues to start fires and then try to put them out when it comes to security. Again and again there are issues of them failing to protect customers and even themselves. It raises the question: How can you trust a security platform that cannot secure its own business? https://lnkd.in/gmZv9_Y8
Shots fired : https://lnkd.in/e5ZX62Xa Google seems to be taking aim at Microsoft's repeat lapses in product security... Hyperscaler cage match?! Everyone should take note of the U.S. Department of Homeland Security analysis here: " China affiliated group of hackers [have] the capability and intent to compromise identity systems to access sensitive data ... of interest to the Chinese government. [Vendors] must urgently implement these recommendations to protect their customers against this and other persistent and pernicious threats from nation-state actors.” https://lnkd.in/eJArTreu Cage match aside, our team at Gradient agrees with Google that it's not enough for companies to sit on your NIST scores and assume you're ok. You aren't. And your Identity team knows it. Demand more from your vendors! The EU's #CyberResilienceAct (CRA) is going to set precedent for full lifecycle cybersecurity to be a legal obligation for all product vendors. Demand it now from yours.
Business Growth | Business Strategy | Business Development | Technology | Technical Account Manager | Startups Consultant
The importance of having a proper #cybersecurity policy and procedure cannot be overstated. Regularly perform #pentests and #vulnerabilityscanning. Organizations need to keep cyberthreats at the top of their minds. The threat actor did not gain access to customer environments, production systems, source code, or #ai systems, according to Microsoft New regulations implemented by the U.S. Securities and Exchange Commission require publicly-owned companies to disclose #cyberincident. What data did they access? Did you know that 365 iT SOLUTIONS powered by F12.net can offer up to 3 financial guarantees when it comes to cybersecurity, cloud services, and SLA? https://lnkd.in/gYgUXn4g #cio #cto #technology #innovation
Technical Director | Overseeing execution of corporate solution strategy to drive better security in Canada
Another security breach at Microsoft. Similar to US Government entities, some Canadian 🇨🇦 government orgs rely on Microsoft for their security needs such as endpoints or email. Just something to think about - If they can’t keep their own security house in order , how can they be trusted to keep their customers secure? 🤔 https://lnkd.in/geWYBAta
Stealth MFA - Frictionless Identity Security - No more passwords - Stop ALL forms of account takeover
The mandates are coming, the mandates are coming! That's because we're literally at cyberwar with nation-state actors. The current identity security strategy is broken along with the tools that support it, that's why we keep getting breached. We are all patriots in this fight. What are you doing about it? The Gradient end-user experience is a pleasure with one click and you're in, REAL passwordless all while being rooted to the hardware of the device down to the silicon level. With short-lived sessions and tokens, and credentials tied to the devices, you have stopped account takeover, phishing, MFA flooding, adversary in the middle, PW stuffing, and ID stealing malware. Let's talk about it before it's too real. #cybersecurity #identitysecurity #USA
Shots fired : https://lnkd.in/e5ZX62Xa Google seems to be taking aim at Microsoft's repeat lapses in product security... Hyperscaler cage match?! Everyone should take note of the U.S. Department of Homeland Security analysis here: " China affiliated group of hackers [have] the capability and intent to compromise identity systems to access sensitive data ... of interest to the Chinese government. [Vendors] must urgently implement these recommendations to protect their customers against this and other persistent and pernicious threats from nation-state actors.” https://lnkd.in/eJArTreu Cage match aside, our team at Gradient agrees with Google that it's not enough for companies to sit on your NIST scores and assume you're ok. You aren't. And your Identity team knows it. Demand more from your vendors! The EU's #CyberResilienceAct (CRA) is going to set precedent for full lifecycle cybersecurity to be a legal obligation for all product vendors. Demand it now from yours.
Our latest InfoSec, Tech, & Business Newsletter In this weeks news and insights ↴ • Microsoft Issues Security Update Fixing 118 Flaws, Two Actively Exploited in the Wild • Do I Pay the Ransom? Insights from an Incident Responder • China's Salt Typhoon Hacked AT&T, Verizon • Social Media Accounts: The Weak Link in Organizational SaaS Security And more... View in browser → https://lnkd.in/e-P9yuqA --- 🛡️ Outsmart threats with SecurIT360 - our security specialists and around-the-clock monitoring keep you one step ahead.
Uncensored screenshots every 5 seconds up to 150GB. How many misconfigurations could lead to someone getting into that treasure trove? How many zero days does Microsoft pay for in its own software to fix (hint: zero to not many) Next time you have your password manager up make sure it’s closed within 4 seconds. Are you ready? 1, 2, 3, 4, Capture! It’s already been shown you don’t need admin privledges to hack into the Microsoft Recall file. Dumpster fire is a kind term for this “feature”
As the security backlash has grown against Microsoft's Recall feature, it at least seemed the screenshots it silently takes every 5 seconds are stored such that a hacker would need administrator privileges to access them. Turns out even that safeguard is easily bypassed. “As it stands now, it’s a security dumpster fire,” says former NSA hacker and VP of R&D at Hunter Strategy Jacob Williams. “This is one of the scariest things I’ve ever seen from an enterprise security standpoint.”
Cybersecurity Trusted Advisor | Cybersecurity Lead Trainer | Qmulos Partner | Resecurity Partner | Splunk Partner | Tanium Influencer
If Microsoft doesn't prioritize enterprise security investments and rigorous risk management, it may be time to be proactive and understand your security posture and risks to make informed decisions on your IT security strategy. Contact Donald Wong at donald.o.wong@kpoitconsulting.com to learn about how to get real-time data that consolidates IT security, compliance, and risk management monitoring on a single platform #apac #middleeast #japan #southkorea #australia #cyberdefense #nist #compliance #risk #kpoitconsulting #qmulos #splunk
Partner at Mountain Wave Ventures, Former White House, Dept of Defense, Dept of State, BAH SVP
Wow....kudos to the Administration for finally calling it like it is.... "The CSRB’s review found that the intrusion by Storm-0558, a hacking group assessed to be affiliated with the People’s Republic of China, was preventable. It identified a series of Microsoft operational and strategic decisions that collectively pointed to a corporate culture that deprioritized enterprise security investments and rigorous risk management, at odds with the company’s centrality in the technology ecosystem and the level of trust customers place in the company to protect their data and operations. The Board recommends that Microsoft develop and publicly share a plan with specific timelines to make fundamental, security-focused reforms across the company and its suite of products."
Foreseeing the unhackable future/ founder of operational zero trust 2012 /Third Party Risk Management specialist/CISO/ Supply Chain Protection (NIS2, DORA) | Strategic Planner | Tech Innovator/
#inthemeantime back to BIND? The heart of the matter lies in Microsoft's startling inability to control or manage the security of its DNS records and servers despite issuing CVE-2020-1350 with a CVSS of 10 (critical). In an era where digital threats loom large, such a fundamental lapse in cyber security is nothing short of a dereliction of duty on Microsoft's part.
CEO CIP. Fellow Cyber Theory Institute. Director Fintech & Cyber Security Alliance (FITCA) working with Governments. NAMED AN EXPERT IN INTERNET ASSET & DNS VULNERABILITIES
Microsoft's exposed gaping wounds in its own cyber security armor, admit that a Russia-aligned threat actor, identified as Midnight Blizzard successfully stole emails from key members of its senior leadership team, as well as employees on its cyber security and legal teams. However, the real bombshell lies not in the attribution of the attack but Microsoft's own startling admission of its woefully inadequate security measures. Microsoft's pinning the blame on Russia for the breach may serve as a convenient smokescreen, obscuring their own lapses in safeguarding sensitive information. The common thread linking Microsoft and the 2020 SolarWinds breach is not just geopolitical intrigue; it is the stark vulnerability of both to DNS tampering and abuse that Microsoft manage. Both Microsoft and SolarWinds rely on Microsoft Servers, and both have been, and evidently remain, exposed to the perils of DNS tampering. It is disconcerting, if not outright alarming, that a significant percentage of cyber-attacked companies find themselves ensnared in Microsoft's web. The disclosure that Microsoft's own executives and cyber security teams fell victim to email ex-filtration sends klaxons echoing not only within the company's Redmond headquarters but should resonate as a chilling wake-up call for every Microsoft client worldwide including Governments and Military. The heart of the matter lies in Microsoft's startling inability to control or manage the security of its DNS records and servers despite issuing CVE-2020-1350 with a CVSS of 10 (critical). In an era where digital threats loom large, such a fundamental lapse in cyber security is nothing short of a dereliction of duty on Microsoft's part. The very foundation of the digital fortress that millions of organizations entrust is crumbling, exposing a vast array of critical data to malicious actors. Microsoft's rush to attribute the breach to Russia conveniently deflects attention from its own systemic failures. Instead of acknowledging its shortcomings and fortifying its defenses, Microsoft seems content to point its fingers and lay blame elsewhere. This is not just a breach; it is a damning indictment of a tech giant that, despite its prominence, has fallen woefully short in securing its own house. Every Microsoft client is unwittingly caught in the crossfire, grappling with the consequences of a provider that has failed to uphold the basic tenets of cyber security. It is high time for Microsoft and its clients to recognize the urgent need for a robust and impregnable security infrastructure, free from the specter of DNS vulnerabilities. Whilst blaming Russia may provide a convenient narrative, the real villain in this saga is the company entrusted with safeguarding digital fortresses but seemingly unable to fortify its own. Satya Nadella Brad Smith Tom Burt Ann Johnson #WhitethornShield #Microsoft #CISA #NSA #GCHQ
This misery cannot be pointed out often enough. Microsoft has a very high level of responsibility, and it should be a matter of course that it is handled conscientiously. Instead, new functions are added instead of securing the existing things in the long term, which is negligent. As long as this is not fundamentally and sustainably changed to a "security first" approach, further disasters are just around the corner. Have this in mind. Be aware. Stay secured. #microsoft #security https://lnkd.in/eFd3HVrZ
A reappearance for the, 'it's safe because you need admin rights to do it' defence, followed immediately by stories of easy bypassing of this control. As the pushback against Recall continues to grow it's critical to remember that even in 2024 many users are still running with Admin rights on their workstation. At CyberArk we regularly hear about the operational challenges of removing admin rights from the likes of IT and Dev teams. Least Privilege on these workstations is a genuine challenge, so it's concerning to think about what might be available to a threat actor able to access the screen grabs of a Developer or IT Admin's day to day activities. #leastprivilege #Recall #developersecurity
As the security backlash has grown against Microsoft's Recall feature, it at least seemed the screenshots it silently takes every 5 seconds are stored such that a hacker would need administrator privileges to access them. Turns out even that safeguard is easily bypassed. “As it stands now, it’s a security dumpster fire,” says former NSA hacker and VP of R&D at Hunter Strategy Jacob Williams. “This is one of the scariest things I’ve ever seen from an enterprise security standpoint.”
Partner at Mountain Wave Ventures, Former White House, Dept of Defense, Dept of State, BAH SVP
I recently wrote an op-ed for The Hill urging the Administration to address Microsoft’s security failures and look at measures, including the use of DoJ’s Cyber Civil Fraud Initiative, to compel a change in Microsoft’s behavior. The feedback I’ve received is interesting. There’s the usual “what did you expect, he works for the competition” bleating, but that’s missing the point. I also work for companies that partner with Microsoft and they share the exact same exasperation over Microsoft’s attitude toward security. They need Microsoft to do better; otherwise they are vulnerable, as well. All software vendors need to raise their game on security, but as long as Microsoft is the dominant provider to the USG, they have an outsized responsibility that they are not fulfilling….and it puts our nation at risk... https://lnkd.in/eyaa29BY
