Microsoft | Breaking Cybersecurity News | The Hacker News

After a number of controversial data mining features and privacy invasions within Microsoft's newest operating system, Microsoft finally broke the ice, almost two months since the launch of Windows 10. Microsoft has finally responded to the growing privacy concerns around its new operating system to regain the trust of the users who are concerned about their online privacy related to Windows 10. In a blog post published Monday, Windows chief Terry Myerson describes three ways in which Windows 10 collects and uses its users data – although he did admit that the OS does regularly phone home by default. 1. Data used for Safety and Reliability Data This data includes anonymous device ID, device type and crash logs. It does not contain any content or files from your computer that directly identifies you. What else? Myerson claims that everything Microsoft collects is " encrypted in transit to [its] servers and then stored in secure facilities. " The

Sit Tight on your seats, because you're gonna get a Shock. Microsoft has developed an Operating System powered by LINUX. Close your mouth first. It's True! Microsoft has built its own Linux-based operating system called Azure Cloud Switch (ACS ) and believe me, under Satya Nadella, Microsoft has become more open than ever. According to the announcement made through an official blog post on Microsoft website, Azure Cloud Switch (ACS) describes as "cross-platform modular operating system for data center networking built on Linux." or Simply, " Commodity switch software stack for data center networks". The Purpose of developing Linux-based Azure Cloud Switch (ACS) operating system at Microsoft is to make it simpler to control the hardware from multiple vendors ( such as Switches ) that powers their cloud-based services. And here's the Kicker: "Running on Linux, ACS [Azure Cloud Switch] is able to make use of its vibrant eco

It comes as no surprise that today's cyber threats are orders of magnitude more complex than those of the past. And the ever-evolving tactics that attackers use demand the adoption of better, more holistic and consolidated ways to meet this non-stop challenge. Security teams constantly look for ways to reduce risk while improving security posture, but many approaches offer piecemeal solutions – zeroing in on one particular element of the evolving threat landscape challenge – missing the forest for the trees.  In the last few years, Exposure Management has become known as a comprehensive way of reigning in the chaos, giving organizations a true fighting chance to reduce risk and improve posture. In this article I'll cover what Exposure Management is, how it stacks up against some alternative approaches and why building an Exposure Management program should be on  your 2024 to-do list. What is Exposure Management?  Exposure Management is the systematic identification, evaluation,

Microsoft wholeheartedly wants you to upgrade to Windows 10. So much that even if you have not opted-in for Windows 10 upgrade, you will get it the other way. Surprised? If you have Windows Update enabled on your PCs running Windows 7 or Windows 8.1, you'll notice a large file — between 3.5GB and 6GB — mysteriously been downloaded to your computer in the background. The huge file is actually linked to Windows 10 installation that Microsoft is reportedly downloading on Windows 7 and Windows 8.1 computers even if users have not opted into the upgrade. The news comes days after it was disclosed that Microsoft is installing Windows 10's data collecting and user behavior tracking features onto Windows 7 and 8.1 machines. With this latest automatic Windows 10 installation, Microsoft is not only consuming your storage space but also using your Internet bandwidth for unrequested files, as the Windows 10 installer downloads up to 6 gigabytes, depending on which Wind

Earlier this year, Microsoft had announced to bring its Office 2016 soon to the world. Also, Office 2016 software version for Mac was released in July 2015. Now speculations gearing up are hinting towards a final release date of Office 2016 for Windows as 22nd September 2015. Though, for Window users it may not be quite a change, because in the new Office suite as compared to its predecessor Office 2013 no such major improvements are visible. Office 2016 for Windows is supposedly debuting in less than a month away and will be available for home and professional users initially. Improvements in Office 2016 Office 2016 is going to be more colorful, with bright and dark colored theme options. Also, this time Microsoft has made it pretty clear that people are required to have Office 365 subscriptions because this time Microsoft is going to send new updates of Office along with the updates of Office 365. Mostly, modifications are done in the Outlook applicat

At its Build developers conference in April this year, Microsoft announced " Project Islandwood " - the " Windows Bridge for iOS " that lets iOS and Android developers port their apps to Windows. Microsoft finally made another surprise move on Thursday by open sourcing an early version of its toolkit for iOS to help iOS developers move their apps more easily to Windows 10. The source code for an early preview of " Windows Bridge for iOS " is now available on GitHub under the MIT open-source license. By releasing the preview of iOS Bridge, Microsoft wants the open-source community to contribute code, comments, testing, vulnerability reports, before the company launch the final version later this fall. iOS Toolkit for Building Windows 10 Apps The iOS Bridge enables developers to create apps that work with both Windows 8.1 and Windows 10 operating systems. Currently, Microsoft only targets the standard X86 and X64 processor archi

Sometimes, instead of black and white we tend to look out, how a grey would look? Yes, today we are going to discuss the 'entangling' or 'superpositioning' which is a power packed functionality of quantum computers. And simultaneously, how can they pose a threat when fully launched in the world. Superposition is a state in which a system can be in multiple stages i.e. it can be 'up' and 'down' at the same time. The Quantum systems can hit different modules of a problem simultaneously, split across possible versions of the universe. What are Quantum Computers? Quantum computers are going to be the next huge development in computing for processing data, with an ability to perform calculations thousands of times faster than today's modern supercomputers. Quantum computing is not well suited for tasks such as word processing and email, but it is ideal for tasks such as cryptography, modeling and indexing enormous databases. A quantum computer can compute in min

How many Zero-Days do you think could hit Microsoft today? Neither one nor two; this times its Four. The Hewlett-Packard's Zero-Day Initiative (ZDI) has disclosed four new zero-day vulnerabilities in Microsoft's Internet Explorer browser that could be exploited to remotely execute malicious code on victim's machine. All the four zero-days originally were reported to Microsoft, affecting Internet Explorer on the desktop. However, later it was discovered that the zero-day vulnerabilities affected Internet Explorer Mobile on Windows Phones as well. Each of the four zero-day flaws affects different components of the browser, and all are remotely exploitable through typical drive-by attacks. Four Zero-day vulnerabilities Disclosed by ZDI Here are the zero-day vulnerabilities, as reported by ZDI: ZDI-15-359: AddRow Out-Of-Bounds Memory Access Vulnerability ZDI-15-360: Use-After-Free Remote Code Execution Vulnerability ZDI-15-361: Use-After-Free Rem

Windows 10 is all set to launch on July 29 and will also be available on USB drives for purchase in retail channels. So, if you are planning to install Windows 10 Home , one thing you must keep in your mind – You wish or not, the software updates for Microsoft's new operating system will be mandatory. Microsoft is planning to make a significant change to its software update policy by " removing the option to DISABLE software updates in Windows 10 Home ". This clearly indicates that all users of Windows operating system must agree to allow Microsoft to install software updates automatically. In Windows 8.1 , users get four options for Windows Update's behavior, which include: Download and Install Windows Updates Automatically Download Windows Updates automatically but Choose when to Install them Check for Updates but Choose when to Download and Install them Never check for, Download, or Install Updates From a Security point of view, the last

Until now Unix and Linux system administrators have to download a third-party SSH client software like Putty on their Windows machines to securely manage their machines and servers remotely through Secure Shell protocol or Shell Session (better known as SSH ). This might have always been an awkward feature of Windows platform, as it lacks both – a native SSH client software for connecting to Linux machines, and an SSH server to support inbound connections from Linux machines. But… Believe it or not: You don't need to deal with any third-party SSH client now, as Microsoft is working on supporting OpenSSH. Yes, Microsoft has finally decided to bring OpenSSH client and server to Windows. The PowerShell team at Microsoft has announced that the company is going to support and contribute to OpenSSH community in an effort to deliver better SSH support in the PowerShell and Windows SSH software solutions. So, the upcoming version of Windows PowerShell – the co

Microsoft just announced in its Ignite 2015 conference in Chicago that Windows 10 is set to be " the last version of Windows. " "Right now [we are] releasing Windows 10, and because Windows 10 is the last version of Windows, [we are] all still working on Windows 10," said Microsoft's developer evangelist Jerry Nixon while speaking at the conference this week. What exactly does it mean? Will Microsoft not launch Windows 11 next? Is Windows 10 actually the end of Microsoft's Windows operating system? These are some questions that were ongoing in the mind of the audience when Nixon gave this statement during his speech. The reaction from Microsoft was really alarming though you do not have to panic, as Windows OS is not dying. Windows 10 — Brand Name of Microsoft's OS For the moment, Microsoft will stick with Windows 10 and focus on smaller and faster updates to its Windows 10 platform, instead of launching new stand-alone ve

If you're a bug hunter and love playing with codes than you could grab as much as US$15,000 from Microsoft for finding out vulnerabilities in its latest Project Spartan browser . Yes, $15,000! It seems like Redmond don't want to take a chance to let hackers and cyber criminals get their hands on the company's latest Windows 10 operating system. On Wednesday, Microsoft announced that the company will be expanding its bug bounty program ahead of the release of Windows 10, which will include a two-month hunt for vulnerabilities in its new web browser, Project Spartan. So, it's time for security researchers and hackers to earn extra cash from Microsoft. For those who are unaware… What's Project Spartan? Project Spartan is Microsoft's project for its new web browser to replace the oldest Internet Explorer from its Windows operating system. Though the project is still very much under the developmental stage, Microsoft is making every effort to make Spartan

Microsoft just issued a critical patch to fix a 15-year-old vulnerability that could be exploited by hackers to remotely hijack users' PCs running all supported versions of Windows operating system . The critical vulnerability — named " JASBUG " by the researcher who reported the flaw — is due to a flaw in the fundamental design of Windows that took Microsoft more than 12 months to release a fix. However, the flaw is still unpatched in Windows Server 2003, leaving the version wide open to the hackers for the remaining five months. HACKERS CAN EASILY HIJACK YOUR WINDOWS MACHINE The vulnerability ( CVE-2015-0008 ) could allow an attacker to easily hijack a domain-configured Windows system if it is connected to a malicious network – wirelessly or wired, giving attacker consent to do various tasks including, to go forth and install programs; delete, alter or peruse users' data; or to create new accounts with full user rights. However, Jasbug vulnerability do not affects h

On January 13, 2015, Microsoft's mainstream support for Windows 7 Service Pack (SP) 1 ended, which means the end of free Windows 7's " mainstream support " period, with the operating system now entering "extended support." Many people are still running the aging Windows XP as well as Windows 7. Microsoft already ended its support for Windows XP officially about a year ago on April 8, 2014, and now the company found Windows 7 an old and cranky OS. END OF MAINSTREAM SUPPORT FOR WINDOWS 7 BUT NO WORRIES UNTIL 2020 However, it doesn't mean that the tech giant is going to automatically stop or break your operating system, but it does mean that the company will no longer offer free help and support in case you have any problem with your Windows 7 software. No new features will be added either. Windows 7 is still supported by the company and will continue to receive security updates for at least another five years, i.e. until Jan. 14, 2020. By

A new Spam email campaign making the rounds in Germany are delivering a new variant of a powerful banking malware , a financial threat designed to steal users' online banking credentials, according to security researchers from Microsoft. The malware, identified as Emotet , was first spotted last June by security vendors at Trend Micro. The most standout features of Emotet is its network sniffing ability , which enables it to capture data sent over secured HTTPS connections by hooking into eight network APIs, according to Trend Micro. Microsoft has been monitoring a new variant of Emotet banking malware , Trojan:Win32/Emotet.C , since November last year. This new variant was sent out as part of a spam email campaign that peaked in November. Emotet has been distributed through spam messages, which either contain a link to a website hosting the malware or a PDF document icon that is actually the malware. HeungSoo Kang of Microsoft's Malware Protection Center identifi

Last week Microsoft released its Advance Notification for the month of December 2014 Patch Tuesday Updates, and finally today released a total of seven security bulletins, which will address several vulnerabilities in its products, out of which three are marked 'critical' and rest are 'important' in severity. Last month after a big pile of security patches , the company released an an unusual emergency patch to fix a critical vulnerability in Microsoft Windows Kerberos KBC, authentication system used by default in the operating system, that cybercriminals exploited to compromise whole networks of computers. The three critical bulletins affect Internet Explorer, Office and Windows. All the versions of Microsoft Internet Explorer (IE) are affected except Server Core, which does not include IE. The critical zero-day IE vulnerability (CVE-2014-8967) was discovered by security researcher Arthur Gerkis of Zero Day Initiative (ZDI) in June this year. By explo

This week Microsoft announced the next version of its Operating system, dubbed WIndows 10, providing Windows 10 Technical Preview release under its " Insider Program " in order to collect feedback from users and help shape the final version of the operating system, but something really went WRONG! " Inside Microsoft's Insider Program you'll get all the latest Windows preview builds as soon as they're available. In return, we want to know what you think. You'll get an easy-to-use app to give us your feedback, which will help guide us along the way ." Microsoft website reads . Well, how many of you actually read the " Terms of Service " and " Privacy Policy " documents before downloading the Preview release of Windows 10? I guess none of you, because most computer users have habit of ignoring that lengthy paragraphs and simply click " I Agree " and then " next ", which is not at all a good practise. Also Read:   Deep Web Search Engines .

Microsoft today reissued a security update for Windows to the faulty update that previously caused PCs to suffer Blue Screens of Death (BSoD) . The new security update comes almost two weeks after reports emerged that the dodgy update crippled users' computers with the infamous "Blue Screens of Death." The company later advised people to uninstall the update, but now it has fixed the issue. " This month we had our first roll out with additional non-security updates. A small number of customers experienced problems with a few of the updates ," Tracey Pretorius, director of Microsoft Trustworthy Computing, wrote in a blog post .   " As soon as we became aware of some problems, we began a review and then immediately pulled the problematic updates, making these available to download. We then began working on a plan to re-release the affected updates." The offending Microsoft patch identified as MS14-045 , fixes Windows kernel vulnerabilities in 47 of Micro

Today Microsoft has released its Advance Notification for the month of August 2014 Patch Tuesday Updates releasing a total of nine security Bulletins, which will address several vulnerabilities in its products, out of which two are marked critical and rest are important in severity. The latest updates, which is set to arrive on August 12, will address two critical bugs affect Internet Explorer and Windows with seven other issues rated as important. The vulnerabilities in the company's products range from remote code execution to protection bypasses. Both of the critical fixes will address remote-code execution flaws. The critical Windows update affects only business and professional editions of Windows 7 and Windows 8. Whereas, the Internet Explorer update affects all versions of Windows on all supported platforms. The remaining seven updates affect its various products, including Windows, Office, SQL Server, the .NET Framework and SharePoint Server 2013. There wi

Beginning of the new month, Get Ready for Microsoft Patch Tuesday! Microsoft has released its Advance Notification for the month of July 2014 Patch Tuesday releasing six security Bulletins, which will address a total of six vulnerabilities in its products, out of which two are marked critical, one is rated moderate and rest are important in severity. All six vulnerabilities are important for you to patch, as the flaws are affecting various Microsoft software, including Microsoft Windows, Microsoft Server Software and Internet Explorer, with the critical ones targeting Internet Explorer and Windows. Microsoft is also providing an update for the " Microsoft Service Bus for Windows Server " which is rated moderate for a Denial of Service (DoS) flaw. " At first glance it looks like Microsoft may be taking it easy on us this month, which would be nice since we will be coming off a long holiday weekend here in the U.S."  Chris Goettl from IT Security firm