Windows 11 to Deprecate NTLM, Add AI-Powered App Controls and Security Defenses

May 21, 2024 at 06:09AM Microsoft is implementing new security measures for Windows 11, including deprecating NT LAN Manager (NTLM) in favor of Kerberos for authentication. Other changes involve enhancing user authentication, securing Windows Hello with virtualization-based security, and implementing Smart App Control with AI capabilities. These measures aim to strengthen overall security and counter … Read more

Microsoft’s Brad Smith summoned by Homeland Security committee over ‘cascade’ of infosec failures

May 10, 2024 at 11:09AM The US government plans for Microsoft’s Brad Smith to testify before a House committee regarding the company’s recent cybersecurity failures. This follows scrutiny over the June 2023 attack on Microsoft Exchange and a subsequent breach by Russia’s Midnight Blizzard crew. Microsoft has pledged significant changes and introduced the Secure Future … Read more

Microsoft Will Hold Executives Accountable for Cybersecurity

May 8, 2024 at 09:05AM Microsoft is making organizational changes and holding senior leadership directly accountable for cybersecurity, with plans to bolster security across its products and services. The EVP of security announced measures to instill accountability, elevate security governance, and implement specific security goals under the Secure Future Initiative. These efforts aim to enhance … Read more

Microsoft Overhauls Cybersecurity Strategy After Scathing CSRB Report

May 3, 2024 at 02:09PM Microsoft’s security chief, Charlie Bell, pledges radical reforms in response to scathing US government report. The strategic shift prioritizes security above all product features. Plans include adding Deputy CISOs to product teams, linking leaders’ pay to security progress, and initiating security-themed “engineering waves” across various divisions. The initiative aims to … Read more

Microsoft’s Security Chickens Have Come Home to Roost

April 4, 2024 at 06:18AM The US government criticized Microsoft’s cybersecurity practices and corporate culture, highlighting laxity and untruthfulness. The company prioritized commercial interests over cybersecurity, leading to avoidable security breaches. The government’s Cyber Safety Review Board called for fundamental reforms and more stringent security measures. The report emphasizes the critical role of Microsoft’s technologies … Read more

After Major Cloud Hacks, Microsoft Unveils ‘Secure Future Initiative’

November 4, 2023 at 12:30PM Microsoft is launching a new ‘Secure Future Initiative’ to address recent hacks and improve security. The initiative includes faster cloud patches, better management of identity signing keys, and shipping software with a higher default security level. Microsoft plans to revamp the Software Development Lifecycle (SDL) and use AI to automate … Read more

The Week in Ransomware – November 3rd 2023 – Hive’s Back

November 3, 2023 at 05:10PM Ransomware attacks have been on the rise recently, with various organizations falling victim, including the Toronto Public Library, ACE Hardware, Mr. Cooper, and the British Library. In response, a coalition of 40 countries will pledge to stop paying ransom demands. Microsoft also commits to enhancing security through its ‘Secure Future’ … Read more

Microsoft pins hopes on AI once again – this time to patch up Swiss cheese security

November 3, 2023 at 12:11PM Microsoft is launching a new initiative called the Secure Future Initiative (SFI) to enhance the security of its software and cloud services. The SFI focuses on three key pillars, including the increased use of AI in security operations and products, an update of software engineering practices leveraging AI, and ensuring … Read more