Windows Total Cost of Ownership Stories
-
Stephen Hackett ☛ Researcher: Windows 11 Recall a ‘Disaster’
Windows 11’s Recall feature has garnered a lot of attention since being announced, and much of that has focused on the potential privacy implications of software that basically tracks everything you do on your PC.
Cybersecurity expert Kevin Beaumont has taken a look at the feature, and uhhhhhh: [...]
-
Kevin Beaumont ☛ Stealing everything you’ve ever typed or viewed on your own Windows PC is now possible with two lines of code — inside the Copilot+ Recall disaster. | by Kevin Beaumont | May, 2024 | DoublePulsar
I wrote a piece recently about Copilot+ Recall, a new Microsoft Windows 11 feature which — in the words of Microsoft CEO Satya Nadella- takes “screenshots” of your PC constantly, and makes it into an instantly searchable database of everything you’ve ever seen. As he says, it is photographic memory of your PC life.
I got ahold of the Copilot+ software and got it working on a system without an NPU about a week ago, and I’ve been exploring how this works in practice, so we’ll have a look into it that shortly. First, I want to look at how this feature was received as I think it is important to understand the context.
-
Scoop News Group ☛ Ransomware saw a resurgence in 2023, Mandiant reports
Researchers with the Google-owned firm said on Monday that they saw 50 new ransomware variants in 2023, with about a third branching off of existing malware. The report highlights the pervasiveness of the problem and the difficulties in slowing down cyber extortion. Even with the attention of the White House, a call-out in the national cybersecurity plan and increasingly aggressive law enforcement operations against them, cybercriminals made more than $1 billion from victim ransom payments last year.
Hospitals and the health care sector in particular have seen networks decimated, the report noted. Ascension, one of the nation’s largest health care systems, with 140 hospitals across 19 states, was impacted last month by the Black Basta ransomware variant, and the ongoing outage may be putting lives at risk.
-
Scoop News Group ☛ ONCD report: ‘Fundamental transformation’ in cyber, tech drove 2023 risks
The first-ever “Report on the Cybersecurity Posture of the United States,” required as part of the law that established Coker’s office, also identified the top trends of 2023 as evolving critical infrastructure risks, ransomware, supply chain exploitation, commercial spyware and artificial intelligence.
And it detailed progress on efforts to implement the Biden administration’s national cybersecurity strategy published last year, with the office deeming 33 of 36 initiatives completed on time under the administration’s implementation plan and another 33 with deadlines still to come.
-
USA ☛ 2024 Report on the Cybersecurity Posture of the United States (May 2024) [PDF]
The United States is working with like-minded allies and partners to ensure that the digital world reflects and reinforces our shared democratic values. Countries around the world are seeking to advance an affirmative, human rights-respecting vision of technology’s benefits, while simultaneously working to counter the misuse of technology and the rise of digital authoritarianism.
To meet this challenge, the 2023 and 2024 Summits for Democracy highlighted the commitment of the United States and over 70 countries to advancing an affirmative vision of an open, free, global, interoperable, reliable, accessible, and secure Internet; combatting the proliferation and misuse of digital technologies like commercial spyware; and shaping emerging technologies to align with democratic values and human rights. Many of those countries work alongside the United States to support Internet freedom and protect human rights worldwide through the reedom Online Coalition. In 2023, the United States assumed the chair of the Freedom Online Coalition and strengthened the coalition’s work to shape the standards and norms that underpin Internet freedom.
CISA launched the High Risk Community Protection Initiative to partner with communities who are at heightened risk of advanced persistent threat targeting and have limited capacity to provide for their own defense. CISA has partnered with civil society organizations and technology companies to develop resources which advance the cybersecurity of civil society. Through the Strategic Dialogue on Cybersecurity of Civil Society Under Threat of Transnational Repression, CISA has worked with stakeholders in the United Kingdom, Australia, Canada, Denmark, Estonia, France, Japan, New Zealand, and Norway to advance global efforts to strengthen the cybersecurity of civil society and improve its resilience to transnational repression.
-
The Record ☛ Cyberattack on telecom giant Frontier claimed by RansomHub
On Saturday, the RansomHub operation posted Frontier Communications to its leak site claiming to have the sensitive information of more than 2 million people. The group claimed it spent more than two months attempting to extort the company but never got a response.
Frontier did not respond to requests for comment but reported a cyber incident to the U.S. Securities and Exchange Commission (SEC) in April.
-
Cyble Inc ☛ China Increasingly Targeting Canadians With Cyber Operations
Government of Canada networks have been compromised multiple times by Chinese actors, the Cyber Centre said. With all known compromises addressed, Chinese cyber threat actors still frequently conduct reconnaissance against federal networks, and other government organizations should be aware of the espionage risk.
-
Google ☛ Ransomware Rebounds: Extortion Threat Surges in 2023, Attackers Rely on Publicly Available and Legitimate Tools
Actors engaged in the post-compromise deployment of ransomware continue to predominately rely on commercially available and legitimate tools to facilitate their intrusion operations. Notably, we continue to observe a decline in the use of Cobalt Strike BEACON, and a corresponding increase in the use of legitimate remote access tools.
In almost one third of incidents, ransomware was deployed within 48 hours of initial attacker access. Seventy-six percent (76%) of ransomware deployments took place outside of work hours, with the majority occurring in the early morning.
-
The Record ☛ Resilience isn't enough, NATO must be 'proactive' for cyberdefense, warns official
This proactive approach Lifländer endorsed stands in contrast to the strategy of resilience — making it harder for an adversary to compromise the targeted systems and to recover with minimal disruption if a compromise does occur — which is failing to shape adversaries' behavior, the senior NATO official said.
This failure did not mean that resilience wasn't important, added Lifländer at the International Conference on Cyber Conflict (CyCon) in Estonia: “Let me be very honest, when I look at what's happening, quite often it is not the zero-day vulnerabilities that people are using in order to get what they want. The basics need to be done, so resilience is important.
-
The Record ☛ Germany's main opposition party hit by ‘serious’ cyberattack
The CDU said in a separate statement that it has taken down and isolated parts of its IT infrastructure as a precautionary measure, several German media reported. The party’s website is up and running as of the time of writing.
All parties in the German Bundestag were warned about the attack, BMI said. Anonymous sources inside the government told the German news website Der Spiegel that they are taking this incident “very seriously.”
-
Reuters ☛ Germany's Christian Democratic party hit by 'serious' cyberattack
Germany's Christian Democratic Union (CDU), the country's leading opposition party, has been hit by a major cyberattack and has taken parts of its IT-infrastructure off the grid as a precautionary measure, authorities said on Saturday. "There was a serious cyber attack on the CDU network," Germany's Interior Ministry said in a statement, adding security authorities were working intensively to fend off and investigate the attack, and prevent further damage.