Posts

An advisory by NHS Digital says that an ‘unknown threat group’ is attempting to exploit a Log4j vulnerability (CVE-2021-44228) in VMware Horizon servers to establish web shells that could be used to distribute malware and ransomware, steal sensitive information, and complete other malicious attacks. It’s unclear if the warning has been issued because attacks targeting NHS systems have been detected, or if the advisory has been released as a general precaution because of the ongoing problem of the critical security vulnerability in Java logging library Apache Log4j that was disclosed in December....

Also: Most workers want to quit. You might be surprised why Thirty-nine percent of 319 project managers responding to a survey by Capterra finds those managers who use low-code/no-code approaches for software development say their top challenge is the lack of talent to effectively perform the changes (39%). At the same time, those who aren’t using low-code/no-code approaches say their top reason is a lack of personnel/talent to effectively perform the changes (39%)....

The Connect event is not a new concept, with the first one dating back to 2014 when Facebook acquired Oculus. The event was originally called Oculus Connect, then rebranded to Facebook Connect, and finally to what we have today – Meta Connect. These events take an in-depth look at the future of AR and VR with insight from industry leaders and discussions. The website currently says more information and speaker details are coming soon....

“We have received requests from a number of governments and the EU to take further steps in relation to Russian state-controlled media,” Meta VP global affairs Nick Clegg wrote in a tweet. “Given the exceptional nature of the current situation, we will be restricting access to RT and Sputnik across the EU at this time. “We will continue to work closely with governments on this issue.” The ban is in addition to restrictions the social media giant already had placed on Russian state-media accounts in Ukraine in response to Russia’s invasion into the country, which began five days ago....

The move was announced at the Open Compute Project’s annual conference. Meta, formerly known as Facebook, outlined the following on its open networking gear advances. Wedge 400/400C top-of-rack switches. Meta collaborated with Broadcom and Cisco to deploy two top-of-rack switches called Wedge 400 and 400C. The Wedge 400 uses Broadcom’s Tomahawk 3 ASIC and 400C uses Cisco’s Silicon One. Celestica makes the networking equipment for Meta. Key points: Both switches have more front panel port density for AI and machine learning applications....

The updated policy, formerly referred to as its data policy, now provides examples of what information is collected, and how it is used, shared, retained, and transferred, including with the type of third parties. New controls to manage who can view a post and the topic users want to see ads about has also been included. Meta has also used illustrations, a video, and a table to present the information, instead of relying on a giant wall of text....

Microsoft unveiled the revamp of its Office.com portal and Office app for Windows in November at its Ignite conference and is now ready to show it to customers. Customers should see the new experience after logging in to their Microsoft Account, Microsoft says in a blogpost. The Office app and Office.com web portal are meant to help users quickly switch between Word, OneNote, Excel and and other Office apps to more easily find recently used documents stored on a local machine, in OneDrive, or SharePoint....

RiskIQ said last year that its cybersecurity programs are used by 30% of the Fortune 500 and more than 6,000 total organizations across the world, including the US Postal Service, BMW, Facebook and American Express. In a blog post, Microsoft cloud security vice president Eric Doerr said they were acquiring the company to help customers “build a more comprehensive view of the global threats to their businesses, better understand vulnerable internet-facing assets, and build world-class threat intelligence....

The investment will continue to fund the AI company’s research and help develop technology that is “increasingly safe, useful and powerful,” according to OpenAI. Also: What is ChatGPT and why does it matter? Here’s everything you need to know Microsoft said it will deploy OpenAI’s models across its consumer and enterprise products, and “introduce new categories of digital experiences built on OpenAI’s technology”. Neither company has disclosed the value of the investment, but sources have revealed it will total $10 billion over multiple years, according to Bloomberg....

Microsoft has now paused the Windows 365 trial program until it boosts capacity, according to Scott Manchester, director of program management for Microsoft’s Windows 365 team. The Windows 365 trial was made available this week along with the general availability release of its newest Cloud PC offering, which is based on Azure Virtual Desktop. SEE: Supercomputers are becoming another cloud service. Here’s what it means Microsoft, however, is still inviting interested users in signing up for the trial to be notified when more capacity becomes available....

The screen is big and beautiful. The trackpad is big. The keyboard feels a bit bouncy; as you type the keys almost spring back up, which makes it feel like there’s more travel than there actually is. The keyboard keys are boring grey plastic rather than the metallic look of the Surface Book keyboard, but you may find that higher contrast, especially if you use the keyboard backlight. The camera copes better with the brightness of the window I sit in front of in the office than any other Surface I’ve tried....

Microsoft Translate now supports 103 languages with the addition of 12 languages spoken by 84.6 million people: those languages include Bashkir, Dhivehi, Georgian, Kyrgyz, Macedonian, Mongolian (Cyrillic), Mongolian (Traditional), Tatar, Tibetan, Turkmen, Uyghur, and Uzbek (Latin). Google announced support for 108 languages in Google Translate after a rare update to language support last February, which added Kinyarwanda, Odia, Tatar, Turkmen, and Uyghur to the list. SEE: BYOD security warning: You can’t do everything securely with just personal devices Both companies are using artificial intelligence in their cloud infrastructure to reach different language groups across the world....

Microsoft has called out recent work from the so-called “8220 gang” group, which has recently been spotted exploiting the critical bug affecting Atlassian Confluence Server and Data Center, tracked as CVE-2022-26134. “The group has actively updated its techniques and payloads over the last year. The most recent campaign targets i686 and x86_64 Linux systems and uses RCE exploits for CVE-2022-26134 (Confluence) and CVE-2019-2725 (WebLogic) for initial access,” Microsoft’s Security Intelligence Centre notes....

Microsoft hasn’t seen the attackers use a specific software exploit but all the attacks utilize stolen Active Directory admin account credentials. The ransom note identifies itself as being “Prestige ranusomeware”, according to the the Microsoft Threat Intelligence Center (MSTIC). The ransomware was launched on October 11 and stood out to researchers because it was a rare example in Ukraine of an enterprise-wide ransomware deployment and was distinct from 94 other ransomware gangs Microsoft is tracking....

Missouri’s Office of Administration Information Technology Services Division (OA-ITSD) and the DESE will send out letters to those affected notifying them that their personally identifiable information “may have been compromised during a recent data vulnerability incident.” The situation caused national headlines last month because the governor of the state used the incident to attack The St. Louis Post-Dispatch. Josh Renaud, a reporter from the newspaper, discovered a vulnerability in the certification database that exposed teacher data, notified the DESE, and gave them time to fix it before publishing his story....

It is Naver’s best quarterly performance to date in terms of both sales and operating income. The South Korean company saw growth across the board; its search, commerce, financial services, content, and cloud business units all recorded double-digit growth from a year prior. Naver said local stores increased their usage of its online shopping platform, while its mobile payment service Naver Pay recorded 9.1 trillion won in transactions during the quarter....

The planned acquisitions of ClayOPS, Velocity Business Solutions, and Riley, were part of “strategic reset” earlier this year to transform NCS into a pan-Asia digital and technology service player, the Singapore company said Thursday. Established in 2010, Singapore-based ClayOPS is a data analytics consulting services firm that has local and international customers in various sectors, including healthcare, transport, and property. Velocity Business Solutions operates out of Hong Kong as a data analytics company, offering a range of services that include design and implementation....

Organisations in the last two years had been accelerating their digital transformation and figuring out how to operate in a hybrid work environment, said NetSuite’s founder and executive vice president Evan Goldberg. At the same time, they faced supply chain disruptions and had to look to new geographies to regain resilience, Goldberg said during a briefing with Asia-Pacific media at NetSuite’s SuiteWorld conference in Las Vegas this week. Amidst the need to manage fluctuating costs from a volatile supply chain and support a hybrid workplace, companies had to ensure people had access to the same consistent data regardless of where they were, he said....

The update is available as the Windows 11 Insider Preview Build 22526 for users in the Dev Channel. It doesn’t include any major changes or new features, but Microsoft is experimenting with indexing more file locations to speed up File Explorer for searching for files. It also contains a fix for File Explorer that was causing explorer.exe to crash after using search. And Microsoft has fixed a bug that caused the recent searches flyout to get stuck in the screen....

Aren’t they the same company? Before we get into it, let’s discuss the Nord/Surfshark merger. In early February 2022, Nord Security and Surfshark announced they were merging, making Nord Security the owner of both companies. According to SurfShark’s merger blog post, the companies say they will continue to operate as separate companies, with separate VPN infrastructures. We have no doubt this is true… for now. Merging large infrastructures takes time, and neither player wants to cede performance or position to their competitors due to a botched operational merger....