Gadgets
Microsoft Software Flaw Exploited by Multiple Hacking Groups, Researchers Say
Earlier on Wednesday, for example, Norway’s parliament announced data had been “extracted” in a breach linked to the Microsoft flaws. Germany’s cybersecurity watchdog agency also said on Wednesday two federal authorities had been affected by the hack, although it declined to identify them.
While Microsoft has issued fixes, the sluggish pace of many customers’ updates – which experts attribute in part to the complexity of Exchange’s architecture – means the field remains at least partially open to hackers of all stripes. The patches do not remove any back door access that has already been left on the machines.
In addition, some of the back doors left on compromised machines have passwords that are easily guessed, so that newcomers can take them over.
Microsoft declined comment on the pace of customers’ updates. In previous announcements pertaining to the flaws, the company has emphasized the importance of “patching all affected systems immediately.”
Although the hacking has appeared to be focused on cyber espionage, experts are concerned about the prospect of ransom-seeking cybercriminals taking advantage of the flaws because it could lead to widespread disruption.
ESET’s blog post said there were already signs of cybercriminal exploitation, with one group that specialises in stealing computer resources to mine cryptocurrency breaking in to previously vulnerable Exchange servers to spread its malicious software.
ESET named nine other espionage-focused groups it said were taking advantage of the flaws to break in to targeted networks – several of which other researchers have tied to China. Microsoft has blamed the hack on China. The Chinese government denies any role.
Intriguingly, several of the groups appeared to know about the vulnerability before it was announced by Microsoft on March 2.
Ben Read, a director with cybersecurity company FireEye, said he could not confirm the exact details in the ESET post but said his company had also seen “multiple likely-China groups” using the Microsoft flaws in different waves.
ESET researcher Matthieu Faou said in an email it was “very uncommon” for so many different cyber espionage groups to have access to the same information before it is made public.
He speculated that either the information “somehow leaked” ahead of the Microsoft announcement or it was found by a third party that supplies vulnerability information to cyber spies.
Taiwan-based researchers reported to Microsoft on January 5 that they had found two new flaws which need patching. Those two were among those that began being used by the attackers shortly before or after the friendly report.
They said were investigating whether there had been a theft or leak on their side, since exploitation was discovered in the wild the same week later. So far, the group called Devcore said, they had found no evidence.
Top-flight hackers are also commonly targeted by other hackers. Just this week, Microsoft patched one of the flaws used by suspected North Koreans in attempts to steal information from Western researchers.
But simultaneous discovery happens fairly often, in part because researchers use the same or similar tools to hunt for serious flaws, and many eyes are looking at the same high-value targets.
“It is very likely that some actor groups may have being using these vulnerabilities and led to the result of the attacks being observed by other information security vendors,” Devcore member Bowen Hsu told Reuters.
But the security industry has been abuzz with other theories, including a hack of Microsoft’s systems for tracking bugs, which has happened in the past.
Leave a Reply
Gadgets
Microsoft Partners With Inworld to Bring AI Game Development Tools to Xbox
“At Xbox, we believe that with better tools, creators can make even more extraordinary games,” Haiyan Zhang, GM, Xbox Gaming AI, said in a blog post. “This partnership will bring together: Inworld’s expertise in working with generative AI models for character development, Microsoft’s cutting-edge cloud-based AI solutions including Azure OpenAI Service, Microsoft Research’s technical insights into the future of play, and Team Xbox’s strengths in revolutionizing accessible and responsible creator tools for all developers.”
The aforementioned AI design copilot is a toolset that will help game designers turn prompts into scripts and dialogue trees. In contrast, the character runtime will enable dynamically generated plot beats and quests. We’ve already seen heavy AI integration in games by way of procedural generation — a more recent example being the 1000+ planets in Starfield. Not to mention, enemy AI has been around for way longer.
Inworld made headlines in August when it launched a modded story mode for Grand Theft Auto V, Sentient Streets, in which players had to investigate the rise of a bizarre AI-worshipping cult — a segment loaded with characters that spoke in AI-generated dialogue, on the fly. The mod was later taken down by publisher Take-Two, leaving a permanent strike on the creator Bloc’s YouTube channel. As per The Verge, Inworld’s AI technology can also be used for narration in top-down RPGs to warn players about any events awaiting off-screen and respond to questions like we’ve seen in the past year with AI chatbots like ChatGPT and Bing Chat. Microsoft has also been heavily banking on artificial intelligence, having made a $10 billion (about Rs. 83,254 crore) investment in OpenAI. The company has also integrated AI tools into its popular suite of services and also added an AI copilot to Windows.
Despite being a Microsoft-affiliated AI toolset, it would be interesting to see whether titles using them will be allowed to thrive on other platforms. In July, Valve claimed that it would be cracking down on games that included AI-generated assets if the developer didn’t own the copyright to the piece of art. For the uninitiated, when you insert a prompt to create something in AI, the software simply repurposes existing assets found online and mushes them together — basically stealing from other artists and writers without appropriate commercial licenses. Infringing them would lead to the game not being distributed on Steam, forcing the developers to seek proper licenses for the asset by reaching out to the AI companies involved. It’s unclear how Microsoft’s partnership will play out — as long as AI content is being used as a catalyst to innovate and create something new, it should be fine.
Gadgets
BSNL Offers Free 4G SIM Upgrade: Here’s How to Get It
In a post on X shared by BSNL’s Andhra Pradesh (@bsnl_ap_circle) unit, the company confirmed that BSNL users can upgrade their older 2G or 3G SIMs to a 4G SIM for free. Not only will the upgrade be free, but a promotional image shared with the post suggests that users who opt for the upgrade will also receive 4GB of free data that will be valid for three months. It is speculated that BSNL is aiming to boost its upcoming 4G services with this offer. The announcement was first spotted by Telecom Talk.
To access the free data offer and the free upgrade, BSNL users are requested to get in touch with executives at BSNL’s Customer Service Centre, franchisee or retailer stores, or contact one of their Direct Selling Agents (DSA). The promo image also adds in a finer print that the offer is available with certain terms and conditions, but hasn’t detailed any, so far.
Reliance’s Jio recently launched the 4G-supported Bharat B1 feature phone in India. The handset is priced at Rs. 1,299 in India. Alongside 4G connectivity, the phone comes with JioCinema and JioSaavn applications pre-installed.
The Jio Bharat B1 is equipped with the JioPay application, which is said to allow users to make UPI payments. Aiming to increase accessibility, the phone supports 23 languages overall, including multiple regional languages.
Gadgets
Realme GT 5 Pro Teased to Feature 3,000 Nits Display; More Details Revealed
Realme, via Weibo, announced the arrival of the Realme GT 5 Pro in China. The display of the handset is confirmed to offer 3000 nits peak brightness. It has also been teased to offer heat dissipation with a surface area of around 10,000mm2. It is confirmed to ship with Qualcomm’s new Snapdragon 8 Gen 3 SoC. The post doesn’t specify the exact launch date of the smartphone, however, given the release of the teasers, the launch could be just around the corner.
The Realme GT 5 Pro has been in the news a lot lately. It is expected to feature a 6.78-inch (1,264×2,780 pixels) AMOLED display and is tipped to come in 8GB, 12GB, and 16GB RAM options along with 128GB, 256GB, 512GB, and 1TB inbuilt storage options.
For optics, the Realme GT 5 Pro is said to have a triple rear camera unit comprising two 50-megapixel sensors and an 8-megapixel shooter at the rear. The camera setup might include a Sony LYTIA LYT808 sensor, an OmniVision OV08D10 secondary sensor, and a Sony IMX890 telephoto sensor. For selfies, there could be a 32-megapixel sensor at the front. It is said to carry a 5,400mAh battery with support for 100W wired charging and 50W wireless charging.
The Realme GT 5 Pro is expected to come with upgrades over Realme GT 5. The latter was launched in China in August with a price tag of CNY 2,999 for the base model with 12GB of RAM and 256GB of storage.
-
Solar Energy3 years ago
DLR testing the use of molten salt in a solar power plant in Portugal
-
Camera1 year ago
DJI Air 3 vs. Mini 4 Pro: which compact drone is best?
-
world news1 year ago
Gulf, France aid Gaza, Russia evacuates citizens
-
Camera1 year ago
Sony a9 III: what you need to know
-
world news1 year ago
Strong majority of Americans support Israel-Hamas hostage deal
-
Camera4 years ago
Charles ‘Chuck’ Geschke, co-founder of Adobe and inventor of the PDF, dies at 81
-
Solar Energy1 year ago
Glencore eyes options on battery recycling project
-
Indian Defense3 years ago
Israeli Radar Company Signs MoU To Cooperate With India’s Alpha Design Technologies
Pingback: Microsoft Could Get $150 Million in US Cyber Spending Despite Recent Hacks