Connect with us

Gadgets

Microsoft Software Flaw Exploited by Multiple Hacking Groups, Researchers Say

Published

on

Microsoft Software Flaw Exploited by Multiple Hacking Groups, Researchers Say
At least 10 different hacking groups are using recently discovered flaws in Microsoft’s mail server software to break in to targets around the world, cybersecurity company ESET said in a blog post on Wednesday.The breadth of the exploitation adds to the urgency of the warnings being issued by authorities in the United States and Europe about the weaknesses found in Microsoft’s Exchange software.The security holes in the widely used mail and calendaring solution leave the door open to industrial-scale cyber espionage, allowing malicious actors to steal emails virtually at will from vulnerable servers or move elsewhere in the network. Tens of thousands of organisations have already been compromised, Reuters reported last week, and new victims are being made public daily.

Earlier on Wednesday, for example, Norway’s parliament announced data had been “extracted” in a breach linked to the Microsoft flaws. Germany’s cybersecurity watchdog agency also said on Wednesday two federal authorities had been affected by the hack, although it declined to identify them.

While Microsoft has issued fixes, the sluggish pace of many customers’ updates – which experts attribute in part to the complexity of Exchange’s architecture – means the field remains at least partially open to hackers of all stripes. The patches do not remove any back door access that has already been left on the machines.

In addition, some of the back doors left on compromised machines have passwords that are easily guessed, so that newcomers can take them over.

Microsoft declined comment on the pace of customers’ updates. In previous announcements pertaining to the flaws, the company has emphasized the importance of “patching all affected systems immediately.”

Although the hacking has appeared to be focused on cyber espionage, experts are concerned about the prospect of ransom-seeking cybercriminals taking advantage of the flaws because it could lead to widespread disruption.

ESET’s blog post said there were already signs of cybercriminal exploitation, with one group that specialises in stealing computer resources to mine cryptocurrency breaking in to previously vulnerable Exchange servers to spread its malicious software.

ESET named nine other espionage-focused groups it said were taking advantage of the flaws to break in to targeted networks – several of which other researchers have tied to China. Microsoft has blamed the hack on China. The Chinese government denies any role.

Intriguingly, several of the groups appeared to know about the vulnerability before it was announced by Microsoft on March 2.

Ben Read, a director with cybersecurity company FireEye, said he could not confirm the exact details in the ESET post but said his company had also seen “multiple likely-China groups” using the Microsoft flaws in different waves.

ESET researcher Matthieu Faou said in an email it was “very uncommon” for so many different cyber espionage groups to have access to the same information before it is made public.

He speculated that either the information “somehow leaked” ahead of the Microsoft announcement or it was found by a third party that supplies vulnerability information to cyber spies.

Taiwan-based researchers reported to Microsoft on January 5 that they had found two new flaws which need patching. Those two were among those that began being used by the attackers shortly before or after the friendly report.

They said were investigating whether there had been a theft or leak on their side, since exploitation was discovered in the wild the same week later. So far, the group called Devcore said, they had found no evidence.

Top-flight hackers are also commonly targeted by other hackers. Just this week, Microsoft patched one of the flaws used by suspected North Koreans in attempts to steal information from Western researchers.

But simultaneous discovery happens fairly often, in part because researchers use the same or similar tools to hunt for serious flaws, and many eyes are looking at the same high-value targets.

“It is very likely that some actor groups may have being using these vulnerabilities and led to the result of the attacks being observed by other information security vendors,” Devcore member Bowen Hsu told Reuters.

But the security industry has been abuzz with other theories, including a hack of Microsoft’s systems for tracking bugs, which has happened in the past.

Source link

Continue Reading
1 Comment

1 Comment

  1. Pingback: Microsoft Could Get $150 Million in US Cyber Spending Despite Recent Hacks

Leave a Reply

Gadgets

Microsoft Partners With Inworld to Bring AI Game Development Tools to Xbox

Published

on

By

Microsoft Partners With Inworld to Bring AI Game Development Tools to Xbox


Microsoft is teaming up with Inworld AI to create game development tools for Xbox, enabling developers to create characters, generate entire scripts and quests, and more. The multi-year deal brings an AI design copilot and an AI character runtime engine to the forefront, both of them being totally optional to use and to varying degrees. Of course, the use of AI in art has been criticised by many for simply lacking originality, in addition to running the risk of fewer jobs for artists — a growing fear among many considering the alarming number of layoffs seen at game studios this year in an attempt to cut costs.

“At Xbox, we believe that with better tools, creators can make even more extraordinary games,” Haiyan Zhang, GM, Xbox Gaming AI, said in a blog post. “This partnership will bring together: Inworld’s expertise in working with generative AI models for character development, Microsoft’s cutting-edge cloud-based AI solutions including Azure OpenAI Service, Microsoft Research’s technical insights into the future of play, and Team Xbox’s strengths in revolutionizing accessible and responsible creator tools for all developers.”

The aforementioned AI design copilot is a toolset that will help game designers turn prompts into scripts and dialogue trees. In contrast, the character runtime will enable dynamically generated plot beats and quests. We’ve already seen heavy AI integration in games by way of procedural generation — a more recent example being the 1000+ planets in Starfield. Not to mention, enemy AI has been around for way longer.

Inworld made headlines in August when it launched a modded story mode for Grand Theft Auto V, Sentient Streets, in which players had to investigate the rise of a bizarre AI-worshipping cult — a segment loaded with characters that spoke in AI-generated dialogue, on the fly. The mod was later taken down by publisher Take-Two, leaving a permanent strike on the creator Bloc’s YouTube channel. As per The Verge, Inworld’s AI technology can also be used for narration in top-down RPGs to warn players about any events awaiting off-screen and respond to questions like we’ve seen in the past year with AI chatbots like ChatGPT and Bing Chat. Microsoft has also been heavily banking on artificial intelligence, having made a $10 billion (about Rs. 83,254 crore) investment in OpenAI. The company has also integrated AI tools into its popular suite of services and also added an AI copilot to Windows.

Despite being a Microsoft-affiliated AI toolset, it would be interesting to see whether titles using them will be allowed to thrive on other platforms. In July, Valve claimed that it would be cracking down on games that included AI-generated assets if the developer didn’t own the copyright to the piece of art. For the uninitiated, when you insert a prompt to create something in AI, the software simply repurposes existing assets found online and mushes them together — basically stealing from other artists and writers without appropriate commercial licenses. Infringing them would lead to the game not being distributed on Steam, forcing the developers to seek proper licenses for the asset by reaching out to the AI companies involved. It’s unclear how Microsoft’s partnership will play out — as long as AI content is being used as a catalyst to innovate and create something new, it should be fine.


Affiliate links may be automatically generated – see our ethics statement for details.



Source link

Continue Reading

Gadgets

BSNL Offers Free 4G SIM Upgrade: Here’s How to Get It

Published

on

By

BSNL Offers Free 4G SIM Upgrade: Here’s How to Get It


BSNL (Bharat Sanchar Nigam Limited) is a state-owned telecommunication company in India. Earlier this year in May, the government said that the firm started rolling out 4G services in the country. By December, the networks were said to be upgraded to 5G. However, at the India Mobile Congress, BSNL chairman P K Purwar said that the company will launch 4G services in December and then roll it across the country by June 2024. The chairman added that the 5G upgrades will take place after June next year.

In a post on X shared by BSNL’s Andhra Pradesh (@bsnl_ap_circle) unit, the company confirmed that BSNL users can upgrade their older 2G or 3G SIMs to a 4G SIM for free. Not only will the upgrade be free, but a promotional image shared with the post suggests that users who opt for the upgrade will also receive 4GB of free data that will be valid for three months. It is speculated that BSNL is aiming to boost its upcoming 4G services with this offer. The announcement was first spotted by Telecom Talk.

To access the free data offer and the free upgrade, BSNL users are requested to get in touch with executives at BSNL’s Customer Service Centre, franchisee or retailer stores, or contact one of their Direct Selling Agents (DSA). The promo image also adds in a finer print that the offer is available with certain terms and conditions, but hasn’t detailed any, so far.

Reliance’s Jio recently launched the 4G-supported Bharat B1 feature phone in India. The handset is priced at Rs. 1,299 in India. Alongside 4G connectivity, the phone comes with JioCinema and JioSaavn applications pre-installed.

The Jio Bharat B1 is equipped with the JioPay application, which is said to allow users to make UPI payments. Aiming to increase accessibility, the phone supports 23 languages overall, including multiple regional languages.


Affiliate links may be automatically generated – see our ethics statement for details.





Source link

Continue Reading

Gadgets

Realme GT 5 Pro Teased to Feature 3,000 Nits Display; More Details Revealed

Published

on

By

Realme GT 5 Pro Teased to Feature 3,000 Nits Display; More Details Revealed


Realme GT 5 Pro’s launch date is not far away. The Chinese smartphone brand on Tuesday (November 7) confirmed the arrival of the new GT series smartphone in its home country. The Realme GT 5 Pro is teased to come with a display with over 3000 nits of peak brightness. It is also confirmed to pack a larger heat dissipation area for thermal management. The handset will ship with Qualcomm’s new Snapdragon 8 Gen 3 SoC. The Realme GT 5 Pro is expected to come as a successor to the Realme GT 5 that debuted in China in August.

Realme, via Weibo, announced the arrival of the Realme GT 5 Pro in China. The display of the handset is confirmed to offer 3000 nits peak brightness. It has also been teased to offer heat dissipation with a surface area of around 10,000mm2. It is confirmed to ship with Qualcomm’s new Snapdragon 8 Gen 3 SoC. The post doesn’t specify the exact launch date of the smartphone, however, given the release of the teasers, the launch could be just around the corner.

The Realme GT 5 Pro has been in the news a lot lately. It is expected to feature a 6.78-inch (1,264×2,780 pixels) AMOLED display and is tipped to come in 8GB, 12GB, and 16GB RAM options along with 128GB, 256GB, 512GB, and 1TB inbuilt storage options.

For optics, the Realme GT 5 Pro is said to have a triple rear camera unit comprising two 50-megapixel sensors and an 8-megapixel shooter at the rear. The camera setup might include a Sony LYTIA LYT808 sensor, an OmniVision OV08D10 secondary sensor, and a Sony IMX890 telephoto sensor. For selfies, there could be a 32-megapixel sensor at the front. It is said to carry a 5,400mAh battery with support for 100W wired charging and 50W wireless charging.

The Realme GT 5 Pro is expected to come with upgrades over Realme GT 5. The latter was launched in China in August with a price tag of CNY 2,999 for the base model with 12GB of RAM and 256GB of storage.


The Motorola Edge 40 recently made its debut in the country as the successor to the Edge 30 that was launched last year. Should you buy this phone instead of the Nothing Phone 1 or the Realme Pro+? We discuss this and more on Orbital, the Gadgets 360 podcast. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.
Affiliate links may be automatically generated – see our ethics statement for details.



Source link

Continue Reading

Trending

Copyright © 2017 Zox News Theme. Theme by MVP Themes, powered by WordPress.