this post was submitted on 25 Aug 2023
32 points (92.1% liked)

Technology

59148 readers
2006 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
all 4 comments
sorted by: hot top controversial new old
[–] [email protected] 5 points 1 year ago

This is what happens when you let MBAs and marketers run things to the point that competent cybersec folks and coders leave, or quiet quit, and/or give up on best practices. Microsoft is a clown company.

[–] [email protected] 4 points 1 year ago

This is the best summary I could come up with:


In July, security researchers revealed a sobering discovery: hundreds of pieces of malware used by multiple hacker groups to infect Windows devices had been digitally signed and validated as safe by Microsoft itself.

On Tuesday, a different set of researchers made a similarly solemn announcement: Microsoft’s digital keys had been hijacked to sign yet more malware for use by a previously unknown threat actor in a supply-chain attack that infected roughly 100 carefully selected victims.

The program is used to certify that device drivers—the software that runs deep inside the Windows kernel—come from a known source and that they can be trusted to securely access the deepest and most sensitive recesses of the operating system.

Then, Carderbee used its newfound control to push malicious updates to roughly 2,000 organizations that are Cobra DocGuard customers.

The fact that they appear to only deploy their payload on a handful of the computers they gain access to also points to a certain amount of planning and reconnaissance on behalf of the attackers behind this activity.”

While attackers could already install apps, steal passwords, and take other liberties, running code in the kernel allowed them to do things that would otherwise be impossible.


The original article contains 493 words, the summary contains 199 words. Saved 60%. I'm a bot and I'm open source!

[–] [email protected] -1 points 1 year ago

Microsoft has long given no fucks about security of their protocols collaborating with the NSA to leave vulnerabilities open for exploitation rather than patching them.

Before NSA was a intelligence gathering network for the DHS, it was responsible for making sure our communications were secure. So when it was supposed to be standardizing communication protocols, it was instead ignoring known vulnerabilities for exploitation and paying off Microsoft not to close them. Of course Russia, China and Iran would also be aware of these vulnerabilities and how to use them to gain access to presumably secure communications.