Artificial Intelligence Is What’s Protecting Your Microsoft, Google And Similar Accounts





Artificially intelligent systems are quite on the run these days. The new generation believes a lot in the security system which evolves with the hackers’ trickery.

Microsoft, Google, Amazon, and numerous other organizations keep the faith in artificially intelligent security systems.

Technology based on rules and designed to avert only certain and particular kinds of attacks has gotten pretty old school.

There is a raging need for a system which comprehends previous behavior of hacking or any sort of cyber attacks and acts accordingly.

According to researchers, the dynamic nature of machines, especially AI makes it super flexible and all the more efficient in terms of handling security issues.

The automatic and constant retaining process certainly gives AI an edge over all the other forms.

But, de facto, hackers are quite adaptable too. They also usually work on the mechanical tendencies of the AI.

The basic way they go around is corrupting the algorithms and invading the company’s data which is usually the cloud space.

Amazon’s Chief Information Security Officer mentioned that via the aforementioned technology seriously aids in identifying threats at an early stage, hence reducing the severity and instantly restoring systems.

He also cited that despite the absolute aversion of intrusions being impossible, the company’s working hard towards making hacking a difficult job.

Initially, the older systems used to block entry in case they found anything suspicious happening or in case of someone logging in from an unprecedented location.

But, due to the very bluntness of the security system, real and actual users get to bear the inconvenience.

Approximately, 3% of the times, Microsoft had gotten false positives in case of fake logins, which in a great deal because the company has over billions of logins.

Microsoft, hence, mostly calculates and analyzes the technology through the data of other companies using it too.
The results borne are astonishing. The false positive rate has gotten down to 0.001%.

Ram Shankar Siva Kumar, who’s Microsoft’s “Data Cowboy”, is the guy behind training all these algorithms. He handles a 18-engineer team and works the development of the speed of the system.

The systems work efficiently with systems of other companies who use Microsoft’s cloud provisions and services.

The major reason behind, why there is an increasing need to employ AI is that the number of logins is increasing by the day and it’s practically impossible for humans to write algorithms for such vast data.

There is a lot of work involved in keeping the customers and users safe at all times. Google is up and about checking for breachers, even post log in.

Google keeps an eye on several different aspects of a user’s behavior throughout the session because an illegitimate user would act suspiciously for sure, some time or the other.

Microsoft and Amazon in addition to using the aforementioned services are also providing them to the customers.

Amazon has GuardDuty and Macie which it employs to look for sensitive data of the customer especially on Netflix etc. These services also sometimes monitor the employees’ working.

Machine learning security could not always be counted on, especially when there isn’t enough data to train them. Besides, there is always a worry-some feeling about their being exploited.

Mimicking users’ activity to degrade algorithms is something that could easily fool such a technique. Next in line could be tampering with the data for ulterior purposes.

With such technologies in use it gets imperative for organizations to keep their algorithms and formulae a never-ending mystery.

The silver lining though, is that such threats have more of an existence on paper than in reality. But with increasingly active technological innovation, this scenario could change at any time.




Microsoft, Netflix and PayPal Emerge As the Top Targets for Phishing Attacks



Email security provider Vade Secure released another phishing report following the 25 most 'spoofed' brands in North America that are imitated in phishing attacks. Amongst them the top three are Microsoft, Netflix and PayPal.

Out of all the 86 brands that were tracked, 96% of them all were done so by the company as per their Q3 2018 report.

Bank of America and Wells Fargo are not so far behind Microsoft and the other top 2 targets in this case as there has been an increase in these phishing attacks by approximately 20.4% as reported by Vade Secure. As the attackers attempt to access Office 365, One Drive, and Azure credentials their focus has been towards cloud based services as well as financial companies.



Vade Secure's report states - "The primary goal of Microsoft phishing attacks is to harvest Office 365 credentials. With a single set of credentials, hackers can gain access to a treasure trove of confidential files, data, and contacts stored in Office 365 apps, such as SharePoint, One Drive, Skype, Excel, CRM, etc. Moreover, hackers can use these compromised Office 365 accounts to launch additional attacks, including spear phishing, malware, and, increasingly, insider attacks targeting other users within the same organization."

The attackers, through a feeling of urgency endeavor to show that the recipient's account has been suspended or so thus inciting them to login in order to determine the issue, this happens in the case of Office 365 phishing emails. By doing this though they expect for the victims to be less wary when entering their credentials.

Exceptionally compelling is that attackers have a tendency to pursue a pattern with respect to what days they send the most volume of phishing mails. As per the report, most business related attacks tend to happen amid the week with Tuesday and Thursday being the most popular days. For Netflix though, the most focused on days are Sunday because that is the time when users' are taking a backseat and indulge in some quality television.

As these attacks become more targeted Vade Secure’s report further states – "What should be more concerning to security professionals is that phishing attacks are becoming more targeted. When we correlated the number of phishing URLs against the number of phishing emails blocked by our filter engine, we found that the number of emails sent per URL dropped more than 64% in Q3. This suggests that hackers are using each URL in fewer emails in order to avoid by reputation-based security defenses. In fact, we’ve seen sophisticated phishing attacks where each email contains a unique URL, essentially guaranteeing that they will bypass traditional email security tools."

For the users' however , it is advised to dependably examine a site before entering any login details and if there are any occurrences of the URL seeming abnormal or even something as minor as a language blunders then they should report the issue directly to either the administrator or the company itself.



Shares Of The Microsoft Corp. Closed At A Record High; Expanding Its Secure Score Service


Microsoft in its Ignite Conference in Orlando, revealed that it was applying its Authenticator application across Azure to get rid of login passwords and growing the Secure Score benefits and services over its cloud to give users feedback options to prevent any breaches.

As the shares of the Microsoft Corp. closed at a record high the tech giant has now taken into consideration the expansion on its profile as a secure cloud vendor on Monday, utilizing its yearly IT conference to make public a few security activities and initiatives intended to target few enterprises to its Azure public cloud platform and far from rivals such as Amazon.com Inc.  and Alphabet Inc.

As far back as the announcement by Chief Executive Satya Nadella in November 2015 is concerned it was decided that Microsoft would invest $1 billion a year in the security research and development, the stock's price has indeed billowed about 116%, making it the best performing tech stock on the Dow over that period, with Apple Inc. AAPL, - 0.45% up 91% and Cisco Systems Inc. CSCO, +0.33% up 81%.

While Amazon.com Inc. AMZN, +0.41% are as yet the predominant public cloud player by far with the Amazon Web Services, Microsoft's Azure has relentlessly been wearing down AWS as one of the fastest-growing public cloud providers. In its last earnings increase.

Microsoft shares finishes 0.4% at $114.67, a record close for a third session in succession, while the Dow Jones Industrial Average DJIA, - 0.68% declined 0.7%, the S&P 500 index SPX, - 0.35% slipped 0.4%, and the tech-heavy Nasdaq Composite Index COMP, +0.08% completed under 0.1%.

These announcements though come about a week after Microsoft launched a shot targeting the opponents in another region, exhibiting an AI variant of its Dynamics 365 customer relationship management

Address Bar Spoofing Attacks by Safari Browser





Security researcher Rafay Baloch as of late discovered vulnerability in the Safari browser that purportedly enabled the attackers to take control of the content shown on the address bar. The method enables the 'bad actor' to perform phishing attacks that are extremely troublesome for the user to recognize. The program bug is said to be a race condition which is enabling the JavaScript to change the address bar before even the website pages are loaded completely.

In order to exploit the vulnerability, with tracking id CVE-2018-8383 the attackers were required to trap the victims onto a specially designed site which could be accomplished quite easily and Apple, despite the fact that Baloch had instantly informed both Apple and Microsoft about the bug, deferred this fix even after its three-month grace period prior to public exposure lapsed seven days back.
While Microsoft reacted with the fix on Edge on August 14th as a major aspect of their one of the security updates. The deferral by Apple is what may have left the Safari browser defenseless thusly enabling the attackers to impersonate any site as the victim sees the legit domain name in the address bar with complete confirmation and authentication marks.

At the point when the bug was tested with Proof-Of-Concept (P.O.C) Code, the page could stack content from Gmail while it was hosted on sh3ifu.com and worked perfectly fine in spite of the fact that there are a few components that continued loading even as the page loaded completely, demonstrating that it is an inadequate  and incomplete procedure.

The main trouble on Safari though, Baloch clarified, is that user can't type in the fields while the page is as yet loading, nevertheless he and his group overcame this issue by including a fake keyboard on the screen, something that banking Trojans did for years for improving the situation and are still discovering new and inventive approaches to dispose of the issue at the earliest opportunity.


Microsoft Shuts down Websites in Association with the Russian Military Intelligence Service GRU


On the twentieth of August, Microsoft made public that it effectively terminated 6 websites in affiliation with the Russian Military Intelligence Service GRU.

The hacker group that has come to light is the well-known Fancy Bear also referred to here, as APT28 which likewise has been formerly connected to cyber-espionage campaigns directed towards various governments around the globe, including to the hack of the Democratic National Committee before the 2016 US Presidential Election.

The gathering last targeted the conservative think tanks namely the Hudson Institute and the International Republican Institute, three which were intended to mirror the U.S. Senate sites and one of the fake ones even ridiculed Microsoft's online products.

Microsoft's Digital Crimes Unit (DCU) effectively executed a court order to transfer the control of six internet domains made by the group. The six domains are:

my-iri.org
hudsonorg-my-sharepoint.com
senate.group
adfs-senate.services
adfs-senate.email
office365-onedrive.com

Microsoft’s president and chief legal officer Brad Smith wrote, “We have now used this approach 12 times in two years to shut down 84 fake websites associated with this group. Attackers want their attacks to look as realistic as possible and they therefore create websites and URLs that look like sites their targeted victims would expect to receive email from or visit.”

What's more, in spite of last week's steps, Microsoft is anxious by the continuous activity that is focusing on these and other sites that are for the most part centered towards elected officials, politicians, political groups and additionally think tanks over the political range in the United States.

Since Russian cyber-attacks directed towards the elections are recurring and likely to expand , Microsoft is intending to protract the Microsoft's Defending Democracy Program with yet another initiative called the Microsoft AccountGuard , which will provide the best in class cyber security protection at no additional cost to all the candidates and campaign workplaces at the federal, state and local level as well as think tanks and political organizations that are presently thought to be under attack.


NHS to migrate to Windows 10 to upgrade cybersecurity defences

Microsoft on Saturday announced that The UK Department of Health and Social Care will transition all National Health Service (NHS) computer systems to Windows 10 to better protect against future cyber attacks. 

The Department has made a security deal with Microsoft regarding the same.

According to officials, the operating system’s more advanced security features are the primary reason for the transition, such as the SmartScreen technology equipped with Microsoft Edge and Windows Defender.

One of the other reasons for upgrading their security systems was the damages caused by the WannaCry ransomware attack last year, when NHS was one of the first victims.

“More than a third of trusts in the UK were disrupted by the WannaCry ransomware attack last year, according to the National Audit Office, which led to the cancellation of 6,900 appointments. WannaCry was an international attack on an unprecedented scale that affected organisations across the globe. While it did not specifically target the NHS, the impact on health organisations was significant,” read the announcement by Microsoft.

According to Kaspersky and Microsoft telemetry, over 98 percent of all WannaCry victims were Windows 7 users.

“We have been building the capability of NHS systems over a number of years, but there is always more to do to future-proof our NHS as far as reasonably possible against this threat,” said Jeremy Hunt, the Health and Social Care Secretary. “This new technology will ensure the NHS can use the latest and most resilient software available – something the public rightly expect.”



Edge Browser, Son of the Internet Explorer wants to fulfill father's dying wish



With Microsoft edge not getting popular among users, and rivals doing far better, Micrososft has come up with the update which tricks user to use Microsoft edge as the Default browser .

If you have Windows 10 operating system , then Edge is the default browser and If you try to make other browser as default it would prompt you to give Edge a try and would suggest all the positive features like the ability to annotate web pages using a stylus, in-built Cortana integration and the distraction-free Reading Mode.

It gives various prompts like "Give Microsoft Edge a shot", "Before you switch defaults, see what you can do in an app built just for Windows 10" , "Don't switch and try it now" and keeps it the default browser for the operating system.

Microsoft is using same trick for its photo and music applications too. If you try to switch in the settings panel a similar dialogue box appears and convinces you to use Microsoft's own Photos and Groove Music applications.

Microsoft launched several campaigns like Windows 10 campaign - a 100 pound cash incentive - to convince users to upgrade and its providing free operating system upgrade for windows 7, 8 and 8.1 to windows 10 .

The Redmond technology firm is even quietly installing the operating system onto your machine so it's ready whenever you decide to upgrade.

The promotion has helped drive uptake of Windows 10 and as a result, the new OS has been installed on a staggering 110 million devices within the last 11 weeks.

Microsoft destroys Botnets by taking down the Domain Providers

Microsoft got the order from the U.S. District Court for the Eastern District of Virginia, Alexandria Division, telling top-level domain registrar Verisign to take down the domains, on Sept. 22, but it was sealed until Monday, when Piatti was served with a court summons in the case by Microsoft lawyers in the Czech Republic. The site take down occurred just after midnight, Pacific Time, Monday.

 Microsoft destroys Botnet by taking down the Domain Providers.Microsoft used the same technique that worked in its earlier takedowns of the Rustock and Waledac botnets, asking a U.S. court to order Verisign to shut down 21 Internet domains associated with the command-and-control servers that form the brains of the Kelihos botnet.

"These were domains either directly or though subdomains, that were actually being utilized to point computers to command and control websites for the Kelihos botnet," said Richard Boscovich, an attorney with Microsoft's digital crimes unit.

With somewhere between 42,000 and 45,000 infected computers, Kelihos is a small botnet. But, it was spewing out just under 4 billion spam messages per day -- junk mail related to stock scams, pornography, illegal pharmaceuticals and malicious software. Technically, the botnet looked a lot like Waledac, and some security experts think it may have been built by the same criminals.

The idea of a highly disruptive botnet that Microsoft shut down in February 2010 quietly resurfacing under a different name didn't sit too well with Microsoft's digital crimes unit. "We wanted to take it out early enough so that number one, it wouldn't grow and propagate ... but also to make the point that when a threat is down, it's going to stay down," Boscovich said. "I think we made that point pretty effectively in this particular operation."

All but one of the Internet domains that Microsoft took offline are anonymously registered in the Bahamas, but one domain cz.cc is owned by Dominique Piatti who runs a domain name business called Dotfree Group out of the Czech Republic.

"For some time now, this particular domain has had multiple issues with it in addition to Kelihos," Boscovich said. "We ultimately decided to name him as a defendant in light of some previous incidents that he's had."


Malicious sites on the cz.cc domain had previously been used to trick Macintosh users into thinking they needed to buy a bogus security program, called MacDefender.

Security experts say that many of these subdomain hosting companies, which typically offer free domain-name registration, have opened up a lawless frontier on the Internet where nearly anything goes. "There's a huge amount of abuse going on on those subdomains," said Roel Schouwenberg, a researcher with security vendor Kaspersky Lab. "The bad guys select whichever domain is cheapest and most reliable," he added. "Some of these domain owners are extremely slow in responding to abuse issues."

Scammers had used a series of ingenious tricks to game Google's image search feature and spread the Mac Defender malware using bulk subdomains, said Sean Sullivan, a security adviser with F-Secure. Sullivan's company automatically blocks the ce.ms, cu.cc, cw.cm, cx.cc, rr.nu, vv.cc, and cz.cc domains with its security software, he added.

In June, Google blocked a number of bulk subdomain sites from its search index, saying that many of them had been used by criminals. "In some cases our malware scanners have found more than 50,000 malware domains from a single bulk provider," Google wrote in a blog post announcing the decision.
Reached Tuesday, Piatti was unable to comment for this story. " I would be glad to give you my side of the story, but I feel that I should hire a lawyer first," he said in an email.