Microsoft

Microsoft successfully mitigated a 3.47 Tbps distributed denial-of-service attack that was targeted at one of its Azure customers from Asia, the company reports in an Azure blog post on DDoS attack trends for Q3 and Q4, published on Tuesday.

This is almost 1 Tbps more than the previous largest DDoS attack, reported in October 2021, which had an attack rate of 2.4 terabytes per second at its peak.

Microsoft announced plans on Tuesday morning to purchase gaming mega-publisher Activision Blizzard for a record-setting $68.7 billion. When finalized, the acquisition would bring franchises like Call of Duty, Overwatch, Diablo, World of Warcraft, Starcraft, and many more under the umbrella of the Xbox maker.

In November 2020, Microsoft unveiled Pluton, a security processor that the company designed to thwart some of the most sophisticated types of hack attacks. On Tuesday, AMD said it would integrate the chip into its upcoming Ryzen CPUs for use in Lenovo's ThinkPad Z Series of laptops.

The Microsoft Azure App Service has a four-year-old vulnerability that could reveal the source code of web apps written in PHP, Python, Ruby or Node, researchers said, that were deployed using Local Git.

The bug has almost certainly been exploited in the wild as a zero-day, according to an analysis from Wiz. The firm dubbed the vulnerability “NotLegit,” and said it has existed since September 2017.

Microsoft has confirmed another Windows 10 vulnerability is being actively exploited, with attackers taking advantage of a security loophole that remains unpatched. Visiting a maliciously designed webpage or opening a compromised document could be enough to allow hackers to take control of your PC, Microsoft admits, though it has a number of threat mitigation suggestions to reduce the risk.

Microsoft Teams is becoming an integral part of the company's strategy when it comes to online collaboration and communication, both in personal and professional capacities. The Redmond firm regularly updates it with new features and is also providing deeper integration for the software in Windows 11. Now, it has introduced more protections against phishing in Microsoft Teams.

Microsoft's May Patch Tuesday dump included patches for 55 CVEs with four rated critical. There were also three zero-day bugs but none have been exploited.

Products impacted includes Internet Explorer, .NET Core and Visual Studio, Windows 10 and Office to name a few. You can find the updates for May here.

The fixed zero day bugs include:

Earlier this month, Microsoft launched Counterfit as a part of its effort to help organizations automate the way they test the security of their artificial intelligence systems. Now, the software giant wants to use AI to help protect businesses from various kinds of threats.

Microsoft has launched an open source tool to help developers assess the security of their machine learning systems.

The Counterfit project, now available on GitHub, comprises a command-line tool and generic automation layer to allow developers to simulate cyber attacks against AI systems. Microsoft’s red team have used Counterfit to test its own AI models, while the wider company is also exploring using the tool in AI development.

The hackers behind one of the worst breaches in US history read and downloaded some Microsoft source code, but there’s no evidence they were able to access production servers or customer data, Microsoft said on Thursday. The software maker also said it found no evidence the hackers used the Microsoft compromise to attack customers.