In January 2024, Microsoft disclosed a significant security breach by the Kremlin-backed cyber espionage group Midnight Blizzard (also known as APT29 or Cozy Bear), which resulted in unauthorized access to some of Microsoft's source code repositories and internal systems. The attack, initiated through a password spray strategy, exploited a legacy, non-production test account without multi-factor authentication (MFA), revealing the sophistication and resources committed by the threat actor. Despite the breach, Microsoft affirmed that its customer-facing systems remained uncompromised and has since contacted affected customers. The company has announced an increase in its security investments to counter the amplified tactics of Midnight Blizzard, which leverages exfiltrated information for further unauthorized access, marking an escalation in global cybersecurity threats.

Microsoft Confirms Russian Hackers Stole Source Code, Some Customer Secrets The Hacker News

In a recent discussion with CNBC's Jim Cramer, CrowdStrike CEO George Kurtz emphasized the growing threat posed by cybercriminals who are leveraging advanced generative artificial intelligence to conduct sophisticated attacks, regardless of their own technical expertise. Kurtz highlighted how generative AI is making complex cyberattack techniques accessible to less skilled adversaries, suggesting a future where the fight against cybercrime will increasingly hinge on opposing AI capabilities.

CrowdStrike CEO says cybercriminals are leveling up: 'It’s going to be the battle of AI in the future' CNBC

Dexcom has received FDA clearance for its first over-the-counter continuous glucose monitor, Stelo, targeting patients with Type 2 diabetes who do not use insulin. This marks the first time a glucose biosensor will be available without a prescription, with sales starting in the summer of 2024. Stelo aims to improve diabetes management by tracking glucose levels in real-time, sending data wirelessly to a smartphone for more effective monitoring of the user's condition.

Dexcom's first-ever over-the-counter glucose monitor patch gets FDA clearance CNBC

Microsoft and OpenAI report nation-state hackers using AI and LLMs like ChatGPT for cyberattacks but don't see an immediate enterprise threat. They emphasize the need for prepared security measures due to this activity. Research identified five groups globally exploiting LLMs for tech vulnerability research, geopolitical intelligence, and enhancing attack methods. Despite the increased use, no significant LLM-based attacks were found yet. The report also discusses AI's potential to enhance social engineering attacks and offers strategies for mitigation, emphasizing AI tool security and responsible use.

Microsoft, OpenAI warn nation-state hackers are abusing LLMs | TechTarget SearchSecurity