Microsoft has initiated a comprehensive cybersecurity overhaul, motivated by recent high-profile breaches and internal demands for enhanced security measures. Prompted by a shift in corporate strategy that aligns executive compensation with security outcomes, this initiative marks a significant departure from Microsoft's previous security efforts. Despite historical efforts, such as Bill Gates' 2002 memo prioritizing security, the current revival under CEO Satya Nadella's directive underscores an evolved approach towards embedding security into the fabric of the company's culture and operations. The initiative also responds to critical feedback, notably from a Cyber Safety Review Board report detailing security lapses that facilitated a major breach of Microsoft Exchange by a nation-state affiliated group, emphasizing the urgency of a security-first methodology across all levels of the organization.

Officials see a real change in Microsoft’s security plans: financial accountability Cybersecurity Dive

The Russia-linked ransomware group Black Basta has intensified its cyberattacks on the healthcare sector, with the St. Louis-based Ascension health system being one of its latest victims. Health-ISAC (Information Sharing and Analysis Center) issued an alert highlighting the group's recent surge in attacks against healthcare providers. Ascension suffered a cybersecurity incident, disrupting its clinical operations and leading to the temporary suspension of some elective procedures. The U.S. Department of Health and Human Services (HHS) had previously alerted about Black Basta, known for its double extortion tactics involving data exfiltration and ransom demands. Reports indicate that Black Basta has extorted over $100 million from various organizations in less than two years. The HHS suggests Black Basta's sophisticated operation may indicate ties to other Russian-speaking cybercrime groups or a rebranding of such entities.

Black Basta Ransomware Attack Brought Down Ascension Systems: Report CRN

The CEO of WPP, Mark Read, recently alerted the company leadership of an attempted fraud using an artificial intelligence voice clone of him. Scammers created a WhatsApp account with Read's image and set up a fake Microsoft Teams meeting to solicit money and personal details from an agency leader within WPP. The fraud involved advanced techniques, including AI for voice cloning and impersonation via chat during the meeting. Despite the elaborate setup, the scam was foiled, with Read emphasizing the importance of vigilance against such sophisticated attacks. This incident underscores the rising trend of deepfake attacks in the corporate sector, challenging companies to bolster their defenses against increasingly complex cyber threats.

CEO of world’s biggest ad firm targeted by deepfake scam The Guardian

Researchers at Leviathan Security Group have uncovered an unpatchable vulnerability in virtual private networks (VPNs) known as TunnelVision. This flaw allows attackers to redirect VPN traffic and snoop on data in clear text while remaining undetected, as VPNs inherently lack the ability to protect data at entry and exit points, serving only as encrypted tunnels. The experts emphasize that VPNs are often inaccurately portrayed as comprehensive security solutions when in reality, they are primarily meant for connectivity. This misconception, alongside the difficulty in patching or replacing numerous operational VPNs in enterprises, poses significant security challenges that require a more layered approach to cybersecurity, known as defense in depth.

Massive security hole in VPNs shows their shortcomings as a defensive measure CSO Online