As we wrap up another eventful week in the world of Microsoft, the tech giant finds itself at the center of several significant developments. From cybersecurity challenges to industry recognition and legal battles in the AI space, Microsoft continues to navigate the complex landscape of modern technology. In this Friday news roundup, we’ll explore the latest updates on a Russian hacking incident, celebrate a partner’s security achievements, and delve into the ongoing legal challenges surrounding AI and copyright. Join us as we unpack these key stories and their implications for Microsoft, its partners, and the broader tech industry.
Russian hackers accessed more customer emails than initially reported
In a report by Reuters, Microsoft has disclosed that the Russian state-sponsored hacking group known as Midnight Blizzard (also called Nobelium) accessed more customer emails than initially reported during their breach of Microsoft’s systems earlier this year. The tech giant is now notifying additional customers whose email correspondence with Microsoft corporate accounts was compromised.
This revelation comes six months after the initial breach was reported in January 2024. At that time, Microsoft stated that the hackers had accessed a “very small percentage” of corporate email accounts, including those of senior leadership and employees in the security and legal departments.
The breach occurred when hackers used a password spraying technique to compromise a legacy account that lacked two-factor authentication. Once inside Microsoft’s corporate network, the attackers used the account’s permissions to access and exfiltrate emails.
Microsoft is providing affected customers with details of the compromised email correspondence through a specially built portal. While the company has not disclosed the exact number of impacted organizations or individuals, the expanded notification suggests the breach was more extensive than initially thought.
This incident has raised concerns about Microsoft’s cybersecurity practices, especially in light of other recent high-profile breaches. Earlier this year, a report from the Cyber Safety Review Board criticized Microsoft for a “cascade of security failures” and a “lax corporate culture” that deprioritized enterprise security investments.
BlueVoyant wins multiple Microsoft Security Partner awards
In more positive news for Microsoft’s security ecosystem, cybersecurity firm BlueVoyant has been named the 2024 Microsoft Worldwide Security Partner of the Year. This prestigious award recognizes BlueVoyant’s excellence in providing Microsoft-based cybersecurity solutions.
BlueVoyant also secured two additional awards:
- Microsoft United States Security Partner of the Year (for the third consecutive time)
- Microsoft Canada Security Partner of the Year (for the first time)
These awards highlight BlueVoyant’s expertise in delivering comprehensive, outcomes-based cybersecurity solutions built on Microsoft technologies. The company’s innovative approach has significantly grown its Microsoft customer base over the past three years, positioning it at the forefront of next-generation security operations.
Milan Patel, global head of managed detection and response (MDR) at BlueVoyant, emphasized the company’s commitment to helping clients maximize their Microsoft Security investment. He also noted BlueVoyant’s involvement in the Microsoft Copilot for Security Design Council, offering diagnostic and deployment services to help clients leverage AI as a strategic cybersecurity asset.
Another copyright infringement lawsuit filed against OpenAI and Microsoft
The Center for Investigative Reporting (CIR), publisher of Mother Jones and Reveal, has filed a lawsuit against OpenAI and Microsoft for alleged copyright infringement. The nonprofit claims that the tech companies used their content without permission or compensation to train AI models.
This legal action adds to a growing list of similar lawsuits from news organizations, authors, and other content creators challenging the use of copyrighted material in AI training. The CIR lawsuit, filed in federal court in New York, seeks damages and a court order forcing OpenAI and Microsoft to delete copyrighted material from their training datasets.
Monika Bauerlein, CEO of the Center for Investigative Reporting, stated, “OpenAI and Microsoft started vacuuming up our stories to make their product more powerful, but they never asked for permission or offered compensation, unlike other organizations that license our material.”
The lawsuit describes OpenAI’s business as “built on the exploitation of copyrighted works” and focuses on how AI-generated summaries of articles threaten publishers. It claims that OpenAI acknowledged building an earlier version of its chatbot technology with thousands of Mother Jones links.
This legal challenge highlights the ongoing debate about the use of copyrighted material in AI training and the potential impact on journalism and content creation industries.
As Microsoft continues to navigate cybersecurity challenges and expand its AI capabilities, the company faces both opportunities and obstacles. The expanded Russian hack underscores the need for continued vigilance and improvement in security practices. Meanwhile, the success of partners like BlueVoyant demonstrates the strength of the tech giant’s security ecosystem. However, another copyright infringement lawsuit against OpenAI and Microsoft highlights the complex legal and ethical issues surrounding AI development and deployment. Only time will tell to what happens next.
Discover more from Microsoft News Now
Subscribe to get the latest posts sent to your email.
