Latest news with #Redmond
The Verge
6 hours ago
- The Verge
Microsoft wants to fix ‘slow or sluggish' performance in Windows 11
Ever since Windows 11 first debuted in October 2021, there have been complaints about its performance on certain types of hardware. Whether it was gaming on new hybrid performance CPUs showing no improvement on Windows 11, or claims that Windows 11 simply feels lethargic compared to Windows 10, Microsoft has tried to fix the problems with updates to the OS. Now, it wants direct feedback about 'any slow or sluggish performance' in Windows 11. A new test build of Windows 11 debuted on Friday with a method to automatically collect performance logs submitted to Microsoft. 'Windows Insiders are encouraged to provide feedback when experiencing PC issues related to slow or sluggish performance, allowing Feedback Hub to automatically collect these logs, which will help us root cause issues faster,' says Microsoft. This new logging system is part of Microsoft's 'commitment to improving Windows performance,' and will likely mean we see even more improvements to the performance and reliability side of the 25H2 update due later this year. Microsoft already made some performance improvements to Windows 11 in 2023 to speed up the Taskbar, notifications area, and quick settings panel. The performance impact of startup apps was also reduced in 2023, and the 24H2 update last year also seemed to greatly improve performance on older hardware. Microsoft is also looking to improve Windows drivers through new requirements that developers will need to follow for the 25H2 update later this year. It's now requiring static analysis for driver certification, which should help 'identify potential issues in driver code before deployment.'
Bangkok Post
8 hours ago
- Business
- Bangkok Post
Microsoft server software comes under widespread cyberattack
Microsoft Corp's server software was exploited by unidentified hackers, with analysts warning of widespread cybersecurity breaches across the globe. The Redmond, Washington-based software maker, said it had released a new security patch for customers to apply to their SharePoint servers 'to mitigate active attacks targeting on-premises servers,' adding it was working to roll out others. The vulnerability allowed hackers to access file systems and internal configurations, as well as execute code, the US Cybersecurity and Infrastructure Security Agency said. Cybersecurity firms cautioned that a broad section of organisations around the world could be affected by the breach. Silas Cutler, a researcher at Michigan-based cybersecurity firm Censys, estimated that more than 10,000 companies with SharePoint servers were at risk. The United States had the largest number of those companies, followed by the Netherlands, the United Kingdom and Canada, he said. 'It's a dream for ransomware operators, and a lot of attackers are going to be working this weekend as well,' he added. Palo Alto Networks Inc warned that 'these exploits are real, in-the-wild, and pose a serious threat.' Google Threat Intelligence Group said in an e-mailed statement it had observed hackers exploiting the vulnerability, adding it allows 'persistent, unauthenticated access and presents a significant risk to affected organisations.' 'When they're able to compromise the fortress that is SharePoint, everybody is kind of at their whim because that is one of the highest security protocols out there,' said Gene Yu, CEO of Singapore-based cyber incident response firm Blackpanda. The Washington Post reported that the breach had affected US federal and state agencies, universities, energy companies and an Asian telecommunications company, citing state officials and private researchers. Researchers at Eye Security were the first to identify the vulnerability, Cutler said. They reported an intrusion on Friday resembling one identified earlier in the week in a demo by researchers Code White GmbH, which reproduced vulnerabilities presented by others at the Pwn2Own hacking contest. Eye Security said the vulnerability allows hackers to access SharePoint servers and steal keys that can let them impersonate users or services even after the server is patched. It said hackers can maintain access through backdoors or modified components that can survive updates and reboots of systems. A Microsoft spokesperson declined to comment beyond the company's statement. Microsoft has faced a series of recent cyberattacks, warning in March that Chinese hackers were targeting remote management tools and cloud applications to spy on a range of companies and organisations in the US and abroad. The Cyber Safety Review Board, a White House-mandated group designed to examine major cyberattacks, said last year that Microsoft's security culture was 'inadequate' following the 2023 hack of the company's Exchange Online mailboxes. In that incident, hackers were able to breach 22 organizations and hundreds of individuals, including former US Commerce Secretary Gina Raimondo.
Bloomberg
14 hours ago
- Business
- Bloomberg
Microsoft Server Software Comes Under Widespread Cyberattack
Microsoft Corp. 's server software is under attack from unidentified hackers, with cybersecurity analysts warning of widespread security breaches across the globe. The Redmond, Washington-based software maker said it had released a new security patch for customers to apply to their SharePoint servers 'to mitigate active attacks targeting on-premises servers,' adding it was working to roll out others.
Associated Press
a day ago
- Business
- Associated Press
NewSky Security Expands into Cyber Security Private Investigations to Combat Sophisticated Botnet and VPN Threats
NewSky Security Expands into Cyber Security Private Investigations to Combat Sophisticated Botnet and VPN Threats REDMOND, WA, UNITED STATES, July 20, 2025 / / -- NewSky Security today announced the expansion of its services to include specialized private investigations into cybersecurity breaches, with a focus on incidents involving finance, the Internet of Things (IoT), VPNs, and botnets. This provides unparalleled expertise and a proactive defense to financial institutions, IoT-dependent businesses, and corporations globally. 'In today's hyper-connected world, the lines between physical and digital security have blurred. We are proud to announce our enhanced capabilities in cyber security private investigations, which will be crucial in not just stopping cyber threats, but in identifying and helping to bring the perpetrators to justice,' said Scott Wu, CEO at NewSky Security. 'Our new focus on financial, IoT, and VPN-based threats allows us to offer a new level of Cyber security, protecting our clients' most critical assets from sophisticated botnet attacks and other emerging threats.' NewSky Security's expanded services will leverage the company's proprietary AI-powered threat detection and real-time network monitoring to conduct in-depth investigations into the source of cyberattacks. The company's team of experts will work to uncover the methods and identities of attackers, providing crucial intelligence to law enforcement and helping to prevent future incidents. This enhanced service includes a focus on VPN Security, ensuring that remote connections do not become a weak point in an organization's security posture. The rise of interconnected devices in the financial and IoT sectors has created new avenues for cybercriminals to exploit. Botnets are becoming increasingly sophisticated, and securing VPNs is more critical than ever with the rise of remote work. NewSky Security's enhanced focus on cyber security private investigations directly addresses the growing need for a proactive and investigative approach to cybersecurity, moving beyond simple defense to active pursuit of threats. NewSky Security has a proven track record of identifying and mitigating threats, having already identified numerous botnets and malware campaigns for its clients. The company's unique approach involves studying the attackers themselves to build more robust defense mechanisms. About NewSky Security NewSky Security is a cybersecurity company that utilizes artificial intelligence to protect and defend the Internet of Things (IoT). Founded in 2015, the company provides real-time threat visibility and control to prevent business disruptions from cyberattacks. NewSky Security's mission is to empower a hack-proof experience for its clients, allowing them to focus on their core business without the fear of cybercrime. Contact Information: Media Relations NewSky Security +1 425-441-3441 [email protected] Scott Wu New Sky Security email us here Visit us on social media: LinkedIn Legal Disclaimer: EIN Presswire provides this news content 'as is' without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
Forbes
a day ago
- Forbes
‘You No Longer Decide'—Microsoft Deletes Passwords In 10 Days
Your passwords are about to disappear. You now have just ten days before Microsoft starts deleting your passwords. Do not leave it too late and be sure to save your data. But before you do, there's a new warning that might change your mind on what to do next. First, as to what's behind Microsoft's new deletions. The company is on a mission to delete passwords for more than a billion users as the 'password era is ending.' As part of that, it has already stoped autofilling passwords from its Authenticator app and in August those passwords will be deleted from its systems. While Microsoft's Authenticator will still continue to store passkeys, users are urged to use Edge instead as a password manager, and data will automatically move across. But Proton has now warned that 'the direction is clear: core features are being consolidated inside a single ecosystem, with fewer options for users.' 'This isn't just about passwords,' Proton says, 'it's about control. When switching becomes harder, choice disappears.' The security firm has published a new blogpost in which it warns 'Microsoft is pushing users deeper into its walled garden.' Microsoft confirms that 'from August 2025, your saved passwords will no longer be accessible in Authenticator.' It has added a 'Turn on Edge' button in Authenticator, and says 'your saved passwords (but not your generated password history) and addresses are securely synced to your Microsoft account, and you can continue to access them and enjoy seamless autofill functionality with Microsoft Edge.' According to Proton, 'this means if you want to keep using Microsoft's password management features, you'll need to step further into Microsoft's walled garden and submit to Edge's data collection. And while this might look like a technical update, it reflects the inescapable logic of walled gardens: It's a clear shift toward its own ecosystem that restricts choice under the guise of convenience or security.' As for Authenticator itself. Proton says it 'was a simple, dedicated tool that allowed users to store and autofill logins across platforms. Like most Microsoft products, Authenticator collected data, but wasn't equipped to track across the internet.' 'You no longer decide how your information is handled or where it's stored. That decision gets made for you,' Proton suggests. 'Microsoft appears to be imitating Google's playbook with Chrome(new window). It can now tie your accounts to your browsing history and track you much more effectively.' There is a conflict here. Deleting passwords and replacing them with passkeys is the right answer. Passwords are not secure — even with two-factor authentication (2FA). But Proton says 'behind the careful phrasing is a simple truth — features that once worked anywhere now only work wherever Microsoft wants you to be.' This isn't just about Microsoft, it's 'a broader pattern in Big Tech. Apple's passkeys sync exclusively through iCloud. Google continues to tie identity and login services to its entire ecosystem. And now, Microsoft, after attempting to build its own walled gardens with Windows 365 and OpenAI, is limiting password management to Edge.' So is this a genuine concern — that 'gradually choice erodes, and systems that once worked broadly start to work best only when you're locked inside one company's walled garden.' To an extent, of course it is. That's why Apple's and Google's walled gardens are under regulatory pressure in the U.S. and Europe. 'Once you're in the walled garden, these companies move swiftly to monetize you at every opportunity.' But the undeniable truth is that users are more secure within a walled garden ecosystem that makes it difficult if not impossible for attackers to break into a trusted device. That's Apple's longstanding mantra and others are catching up fast. Even Samsung is now doing the same with Knox Matrix. Passkeys are one element — the linkage of security to hardware clearly steers towards control by hardware and OS developers. In the short term, you need to use what's available and add passkeys to all your key accounts. You should also delete passwords which continue to provide access to your accounts. But you should also keep Proton's warning in mind. This is about balance.
