These npm packages are designed to take valuable personally identifiable information (PII). Researchers with JFrog, Shachar Menashe and Andrey Polkovnychenko say they found the repositories on March 21 with 50 packages and that number soon grew to 200. The company explains how the attack is targeting Microsoft Azure: “After manually inspecting some of these packages, it became apparent that this was a targeted attack against the entire @azure npm scope, by an attacker that employed an automatic script to create accounts and upload malicious packages that cover the entirety of that scope....

Crypto mining is essentially a process where new bitcoins are created by solving complex math problems that verify transactions. Creating new cryptocurrency is as simple as mining gets as the process is complicated and requires computers and software to do the heavy lifting. Microsoft Universal License Terms for Online Services now state that Azure and any other online service cannot be used for mining. This change was made quietly as it has been in effect since December 1....

I’ll touch on the GA of Virtual Assistant Solution Accelerator before getting to the more interesting changes made to Microsoft Bot Framework. If you’re unfamiliar with this tool it provides a solution for creating and customizing virtual assistants. Microsoft is expanding the functionality of the Virtual Assistant Solution Accelerator. The tool now includes integrations for a calendar, to-do, and “who” queries. If you’re interested in the Accelerator, you can check it out on GitHub as an open source project....

Security defaults are not new on Azure Active Directory, which began rolling out in October 2019. At the time, they were only available for Azure AD customers creating a new tenant. They are now used by 30 million organizations around the world. In the coming months, Microsoft will roll out more security defaults on Azure Active Directory. This latest rollout will allow the defaults to reach more organizations and cover 60 million additional Azure AD accounts....

In June, Microsoft announced it is developing an improved built-in text finder for Chromium. This is a feature that makes it easier to search for defined text on a page. Microsoft believes it can improve the experience and has now released its version of the tool. Microsoft’s proposal showed the company wanted to bring more accuracy when selecting text when launching the finder. For example, if a user selects text on a page and launches the finder, the text will be automatically placed into the finder box....

In a blog post to announce the full launch, Microsoft says Windows Virtual Desktop is available across platforms. That means users on desktop (Windows, Mac) and mobile (iOS and Android) can use the tool. There is also a web version of the service available in browsers. Windows Virtual Desktop (WVD) allows users to create a virtualization of Windows 7, Windows 10, Office 365 ProPlus apps and third-party apps. With WVD, customers receive remote desktop sessions by running virtualizations in Azure virtual machines....

The company is accused of selling Word and Excel to middleman firms in the country at a discounted rate from 2013-14. The firms would then sell the software to government agencies at close to full price, with officials possibly pocketing the cash. As you would expect, bribes to overseas officials are taken seriously and have been illegal since 1977. Microsoft fired four employees in relation to the probe and terminated relationships with four partners....

Discussing privacy laws in the United States, Satya Nadella favors a national law. He is not alone and joins an almost universal calling from the tech industry for such a legislation. “We hope that there’s more of a national privacy law,” Nadella said in an interview Bloomberg News. Individual states have already started implementing their own privacy laws. For example, California introduced strict data protection laws in June. Nadella says the laws themselves are not an issue, but individual laws across the country would create more costs....

With the latest success of a record stock price, Microsoft CEO is receiving a pay rise as a reward. Nadella’s salary of $2.3 million but thanks to Microsoft’s stock success he has received $42.9 million in total compensation. Aside from the base salary, the rest of the compensation has come from stock awards. Satya Nadella has received a 66% raise compared to the $25.8 million total compensation he received during the previous fiscal year....

Specifically, the web browser preview is now available to users running Windows 7, Windows 8, and Windows 8.1. If you want to check out those previews, they are available from microsoftedgeinsider.com. The company is now a step closer to bringing Chromium Edge to “every major desktop platform”. All that’s left is Linux, with a preview expected to launch in the coming months. “Delivering the next version of Microsoft Edge to all supported versions of Windows is part of our goal to improve the web browsing experience for our customers on every device, and to empower developers to build great experiences with less fragmentation,” the company said....

Although eBPF integrations in Azure Kubernetes Service are still in internal although one seems to be more advanced. Specifically, that is Isovalent’s Cilium service within AKS. This solution allows “eBPF-powered networking, observability and security.” According to the two companies, Cilium works natively through Azure Container Networking Interface (CNI). Furthermore, the preview will arrive for customers to use early next year. Microsoft also points out that the Cilium Enterprise solution will also become a Kubernetes container app on the Azure Container Marketplace....

Discovered by security researchers at Sangfor, the issue escalated when the group accidentally sent out the proof-of-concept (PoC). Armed with the knowledge of how to exploit the flaw, threat actors could engage in remote execution code attacks to gain system-level privileges. Considering the potential, this is a critical flaw, although Microsoft has yet to officially rate the bug. Sangfor insists the leak of the PoC was an accident. It seems the company believed a patch already existed for the vulnerability....

In total, the company now has 42 Azure regions around the world. By expanding its cloud reach, Microsoft can continue to grow its network and services. Azure has been a driving force behind the company’s revenue growth in recent years. Microsoft says its two new Australian regions will go live during the first half of 2018. The company was quick to point out that both new regions will be certified to handle unclassified and protected government workloads....

Last week, a file association bug was discovered. While it affected both versions 1803 and 1809, it was the former that proved to be the problem. Microsoft confirmed a cumulative update for Windows 10 version 1803 was the root cause. The company says the problem stops users from changing default applications to new formats. As noted, the problem was caused by cumulative updates, specifically KB4464330 for version 1809, KB4462933 and KB4462919 for version 1803....

Microsoft says ACTS will provide governments with tools to combat corruption. One of the main problems with corruption is how hard it is to detect. Specifically, corruption in this case is when money provided for social welfare projects get taken and filtered from those projects. ACTS will help make tracking corruption easier for government by relying on Microsoft Cloud technology and artificial intelligence. With machine learning and data visualization, the project helps to protect investments....

Azure premium has been created to provide constant performance for IO-intensive workloads that need capability and low latency. Because data is stored on the latest SSD technology, they are perfect across a variety of scenarios. Microsoft says its standard file tier will remain intact and continue to offer affordable reliable performance for less intensive workloads. The company worked with hundreds of customers to develop the new Azure Files premium tier....

For this tool, Microsoft is not building a VPN from scratch. Instead, the Microsoft Edge Secure Network is powered by Cloudflare. According to Microsoft, all user data and diagnostic information will be removed and deleted every 24 hours. Other browsers – such as Opera and Firefox – already have a built-in VPN, so Edge will reach parity with those rivals. In a blog post discussing the tool, Microsoft points to the following features:...

Users heading to the VLC media page via Microsoft Bing were wanted the website was “suspicious” and were advised to avoid entering it. The warning claimed the site was hosting “malicious software”. Bing presented the warning as such: “Site might be dangerous. We suggest you choose another result. If you continue to this site, it could lead you to malicious software that can harm your device.” — VideoLAN (@videolan) November 27, 2018 It seems for whatever reasons; the Bing Site Safety Report feature was falsely triggered....

This is not a feature rich update by any means but does offer something interesting. Microsoft has introduced a Light Mode for the Windows 10 Photos app. Sure, Light Mode was available before, but was limited to the collections and albums sections. Now, the mode is available in the image viewer as well. Aside from that, Microsoft has performed the usual bug fixes and unnamed improvements. If you’re interested, the full release notes are below:...

Windows 10 version 1709 was also known as the Fall Creators Update and launched in October 2017. Microsoft says it decided to extend support beyond the scheduled end-of-life due to the COVID-19 (coronavirus) outbreak. The company has extended the support for Windows 10 Enterprise and Education customers and will provide security updates for the next six months. “To ease one of the many burdens you are currently facing, and based on customer feedback, we have decided to delay the scheduled end of service date for the Enterprise, Education, and IoT Enterprise editions of Windows 10, version 1709,” the company said in a blog post....