* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Wednesday, September 3, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    TS Entertainment bringing Malibu Jack’s to former Owensboro mall – Lane Report

    TS Entertainment Launches Malibu Jack’s at Former Owensboro Mall Location

    Jenny Han Dropped a Major ‘The Summer I Turned Pretty’ Easter Egg Revealing [SPOILER] – yahoo.com

    Jenny Han Just Unveiled a Huge ‘The Summer I Turned Pretty’ Easter Egg That Changes Everything [SPOILER]

    Liam Payne’s Cousin Ross Harris Honors Late Singer With Emotional Song ‘Bones’ – yahoo.com

    Liam Payne’s Cousin Ross Harris Honors Late Singer with Emotional New Song ‘Bones

    Country music star apologizes after drunken show ends with cops taking him down: ‘I’m not OK’ – PennLive.com

    Country Music Star Apologizes After Drunken Show Ends in Police Intervention: ‘I’m Not OK

    Comanche Nation Entertainment closes casino near Devol – KSWO 7News

    Comanche Nation Entertainment Closes Casino Near Devol in Surprising Move

    Erykah Badu Announces ‘Abi & Alan’ Album With The Alchemist Will Be Delayed – yahoo.com

    Erykah Badu Opens Up About the Delay of Her Highly Anticipated ‘Abi & Alan’ Album with The Alchemist

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Blockchain lender Figure Technology seeks to raise up to $526M in IPO (FIGR:Pending) – Seeking Alpha

    Blockchain Lender Figure Technology Sets Sights on $526M in Thrilling IPO Launch

    New Technology from Ramsey Theory Group Brings Diagnostic Testing and Telehealth Directly into Patients’ Homes – Yahoo Finance

    Revolutionary Ramsey Theory Technology Delivers Diagnostic Testing and Telehealth Right to Your Doorstep

    China’s CATL sells stake in Finnish subcontract car manufacturer – Reuters

    China’s CATL Sells Stake in Finnish Auto Supplier in Strategic Move

    This Secret Technology Will Make The IPhone 17 Super Thin Air – VOI.ID

    How This Breakthrough Technology Will Make the iPhone 17 Incredibly Thin and Lightweight

    Gator football kicks off with excitement and new technology – WCJB | TV20

    Gator Football Kicks Off with Thrilling Action and Innovative Technology

    Marvell Technology (MRVL) Loses 18.6% as Growth Outlook Fails to Impress – Yahoo Finance

    Marvell Technology (MRVL) Loses 18.6% as Growth Outlook Fails to Impress – Yahoo Finance

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    TS Entertainment bringing Malibu Jack’s to former Owensboro mall – Lane Report

    TS Entertainment Launches Malibu Jack’s at Former Owensboro Mall Location

    Jenny Han Dropped a Major ‘The Summer I Turned Pretty’ Easter Egg Revealing [SPOILER] – yahoo.com

    Jenny Han Just Unveiled a Huge ‘The Summer I Turned Pretty’ Easter Egg That Changes Everything [SPOILER]

    Liam Payne’s Cousin Ross Harris Honors Late Singer With Emotional Song ‘Bones’ – yahoo.com

    Liam Payne’s Cousin Ross Harris Honors Late Singer with Emotional New Song ‘Bones

    Country music star apologizes after drunken show ends with cops taking him down: ‘I’m not OK’ – PennLive.com

    Country Music Star Apologizes After Drunken Show Ends in Police Intervention: ‘I’m Not OK

    Comanche Nation Entertainment closes casino near Devol – KSWO 7News

    Comanche Nation Entertainment Closes Casino Near Devol in Surprising Move

    Erykah Badu Announces ‘Abi & Alan’ Album With The Alchemist Will Be Delayed – yahoo.com

    Erykah Badu Opens Up About the Delay of Her Highly Anticipated ‘Abi & Alan’ Album with The Alchemist

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Blockchain lender Figure Technology seeks to raise up to $526M in IPO (FIGR:Pending) – Seeking Alpha

    Blockchain Lender Figure Technology Sets Sights on $526M in Thrilling IPO Launch

    New Technology from Ramsey Theory Group Brings Diagnostic Testing and Telehealth Directly into Patients’ Homes – Yahoo Finance

    Revolutionary Ramsey Theory Technology Delivers Diagnostic Testing and Telehealth Right to Your Doorstep

    China’s CATL sells stake in Finnish subcontract car manufacturer – Reuters

    China’s CATL Sells Stake in Finnish Auto Supplier in Strategic Move

    This Secret Technology Will Make The IPhone 17 Super Thin Air – VOI.ID

    How This Breakthrough Technology Will Make the iPhone 17 Incredibly Thin and Lightweight

    Gator football kicks off with excitement and new technology – WCJB | TV20

    Gator Football Kicks Off with Thrilling Action and Innovative Technology

    Marvell Technology (MRVL) Loses 18.6% as Growth Outlook Fails to Impress – Yahoo Finance

    Marvell Technology (MRVL) Loses 18.6% as Growth Outlook Fails to Impress – Yahoo Finance

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Microsoft attacked over ‘grossly irresponsible’ security practice

August 4, 2023
in Technology
Microsoft attacked over ‘grossly irresponsible’ security practice
Share on FacebookShare on Twitter

The CEO of Tenable has launched a scathing attack on Microsoft, asserting that the organisation is deliberately keeping its Azure cloud customers in the dark about dangerous vulnerabilities and accusing it of a culture of ‘toxic obfuscation’

Alex Scroxton

By

Alex Scroxton,
Security Editor

Published: 03 Aug 2023 11:58

Tenable’s CEO and former national cyber security director to the George W Bush administration, Amit Yoran, has hit out at Microsoft and accused the software giant of deliberately putting its customers’ security at risk by keeping them in the dark over the risks and vulnerabilities they face.

Yoran launched his attack after Tenable revealed the existence of a zero-day vulnerability in Microsoft Azure that, left unpatched, would enable limited, unauthorised access to cross-tenant applications and sensitive details – including, though not limited to, authentication secrets. He said Tenable customers – including an unnamed retail bank – are at this moment vulnerable to it.

He said Tenable had taken this issue to Microsoft at the end of March, but it had taken over three months for Redmond to issue a fix that turned out to be incomplete, and it would take until the end of September for the revised patch to be issued.

“Did Microsoft quickly fix the issue that could effectively lead to the breach of multiple customers’ networks and services? Of course not. They took more than 90 days to implement a partial fix – and only for new applications loaded in the service,” said Yoran.

“That means that as of today, the bank … is still vulnerable, more than 120 days since we reported the issue, as are all of the other organisations that had launched the service prior to the fix. And, to the best of our knowledge, they still have no idea they are at risk and therefore can’t make an informed decision about compensating controls and other risk mitigating actions.

“Microsoft claims that they will fix the issue by the end of September, four months after we notified them. That’s grossly irresponsible, if not blatantly negligent. We know about the issue, Microsoft knows about the issue, and hopefully threat actors don’t,” he said.

Yoran said the so-called shared responsibility model of cyber security espoused by public cloud providers, including Microsoft, was irretrievably broken if a provider fails to notify users of issues as they arise and apply fixes openly.

He argued that Microsoft was quick to ask for its users’ trust and confidence, but in return they get “very little transparency and a culture of toxic obfuscation”.

“How can a CISO, board of directors or executive team believe that Microsoft will do the right thing given the fact patterns and current behaviours? Microsoft’s track record puts us all at risk. And it’s even worse than we thought,” said Yoran.

“Microsoft’s lack of transparency applies to breaches, irresponsible security practices and to vulnerabilities, all of which expose their customers to risks they are deliberately kept in the dark about,” he added.

A Microsoft spokesperson said: “We appreciate the collaboration with the security community to responsibly disclose product issues. We follow an extensive process involving a thorough investigation, update development for all versions of affected products, and compatibility testing among other operating systems and applications.

“Microsoft’s lack of transparency applies to breaches, irresponsible security practices and to vulnerabilities, all of which expose their customers to risks they are deliberately kept in the dark about”

Amit Yoran, Tenable

“Ultimately, developing a security update is a delicate balance between timeliness and quality, while ensuring maximised customer protection with minimised customer disruption,” they said.

Computer Weekly understands that the initial fix issued by Microsoft did mitigate the impact of the vulnerability for the vast majority of Azure users, and that the issue has since been fully addressed for all customers who should need to take no further action.

Questions to be answered

Yoran’s diatribe comes as Microsoft faces pressure in the US over its 13 July disclosure that an advanced persistent threat (APT) actor, tracked as Storm-0558 and backed by the Chinese government, had hacked into email accounts at multiple US government agencies using forged authentication tokens via an acquired Microsoft account consumer signing key.

Among those understood to have had their email accounts compromised were Gina Raimondo, the US secretary of commerce, and Nicholas Burns, the US ambassador to China.

At the time, Microsoft took the unusual step of issuing something of a mea culpa, as executive vice-president of security Charlie Bell put it, “the accountability starts right here at Microsoft”.

The attack has understandably not gone over well in Washington DC, and later in July, a group of cross-party US senators, including Tim Kaine, who was Hilary Clinton’s running mate in the hacking-affected 2016 presidential election, wrote to US state department CIO Kelly Fletcher to demand more information on the circumstances surrounding it and establish what actually happened.

Separately, Oregon senator Ron Wyden has written to attorney general Merrick Garland, Federal Trade Commission (FTC) chair Lina Khan, and CISA director Jen Easterly to request the government “take action to hold Microsoft responsible for its negligent security practices, which enabled a successful Chinese espionage campaign against the United States government”.

Read more on Security policy and user awareness


Infosec experts divided on SEC four-day reporting rule

ArielleWaldman

By: Arielle Waldman


Tenable shifts focus, launches exposure management platform

ArielleWaldman

By: Arielle Waldman


Google patches yet another Chrome zero-day vulnerability

ShaunNichols

By: Shaun Nichols


4 critical flaws among 84 fixes in July Patch Tuesday

ShaunNichols

By: Shaun Nichols

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : Computer Weekly – https://www.computerweekly.com/news/366546833/Microsoft-attacked-over-grossly-irresponsible-security-practice

Tags: attackedMicrosofttechnology
Previous Post

Brave’s privacy-focused search engine can now find images and videos

Next Post

UK government recruits panel to focus on semiconductors

World Bank urges fresh push on economic threat of pollution – Reuters

World Bank Urges Immediate Action to Tackle the Economic Toll of Pollution

September 3, 2025
Canada’s Economy Slows, But Stops Short Of Recession – Finimize

Canada’s Economy Slows, But Stops Short Of Recession – Finimize

September 3, 2025
TS Entertainment bringing Malibu Jack’s to former Owensboro mall – Lane Report

TS Entertainment Launches Malibu Jack’s at Former Owensboro Mall Location

September 3, 2025
How Trump health conspiracy theories went wild on social media – CNN

The Wild Spread of Trump Health Conspiracy Theories on Social Media

September 3, 2025
Inside the Democratic plan to recapture the House majority in 2026 – The Washington Post

Democrats’ Bold Strategy to Win Back the House Majority in 2026

September 3, 2025
Grassland ecological compensation accounting based on the flow of emergy ecological products: a case from the Qinghai Tibet region, China – Nature

Innovative Grassland Ecological Compensation Accounting Using Emergy Flow: Insights from the Qinghai-Tibet Region

September 3, 2025
Climate scientists file a public, point-by-point rebuttal of Trump admin report casting doubt on climate change – CNN

Climate Scientists Deliver a Detailed Public Rebuttal to Trump Administration’s Climate Change Doubts

September 3, 2025
Earth’s Seasons Are Out of Sync, Scientists Discover From Space – ScienceAlert

Scientists Reveal Earth’s Seasons Are Falling Out of Sync Through Space Observations

September 3, 2025
Fasting glucose improvement following a short-term, culturally adapted lifestyle intervention in Latino adults at risk for type 2 diabetes mellitus: a quasi-experimental study – BMC Nutrition

Short-Term Culturally Tailored Lifestyle Intervention Boosts Fasting Glucose in Latino Adults at Risk for Type 2 Diabetes

September 3, 2025
Blockchain lender Figure Technology seeks to raise up to $526M in IPO (FIGR:Pending) – Seeking Alpha

Blockchain Lender Figure Technology Sets Sights on $526M in Thrilling IPO Launch

September 3, 2025

Categories

Archives

September 2025
MTWTFSS
1234567
891011121314
15161718192021
22232425262728
2930 
« Aug    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (804)
  • Economy (823)
  • Entertainment (21,703)
  • General (16,831)
  • Health (9,864)
  • Lifestyle (837)
  • News (22,149)
  • People (824)
  • Politics (831)
  • Science (16,033)
  • Sports (21,321)
  • Technology (15,803)
  • World (804)

Recent News

World Bank urges fresh push on economic threat of pollution – Reuters

World Bank Urges Immediate Action to Tackle the Economic Toll of Pollution

September 3, 2025
Canada’s Economy Slows, But Stops Short Of Recession – Finimize

Canada’s Economy Slows, But Stops Short Of Recession – Finimize

September 3, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version