* . *
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Saturday, July 19, 2025
Earth-News
  • Home
  • Business
  • Entertainment
    Inspired Entertainment, Inc.’s (NASDAQ:INSE) Price Is Right But Growth Is Lacking After Shares Rocket 29% – simplywall.st

    Inspired Entertainment Soars 29% but Growth Momentum Falls Short

    Kroger shares summer entertainment tips – Supermarket Perimeter

    Ultimate Summer Entertainment Tips to Make Your Season Unforgettable

    Theater at Santa Fe’s San Isidro Plaza will be converted into IMAX, family entertainment venue – Santa Fe New Mexican

    Santa Fe’s San Isidro Plaza Theater Transforms into Exciting IMAX Family Entertainment Venue

    B&B Theatres will open massive entertainment complex in Texas – The Business Journals

    B&B Theatres will open massive entertainment complex in Texas – The Business Journals

    Rough times for broadcast networks illustrate changing media landscape – New Haven Register

    Broadcast Networks Confront Turbulent Times in a Rapidly Changing Media Landscape

    Black River Entertainment Adds Traci Hite As Director Of Promotion, Southeast – MusicRow.com

    Black River Entertainment Welcomes Traci Hite as New Director of Southeast Promotion

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Polypurine Hairpin Technology is Safe, Effective at Inhibiting PCSK9 to Regulate Cholesterol – Pharmacy Times

    Polypurine Hairpin Technology: A Safe and Powerful Breakthrough for Controlling Cholesterol by Targeting PCSK9

    A major AI training data set contains millions of examples of personal data – MIT Technology Review

    A major AI training data set contains millions of examples of personal data – MIT Technology Review

    Simpson College to purchase medical simulation technology with grant funds – Iowa Capital Dispatch

    Simpson College to purchase medical simulation technology with grant funds – Iowa Capital Dispatch

    SailGP Technologies officially launches new center of excellence in technology & innovation – Sail-World.com

    SailGP Technologies officially launches new center of excellence in technology & innovation – Sail-World.com

    Victorville’s new gunfire-detecting technology already making strides, city says – NBC Los Angeles

    Victorville’s New Gunfire-Detecting Technology Is Already Making a Difference, City Officials Say

    Guest columnist: China cutting corners on technology – The State Journal

    China’s Rapid Tech Advances Spark Worries About Cutting Corners

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
  • Home
  • Business
  • Entertainment
    Inspired Entertainment, Inc.’s (NASDAQ:INSE) Price Is Right But Growth Is Lacking After Shares Rocket 29% – simplywall.st

    Inspired Entertainment Soars 29% but Growth Momentum Falls Short

    Kroger shares summer entertainment tips – Supermarket Perimeter

    Ultimate Summer Entertainment Tips to Make Your Season Unforgettable

    Theater at Santa Fe’s San Isidro Plaza will be converted into IMAX, family entertainment venue – Santa Fe New Mexican

    Santa Fe’s San Isidro Plaza Theater Transforms into Exciting IMAX Family Entertainment Venue

    B&B Theatres will open massive entertainment complex in Texas – The Business Journals

    B&B Theatres will open massive entertainment complex in Texas – The Business Journals

    Rough times for broadcast networks illustrate changing media landscape – New Haven Register

    Broadcast Networks Confront Turbulent Times in a Rapidly Changing Media Landscape

    Black River Entertainment Adds Traci Hite As Director Of Promotion, Southeast – MusicRow.com

    Black River Entertainment Welcomes Traci Hite as New Director of Southeast Promotion

  • General
  • Health
  • News

    Cracking the Code: Why China’s Economic Challenges Aren’t Shaking Markets, Unlike America’s” – Bloomberg

    Trump’s Narrow Window to Spread the Truth About Harris

    Trump’s Narrow Window to Spread the Truth About Harris

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    Israel-Gaza war live updates: Hamas leader Ismail Haniyeh assassinated in Iran, group says

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    PAP Boss to Niger Delta Youths, Stay Away from the Protest

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Court Restricts Protests In Lagos To Freedom, Peace Park

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Fans React to Jazz Jennings’ Inspiring Weight Loss Journey

    Trending Tags

    • Trump Inauguration
    • United Stated
    • White House
    • Market Stories
    • Election Results
  • Science
  • Sports
  • Technology
    Polypurine Hairpin Technology is Safe, Effective at Inhibiting PCSK9 to Regulate Cholesterol – Pharmacy Times

    Polypurine Hairpin Technology: A Safe and Powerful Breakthrough for Controlling Cholesterol by Targeting PCSK9

    A major AI training data set contains millions of examples of personal data – MIT Technology Review

    A major AI training data set contains millions of examples of personal data – MIT Technology Review

    Simpson College to purchase medical simulation technology with grant funds – Iowa Capital Dispatch

    Simpson College to purchase medical simulation technology with grant funds – Iowa Capital Dispatch

    SailGP Technologies officially launches new center of excellence in technology & innovation – Sail-World.com

    SailGP Technologies officially launches new center of excellence in technology & innovation – Sail-World.com

    Victorville’s new gunfire-detecting technology already making strides, city says – NBC Los Angeles

    Victorville’s New Gunfire-Detecting Technology Is Already Making a Difference, City Officials Say

    Guest columnist: China cutting corners on technology – The State Journal

    China’s Rapid Tech Advances Spark Worries About Cutting Corners

    Trending Tags

    • Nintendo Switch
    • CES 2017
    • Playstation 4 Pro
    • Mark Zuckerberg
No Result
View All Result
Earth-News
No Result
View All Result
Home Technology

Microsoft attacked over ‘grossly irresponsible’ security practice

August 4, 2023
in Technology
Microsoft attacked over ‘grossly irresponsible’ security practice
Share on FacebookShare on Twitter

The CEO of Tenable has launched a scathing attack on Microsoft, asserting that the organisation is deliberately keeping its Azure cloud customers in the dark about dangerous vulnerabilities and accusing it of a culture of ‘toxic obfuscation’

Alex Scroxton

By

Alex Scroxton,
Security Editor

Published: 03 Aug 2023 11:58

Tenable’s CEO and former national cyber security director to the George W Bush administration, Amit Yoran, has hit out at Microsoft and accused the software giant of deliberately putting its customers’ security at risk by keeping them in the dark over the risks and vulnerabilities they face.

Yoran launched his attack after Tenable revealed the existence of a zero-day vulnerability in Microsoft Azure that, left unpatched, would enable limited, unauthorised access to cross-tenant applications and sensitive details – including, though not limited to, authentication secrets. He said Tenable customers – including an unnamed retail bank – are at this moment vulnerable to it.

He said Tenable had taken this issue to Microsoft at the end of March, but it had taken over three months for Redmond to issue a fix that turned out to be incomplete, and it would take until the end of September for the revised patch to be issued.

“Did Microsoft quickly fix the issue that could effectively lead to the breach of multiple customers’ networks and services? Of course not. They took more than 90 days to implement a partial fix – and only for new applications loaded in the service,” said Yoran.

“That means that as of today, the bank … is still vulnerable, more than 120 days since we reported the issue, as are all of the other organisations that had launched the service prior to the fix. And, to the best of our knowledge, they still have no idea they are at risk and therefore can’t make an informed decision about compensating controls and other risk mitigating actions.

“Microsoft claims that they will fix the issue by the end of September, four months after we notified them. That’s grossly irresponsible, if not blatantly negligent. We know about the issue, Microsoft knows about the issue, and hopefully threat actors don’t,” he said.

Yoran said the so-called shared responsibility model of cyber security espoused by public cloud providers, including Microsoft, was irretrievably broken if a provider fails to notify users of issues as they arise and apply fixes openly.

He argued that Microsoft was quick to ask for its users’ trust and confidence, but in return they get “very little transparency and a culture of toxic obfuscation”.

“How can a CISO, board of directors or executive team believe that Microsoft will do the right thing given the fact patterns and current behaviours? Microsoft’s track record puts us all at risk. And it’s even worse than we thought,” said Yoran.

“Microsoft’s lack of transparency applies to breaches, irresponsible security practices and to vulnerabilities, all of which expose their customers to risks they are deliberately kept in the dark about,” he added.

A Microsoft spokesperson said: “We appreciate the collaboration with the security community to responsibly disclose product issues. We follow an extensive process involving a thorough investigation, update development for all versions of affected products, and compatibility testing among other operating systems and applications.

“Microsoft’s lack of transparency applies to breaches, irresponsible security practices and to vulnerabilities, all of which expose their customers to risks they are deliberately kept in the dark about”

Amit Yoran, Tenable

“Ultimately, developing a security update is a delicate balance between timeliness and quality, while ensuring maximised customer protection with minimised customer disruption,” they said.

Computer Weekly understands that the initial fix issued by Microsoft did mitigate the impact of the vulnerability for the vast majority of Azure users, and that the issue has since been fully addressed for all customers who should need to take no further action.

Questions to be answered

Yoran’s diatribe comes as Microsoft faces pressure in the US over its 13 July disclosure that an advanced persistent threat (APT) actor, tracked as Storm-0558 and backed by the Chinese government, had hacked into email accounts at multiple US government agencies using forged authentication tokens via an acquired Microsoft account consumer signing key.

Among those understood to have had their email accounts compromised were Gina Raimondo, the US secretary of commerce, and Nicholas Burns, the US ambassador to China.

At the time, Microsoft took the unusual step of issuing something of a mea culpa, as executive vice-president of security Charlie Bell put it, “the accountability starts right here at Microsoft”.

The attack has understandably not gone over well in Washington DC, and later in July, a group of cross-party US senators, including Tim Kaine, who was Hilary Clinton’s running mate in the hacking-affected 2016 presidential election, wrote to US state department CIO Kelly Fletcher to demand more information on the circumstances surrounding it and establish what actually happened.

Separately, Oregon senator Ron Wyden has written to attorney general Merrick Garland, Federal Trade Commission (FTC) chair Lina Khan, and CISA director Jen Easterly to request the government “take action to hold Microsoft responsible for its negligent security practices, which enabled a successful Chinese espionage campaign against the United States government”.

Read more on Security policy and user awareness


Infosec experts divided on SEC four-day reporting rule

ArielleWaldman

By: Arielle Waldman


Tenable shifts focus, launches exposure management platform

ArielleWaldman

By: Arielle Waldman


Google patches yet another Chrome zero-day vulnerability

ShaunNichols

By: Shaun Nichols


4 critical flaws among 84 fixes in July Patch Tuesday

ShaunNichols

By: Shaun Nichols

>>> Read full article>>>
Copyright for syndicated content belongs to the linked Source : Computer Weekly – https://www.computerweekly.com/news/366546833/Microsoft-attacked-over-grossly-irresponsible-security-practice

Tags: attackedMicrosofttechnology
Previous Post

Brave’s privacy-focused search engine can now find images and videos

Next Post

UK government recruits panel to focus on semiconductors

Inspired Entertainment, Inc.’s (NASDAQ:INSE) Price Is Right But Growth Is Lacking After Shares Rocket 29% – simplywall.st

Inspired Entertainment Soars 29% but Growth Momentum Falls Short

July 19, 2025
US rejects WHO pandemic changes to global health rules – Reuters

US rejects WHO pandemic changes to global health rules – Reuters

July 19, 2025
DOJ moves to release grand jury testimony in Epstein case – CNN

DOJ Moves to Reveal Shocking Grand Jury Testimony in Epstein Case

July 19, 2025
Polypurine Hairpin Technology is Safe, Effective at Inhibiting PCSK9 to Regulate Cholesterol – Pharmacy Times

Polypurine Hairpin Technology: A Safe and Powerful Breakthrough for Controlling Cholesterol by Targeting PCSK9

July 19, 2025
Kirstie Yu ’19 goes to bat at NBC Sports – NYU School of Law

Kirstie Yu ’19 Takes Center Stage at NBC Sports

July 19, 2025
New online rangeland ecology course available – texasfarmbureau.org

Unlock the Secrets of Rangeland Ecology with Our Exciting New Online Course – Enroll Now!

July 19, 2025
Competitive research experiences give chemistry major advanced look into materials science field – lockhaven.com

Competitive research experiences give chemistry major advanced look into materials science field – lockhaven.com

July 19, 2025
Do Dogs Judge Human Character? Science Says Maybe Not – Study Finds

Do Dogs Judge Human Character? Science Says Maybe Not – Study Finds

July 19, 2025
People who still look young into their 60s and beyond usually have these 6 evening habits – VegOut

6 Evening Habits That Help You Stay Youthful and Radiant Well Into Your 60s and Beyond

July 19, 2025
FIDE World U9-U17 Rapid and Blitz Championships 2025: Registration now open – International Chess Federation – FIDE

Don’t Miss Out: Register Now for the Thrilling FIDE World U9-U17 Rapid and Blitz Championships 2025!

July 19, 2025

Categories

Archives

July 2025
MTWTFSS
 123456
78910111213
14151617181920
21222324252627
28293031 
« Jun    
Earth-News.info

The Earth News is an independent English-language daily published Website from all around the World News

Browse by Category

  • Business (20,132)
  • Ecology (728)
  • Economy (751)
  • Entertainment (21,637)
  • General (15,984)
  • Health (9,790)
  • Lifestyle (759)
  • News (22,149)
  • People (753)
  • Politics (761)
  • Science (15,968)
  • Sports (21,249)
  • Technology (15,734)
  • World (735)

Recent News

Inspired Entertainment, Inc.’s (NASDAQ:INSE) Price Is Right But Growth Is Lacking After Shares Rocket 29% – simplywall.st

Inspired Entertainment Soars 29% but Growth Momentum Falls Short

July 19, 2025
US rejects WHO pandemic changes to global health rules – Reuters

US rejects WHO pandemic changes to global health rules – Reuters

July 19, 2025
  • About
  • Advertise
  • Privacy & Policy
  • Contact

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

No Result
View All Result

© 2023 earth-news.info

Go to mobile version