Microsoft Starts Using AI for Enterprise Security

At Ignite 2018, Microsoft's annual IT summit, the company announced a slew of products and services focused on security, AI, and machine learning https://news.microsoft.com/2018/09/24/microsoft-fortifies-security-and-brings-ai-to-the-masses-at-ignite-2018/.

"In this era of the intelligent cloud and intelligent edge, businesses in every industry are looking for a trusted partner to help them transform," said Satya Nadella, CEO of Microsoft. "We are pushing the bounds in AI, edge computing, and IoT, while providing end-to-end security to empower every organization to build its own digital capability and thrive in this new era."

One of the major announcements was the Microsoft Secure Score, which assesses Microsoft 365 customer environments and makes recommendations to reduce breaches. When Microsoft Secure Score is combined with Microsoft Authenticator, enterprise customers get the capability to offer secure sign-on to workers with features like password-free login.

Another security-focused service announced at the event is Microsoft Threat Protection, a tool for the Microsoft 365 environment that brings together advanced threat protection and auto-remediation across email, PCs, identities, and infrastructure.

According to Microsoft, the service uses AI and human research to speed up investigations to eliminate threats faster, saving thousands of hours for overstretched security teams.

The company also announced a public preview of Azure confidential computing, which turns Azure into a secure platform for protecting the confidentiality and integrity of data in use.

New Zero-Day Vulnerability Affects All Windows Systems

Lucas Leong from the Trend Micro Security Research team has discovered a zero-day flaw https://www.zerodayinitiative.com/advisories/ZDI-18-1075/ in Microsoft Windows that allows "remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows."

The vulnerability exists in all supported Windows versions, including Windows 10, Windows 8.1, Windows 7, and Windows Server Edition 2008 to 2016.

According to a blog post by Leong, "The specific flaw exists within the management of indexes in the Jet database engine. Crafted data in a database file can trigger a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code under the context of the current process."

The good news is that user interaction is required to exploit this vulnerability, which means a user has to visit a malicious page or open a malicious file that contains Jet database information.

Leong went public with his finding after Microsoft failed to fix it within the grace period of 120 days.

British Airways Breach Affects 380,000 Customers

British Airways reports a data breach that compromised around 380,000 customers. The compromised information includes everything – personal information, financial information (including credit card number and CVV code). However, no travel or passport data was stolen.

According to British Airways, the breach was open for two weeks – between August 21, 2018 and September 5, 2018. The good news is that only those customers who made the booking during this period were affected.

An FAQ published by the airlines warns customers of phishing attacks, "Customers should also be aware that fraudsters may be claiming to be British Airways and attempt to gather personal information by deception (known as 'phishing'). We will not be contacting any customers asking for payment card details, and any such requests should be reported to the police and relevant authorities."

British Airways CEO Alex Cruz told the BBC that the company would compensate those customers who may have been financially affected by the breach.

Source: https://www.britishairways.com/en-us/information/incident/data-theft/latest-information