At a glance.
- Microsoft to require employees in China to use iPhones.
- OpenAI declined to disclose a previous breach.
- New ransomware-as-a-service offering surfaces.
Microsoft to require employees in China to use iPhones.
Bloomberg reports that Microsoft will require its employees in China to use iPhones for work instead of Androids, in order to ensure that all staff are using the Microsoft Authenticator password manager and Identity Pass app. The Google Play Store is unavailable in China, so Android users rely on a fragmented market of local platforms by Huawei, Xiaomi, and others. Microsoft will provide its workers in China with an iPhone 15 beginning in September. Bloomberg says the move is part of Microsoft’s global Secure Future Initiative.
If you're on the front line, we've got your back.
Mark your calendar for mWISE™, the unique cybersecurity conference from Mandiant, now part of Google Cloud. Built by practitioners for practitioners, it runs from September 18–19, 2024 in Denver, Colorado.
What makes mWISE different from other cybersecurity conferences? It’s a targeted event with hands-on learning for frontline practitioners. The intimate setting allows you to make one-on-one connections with leaders in the field. And best of all, it’s focused on learning without the sales pitches.
OpenAI declined to disclose a previous breach.
The New York Times reports that OpenAI sustained a breach last year that affected an internal employee discussion forum. The company did not disclose the breach externally because the threat actor didn't gain access to any sensitive data. The hacker in this case is believed to be a private individual, but the Times notes that the incident highlights the company's potential vulnerability to state-sponsored threat actors. TechCrunch points out that AI companies are "gatekeepers to a tremendous amount of very valuable data."
New ransomware-as-a-service offering surfaces.
Researchers at Group-IB describe a ransomware-as-a-service offering dubbed "Eldorado" that surfaced in March 2024. The malware is written in Golang, and targets both Windows and Linux systems. The researchers explain, "There are Eldorado versions for Windows (32bit and 64bit) and Linux (32bit and 64bit). The choice of using the Go programming language could be due to its cross-platform capabilities. Go programs’ ability to cross-compile code into native, self-contained binaries could be a reason why malware authors favored developing in Golang."
BleepingComputer says Eldorado "has already claimed 16 victims, most of them in the U.S., in real estate, educational, healthcare, and manufacturing sectors."