By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Microsoft’s contracts with European Union institutions do not fully protect data in line with EU law, the European Data Protection Supervisor (EDPS) said in initial findings published on Monday. The EDPS, the EU’s data watchdog, opened an investigation in April to assess whether contracts between Microsoft and EU institutions such as the European Commission fully complied with the bloc’s data protection rules. “Though the investigation is still ongoing, preliminary results reveal serious concerns over the compliance of the relevant contractual terms with data protection rules and the role of Microsoft as a processor for EU institutions using its products and services,” the EDPS says in a statement. The EU introduced new rules on data protection in 2018, known as GDPR, applicable to all companies operating in the bloc and designed to give individuals more control over their personal data and to create a more level playing field for businesses. “We are committed to helping our customers comply with GDPR, Regulation 2018/1725 and other applicable laws,” a Microsoft spokesman said. “We are in discussions with our customers in the EU institutions and will soon announce contractual changes that will address concerns such as those raised by the EDPS.” The EDPS has worked with the Dutch ministry of justice, which carried out risk assessments last June and found that public authorities in member states face similar issues. The two have since set up a forum designed to set up fair rules for public administrations. For more on this and to keep up with changes and violations on GDPR visit OUR FORUM.

Installing the KB4520062 cumulative update for Windows 10 – released on October 15 – could break the Windows Defender Advanced Threat Protection (ATP) service. That’s the warning provided in Microsoft’s release notes, stating that certain customers should not install this update. “After installing this update, the Microsoft Defender Advanced Threat Protection (ATP) service might stop running and might fail to send reporting data,” the warning reads. “You might also receive a 0xc0000409 error in Event Viewer in MsSense.exe.” Before going on a red alert, this issue pertains to Microsoft’s enterprise-based customers. Microsoft Defender Advanced Threat Protection is a paid service for detecting, investigating, and responding to “advanced threats.” It’s built into Windows 10 but unrelated to the Windows Security platform found in Windows 10 Home and Pro. Microsoft notes that it’s currently “working on a resolution” but doesn’t expect an official fix until the middle of November. That means businesses and corporations should not install this update until then. If the update is already installed, issues with the Microsoft Defender Advanced Threat Protection platform may already be in effect. Uninstall the update and wait for a fix.

Two reports published in the last few months show that malware operators are experimenting with using WAV audio files to hide malicious code. The technique is known as steganography -- the art of hiding information in plain sight, in another data medium. In the software field, steganography -- also referred to as stego -- is used to describe the process of hiding files or text in another file, of a different format. For example, hiding plain text inside an image's binary format. Using steganography has been popular with malware operators for more than a decade. Malware authors don't use steganography to breach or infect systems, but rather as a transfer method. Steganography allows files hiding malicious code to bypass security software that whitelists non-executable file formats (such as multimedia files). All previous instances where malware used steganography revolved around using image file formats, such as PNG or JEPG. The novelty in the two recently-published reports is the use of WAV audio files, not seen abused in malware operations until this year. The first of these two new malware campaigns abusing WAV files was reported back in June. Symantec security researchers said they spotted a Russian cyber-espionage group known as Waterbug (or Turla) using WAV files to hide and transfer malicious code from their server to already-infected victims. The second malware campaign was spotted this month by BlackBerry Cylance. In a report published today and shared with ZDNet last week, Cylance said it saw something similar to what Symantec saw a few months before. But while the Symantec report described a nation-state cyber-espionage operation, Cylance said they saw the WAV steganography technique being abused in a run-of-the-mill crypto-mining malware operation. Further details are posted on OUR FORUM.

  

Latest Articles