Back-to-School season is an opportunity for learners of all ages to expand their knowledge and get discounted access to valuable tools they can put to work every day. Until August 13 at 11:59 p.m. PST, you can get a lifetime license for Microsoft Office for Windows and a free business course from a renowned instructor. 

The tools you use to work and learn may not always be budget-friendly, even if they’re essential to your ongoing productivity. For those who rely on Microsoft Word, Excel, PowerPoint, or any other apps in the Office Suite, subscription fees can feel like the constant cost of basic computer operations. 

This Back-to-School season, focus on your learning without focusing on a recurring cost. Get a Microsoft Office Pro 2021 Windows Lifetime License for $39.97, and enjoy a free business course with your purchase. You’ll have to act quickly since this price drop only lasts until August 13 at 11:59 p.m. PST.

Get Microsoft Office for life with no recurring costs 

Dedicate yourself to learning without a monthly subscription fee like what you’d be paying to get Microsoft 365. This lifetime license for MS Office Pro 2021, which boasts a 4.2-star rating from PCMag, allows you to install Microsoft Word, Excel, PowerPoint, Outlook, Teams (free version), OneNote, Publisher, Access, and Skype for Business on one Windows computer or PC for life. 

Make sure your computer meets the minimum requirements to download. You must have at least 4GB disk space and be running Windows 10 or 11. If you need to upgrade your operating system, low-cost Windows 11 Pro keys are available. 

This bundle also comes with a course taught by Chris Haroun, a well-known venture capitalist and instructor of business and finance-related courses. While this course will not replace the information you would get from a formal MBA, it does make some of the same content more accessible by showing you how to launch a new business, craft presentations, and pitch ideas. 

Learn more about investing, presenting, and more

Make the most out of a season of learning, and invest in lifelong access to tools that could expand your horizons.

Until August 13 at 11:59 p.m. PST, get a Microsoft Office Pro 2021 for Windows Lifetime License and a Free Entire MBA in 1 Course for just $39.97. No coupon needed. 

Prices subject to change.

Microsoft announced enhancements to the “cameo” functionality in Microsoft PowerPoint for both Windows and Mac platforms.

A cameo in this context refers to a small video feed, often from a camera, that can be embedded into PowerPoint slides. This feature is particularly useful for presentations where you want to include live video content within your slides. Microsoft 365 subscribers can access cameo on the desktop app for Windows and macOS.

Here are the introduced enhancements:

1. Camera Preview and Source Control: Users can now turn the camera preview on or off and change the camera source while in Slide Show View or Presenter View mode. This allows for greater control over when and how the cameo appears in your presentation.
2. Improved Design and Consistency: Fresh cameo designs have been added to align with the overall theme of your PowerPoint presentation. With a single click, you can now easily insert these cameo designs into all your slides, creating a cohesive look throughout the presentation.
3. Personalized Cameo Styles: Users can insert a cameo on a single slide, customize its format, and then apply the same format to all slides with a single click. This ensures that the cameo maintains a consistent style across all slides.

You can learn more about how to apply this in your presentation here.

If you are utilizing these additional features, it has been reported that the camera may not appear when using the cameo. This could be because another application is using the camera. In this case, you may need to select a different camera or disable the camera for the other application.

These enhancements are available to Beta Channel users running specific versions:

• Windows: Version 2307 (Build 16731.10000) or later
• Mac: Version 16.76 (Build 23081101) or later

These updates aim to give users greater flexibility and control when integrating live camera feeds into their PowerPoint presentations. It’s a great way to make presentations more engaging and dynamic by incorporating real-time video content directly into your slides.

Microsoft has signed a 15-year deal to license Call of Duty and other Activision Blizzard games to Ubisoft in its latest bid to win antitrust approval for its $68.7 billion acquisition.

“In January 2022, Microsoft announced the proposed acquisition of Activision Blizzard to advance our goal to bring more creative and innovative games to players everywhere and on any device, said Brad Smith, president of Microsoft, in announcing the deal. “Today, we are taking another important step regarding this transaction. To address the concerns about the impact of the proposed acquisition on cloud game streaming raised by the UK Competition and Markets Authority, we are restructuring the transaction to acquire a narrower set of rights.”

Activision Blizzard CEO Bobby Kotick also praised the agreement and said the integration plan is proceeding.

The United Kingdom is the last country where antitrust clearance is needed for the deal to go through. One of its concerns was whether Microsoft would have a monopoly on cloud streaming technology.

“This includes executing an agreement effective at the closing of our merger that transfers the cloud streaming rights for all current and new Activision Blizzard PC and console games released over the next 15 years to Ubisoft Entertainment. The rights will be in perpetuity,” Smith said.

“As a result of the agreement with Ubisoft, Microsoft believes its proposed acquisition of Activision Blizzard presents a substantially different transaction under UK law than the transaction Microsoft submitted for the CMA’s consideration in 2022. As such, Microsoft today has notified the restructured transaction to the CMA and anticipates that the CMA review processes can be completed before the 90-day extension in its acquisition agreement with Activision Blizzard expires on October 18,” Smith added.

Under the restructured transaction, Microsoft will not be in a position either to release Activision Blizzard games exclusively on its own cloud streaming service—Xbox Cloud Gaming – or to exclusively control the licensing terms of Activision Blizzard games for rival services, Smith said.

The agreement provides Ubisoft with a unique opportunity to commercialize the distribution of games via cloud streaming. The agreement will enable Ubisoft to innovate and encourage different business models in the licensing and pricing of these games on cloud streaming services worldwide. Ubisoft will compensate Microsoft for the cloud streaming rights to Activision Blizzard’s games through a one-off payment and through a market-based wholesale pricing mechanism, including an option that supports pricing based on usage. It will also give Ubisoft the opportunity to offer Activision Blizzard’s games to cloud gaming services running non-Windows operating systems.

Smith also said, “Of importance, Microsoft’s obligations to provide cloud streaming rights in the European Economic Area remain in place, in full compliance with Microsoft’s commitments to the European Commission. The agreement with Ubisoft has been structured so that Microsoft will still acquire the rights needed to honor fully its legal obligations under its commitments to the European Commission, as well as its existing contractual obligations to other cloud game streaming providers, including Nvidia, Boosteroid, Ubitus, and Nware. Microsoft is engaging closely with the European Commission to support the EC’s assessment of the agreement and confirmation that the commitments remain undisturbed.”

Rivals like Sony and Nintendo have also signed deals, and in a trial that Microsoft won, Sony voiced its objections to Microsoft gaining a monopoly over Call of Duty. The transaction has been approved in more than 40 countries, and Microsoft said it will be good for players and the industry.

Ubisoft said these rights will further strengthen Ubisoft’s content offering through its subscription service Ubisoft+, as well as allowing Ubisoft to license streaming access of the Activision Blizzard catalog of games, including future releases, to cloud gaming companies, service providers, and console makers. This will help expand access for players across all streaming services, the French company said.

“We’re dedicated to delivering amazing experiences to our players wherever they choose to play,” said Chris Early, senior vice president of strategic partnerships and business development at Ubisoft. “Over the past 15 years we’ve built and honed our online services and distribution ecosystem into one of the most complete in the industry. Today’s deal will give players even more opportunities to access and enjoy some of the biggest brands in gaming.”

The Microsoft Detection and Response Team (DART) has been renamed to Microsoft Incident Response (Microsoft IR). For more information on IR services, go to Microsoft Incident Response
I don’t know about you, but we’re still catching our breath after 2022. Microsoft Security blocked more than 70 billion email and identity threats last year.¹ In the same 12-month span, ransomware attacks impacted more than 200 large organizations in the United States alone, spanning government, education, and healthcare.² With statistics like those, providing a platform to share security insights and first-hand experience feels like a necessity.
With that goal in mind, Microsoft has launched a new kind of security webinar “for experts, by experts.” The new Security Experts Roundtable series will serve as an accessible video platform for cyber defenders to learn about some of the latest threats while gaining a big-picture view of the cybersecurity landscape. Our inaugural episode aired on January 25, 2023, with an expert panel consisting of:
This episode also features a special appearance by Rachel Chernaskey, Director of the Microsoft Digital Threat Analysis Center, who discusses cyber-enabled influence operations. I host a special remote interview with Mark Simos, Lead Cybersecurity Architect at Microsoft, on how to effectively communicate with your board of directors about cybersecurity. We also talk to Peter Anaman, Director and Principal Investigator at the Microsoft Digital Crimes Unit about tracking global cybercrime, and we have a special guest interview with Myrna Soto, Chief Executive Officer (CEO) and Founder of Apogee Executive Advisors, on the state of cybersecurity in the manufacturing sector.
Back in December 2020, Microsoft investigated a new nation-state attacker now known as Nobelium that became a global cybersecurity threat.³ The following year, the hacker gang Lapsus moved into the spotlight with large-scale social engineering and extortion campaigns directed against multiple organizations.⁴ Those threat groups are still active, but 2022 saw a slowing in their attacks. “We didn’t have too many high-profile mass-casualty events,” Ping points out. “But we did see a continuation of ransomware, identity compromises, and attacks centered on endpoints.”
The ransomware as a service (RaaS) ecosystem has continued to grow.⁵ Jeremy singles out DEV-0401, also known as Bronze Starlight or Emperor Dragon, as a China-based threat actor that’s “shifted their payloads to LockBit 2.0, developing their technology and emerging some of their tradecraft in order to evade detection and target our customers more prolifically.”⁶ Jeremy also calls out DEV-0846 as a provider of custom ransomware,⁷ as well as Russia’s Iridium as a source of ongoing attacks against transportation and logistics industries in Ukraine and Poland.⁸ He also cites Russia-based actor DEV-0586 as using ransomware as a ruse to target customers, then following up with destructive data “wiper” attacks.⁹
In his position as Director of Microsoft Defender Experts, Ryan brings a unique perspective on the changing threat landscape.¹⁰ “It’s been a proliferation of credential theft activity, largely stemming from adversary-in-the-middle attacks.” He points out that this kind of attack “underscores the importance of having a strategy for detection and hunting that’s beyond the endpoint; for example, in the email and identity space.”
“Identity compromises have been on the rise,” Ping concurs. “Attackers are just taking advantage of any vectors of entry that any customer has in their environment. So, it’s really important customers exercise good basic security hygiene.” She stresses that defenders should think of their environment as one organic whole, instead of separate parts. “If you have anything that touches the external world—domain controllers, email—those are all potential vectors of entry by attackers.” In short, protecting against the constantly evolving threats of today (and tomorrow) requires embracing a Zero Trust comprehensive approach to security.¹¹
Cyber-enabled influence operations don’t grab headlines the way ransomware attacks do, but their effects are more pernicious. In this kind of cybercrime, a nation-state or non-state actor seeks to shift public opinion or change behavior through subversive means online. In Jeremy’s talk with Rachel, she breaks down how these types of attacks unfold in three phases:
The most prolific influence actors are labeled advanced persistent manipulators (APMs). Rachel uses the analogy that “APMs are to the information space what APTs (advanced persistent threats) are to cyberspace.” APMs are usually nation-state actors, though not always. Increasingly, the Microsoft Digital Threat Analysis Center (DTAC) sees non-state or private-sector actors employing the same influence techniques. In this way, a threat actor that wages a successful cyberattack might repurpose that capability for subsequent influence operations.
Rachel explains how DTAC uses the “four M model:” message, messenger, medium, and method. The message is just the rhetoric or the content that an actor seeks to spread, which typically aligns with the nation-state’s geopolitical goals. The messengers include the influencers, correspondence, and propaganda outlets that amplify the message in the digital environment. The mediums are the platforms and technologies used to spread the message, with video typically being the most effective. And finally, the methods consist of anything from a hack-and-leak operation to using bots or computational propaganda, or real-world elements like party-to-party political engagement.
So why should private organizations be concerned with cyber-influence operations? “Influence operations inherently seek to sow distrust, and that creates challenges between businesses and users,” Rachel explains. “Increasingly, our team is looking at the nexus between cyberattacks and subsequent influence operations to understand the full picture and better combat these digital threats.”
The Microsoft Digital Crimes Unit (DCU) consists of a global cross-disciplinarian team of lawyers, investigators, data scientists, engineers, analysts, and business professionals.¹² The DCU is committed to fighting cybercrime globally through the application of technology, forensics, civil actions, criminal referrals, public and private partnerships, and the determined assistance of 8,500 Microsoft security researchers and security engineers. The DCU focuses on five key areas: Business Email Compromise (BEC), Ransomware, Malware, Tech Support Fraud, and Malicious Use of Microsoft Azure. According to Peter Anaman, Director and Principal Investigator at DCU, their investigations reveal that cybercriminals are moving away from a “spray-and-pray” approach toward the as a service model. Along with ransomware, cybercriminals are extending their retail services into new areas such as phishing as a service (PhaaS) and distributed denial of service (DDoS).
Threat actors have even created specialized tools to facilitate BEC, including phishing kits and lists of Checked email addresses targeting specific roles, such as C-suite leaders or accounts-payable employees. As part of the service, the seller will design the email template and even scrub the responses to make sure they’re valid. “All for a subscription model of, like, USD200 dollars a month,” Peter explains. DCU investigative evidence has observed a more than 70 percent increase in these services.¹ “We’re finding that there’s a higher number of people who are committing these crimes. They have greater know-how on different technologies and online platforms that could be used as part of the [attack] vector.”
Regardless of the type of cybercrime, DCU goes after threat actors by executing on three main strategies:
In addition to arrest and prosecution, DCU deters cybercrime by disrupting the technical infrastructure used by criminals, causing them to lose their investments. In 2022, DCU helped to take down more than 500,000 unique phishing URLs hosted outside Microsoft while disrupting cybercriminals’ technical infrastructure, such as virtual machines, email, homoglyph domain names, and public blockchain websites.
DCU also works with Microsoft DART to gather intelligence and share it with other security professionals. Some of those indicators—a URL, domain name, or phishing email—may help with future investigations. “That intelligence [we gather] feeds back into our machine learning models,” Peter explains. “If that phishing page or kit is used again there will be better measures to block it at the gate, so our monitoring systems become stronger over time.”
When asked what an organization can do to protect itself, Peter suggests sticking to three cybersecurity basics. First: “Use multifactor authentication,” he stresses. “Ninety percent of [attacks] could have been stopped just by having multifactor authentication.” Second: “Practice [cyber] hygiene. Don’t just click links because you think it comes from a friend.” Cyber hygiene includes installing all software patches and system upgrades as soon as they become available. And third: “You’re really looking at the Zero Trust model,” Peter says. “Enforce least privilege [access]” so people only have access to the information they need. Bonus tip: “Make sure you have the same level of security on your personal email as you do on your work [email].”
In this segment, I have a chance to speak with one of my favorite folks at Microsoft. Mark Simos is Lead Cybersecurity Architect, Microsoft, (and PowerPoint super genius) with more than two decades of experience, so he knows something about dealing with a board of directors. Whether you work for a public or private company, the board is responsible for oversight. That means making sure that the leadership team is not only managing the business but also managing risks. And cybercrime is one of the biggest risks today’s organization contends with.
But for the board to understand the organization’s security positioning, they need to grasp how it relates to the business. Unlike dealing with finances, legal issues, or people management, cybersecurity is a new area for a lot of board members. According to Mark, a big part of winning them over is “making sure that the board members understand that cybersecurity is not just a technical problem to be solved, check, and move on. It’s an ongoing risk.”
In our talk, Mark lays out three basic things the board needs to know:
Bonus tips:
Mark provides a wealth of free resources you can access anytime on Mark’s List.¹³ Also, there’s a chief information security officer (CISO) workshop available as public videos and as a live workshop from Microsoft Unified (formerly Premier Support). The workshop provides plenty of material to help accelerate a productive relationship with your board, including:
Often board members don’t consider that security decisions can be made by asset owners, not just security teams. Mark suggests stressing the holistic aspect of cybersecurity as a differentiator from typical business unit concerns. “With security, it doesn’t matter where the leak is on the boat; it’s still going to sink,” he says. “So, it’s really important for folks to work together as a team and recognize that ‘I’m not just accepting the risk for me; I’m accepting it for everyone.’”
For the last segment of the webinar, we invited an expert to weigh in on one of the most-attacked industry segments across the globe—manufacturing. Myrna Soto is the CEO and founder of Apogee Executive Advisors, and a board member of prominent companies such as Headspace Health, CMS Energy, Banco Popular, Spirit Airlines, and many more. Cybersecurity in the manufacturing sector carries added urgency because many of these entities are part of the nation’s critical infrastructure—whether it’s manufacturing pharmaceuticals, supporting transportation, or feeding the power grid.
The smart factory has introduced more automation into the manufacturing ecosystem, creating new vulnerabilities. “One of the biggest challenges is the number of third-party connections,” Myrna explains. “It relates to how entities are interacting with one another; how certain companies have either air-gapped their Internet of Things (IoT) networks or not.” Myrna points out that the supply chain is never holistically managed by one entity, which means those third-party interactions are critical. She mentions the ability to encrypt certain data in machine-to-machine communications as a crucial part of securing an interconnected manufacturing ecosystem. “The ability to understand where assets are across the ecosystem is one of the key components that need attention,” she points out.
With the prospect of intellectual property loss, disruption to critical infrastructure, along with health and safety risks, Myra sees manufacturing as one area where security teams and board members need to work together with urgency. I asked her to offer some insights gleaned from time spent on the other side of the table—particularly what not to do. “Probably the most annoying thing is the tendency to provide us a deluge of data without the appropriate business context,” she relates. “I’ve seen my share of charts around malware detections, charts on network penetrations. That is difficult for most non-technical board members to understand.”
Be sure to watch the full Security Experts Roundtable episode. We’ll be doing one of these every other month until they kick us off the stage, so remember to sign up for our May episode. Before we wrap up for today, I’d like to invite you to join us on March 28, 2023, for a brand-new event: Microsoft Secure. This event will bring together a community of defenders, innovators, and security experts in a setting where we can share insights, ideas, and real-world skills to help create a safer world for all. Register today, and I’ll see you there!
For more cybersecurity insights and the latest on threat intelligence, visit Microsoft Security Insider.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.
¹Microsoft Digital Defense Report 2022, Microsoft. 2022.
²Based on internal research conducted by Microsoft Digital Crimes Unit, January 2023.
³The hunt for NOBELIUM, the most sophisticated nation-state attack in history, John Lambert. November 10, 2021.
⁴DEV-0537 criminal actor targeting organizations for data exfiltration and destruction, Microsoft Threat Intelligence Center. March 22, 2022.
⁵Ransomware as a service: Understanding the cybercrime gig economy and how to protect yourself, Microsoft Defender Threat Intelligence. May 9, 2022.
⁶Part 1: LockBit 2.0 ransomware bugs and database recovery attempts, Danielle Veluz. March 11, 2022.
⁷Monthly news—January 2023, Heike Ritter. January 11, 2023.
⁸New “Prestige” ransomware impacts organizations in Ukraine and Poland, Microsoft Security Threat Intelligence. October 14, 2022.
⁹Destructive malware targeting Ukrainian organizations, Microsoft Threat Intelligence Center. January 15, 2022.
¹⁰Microsoft Defender Experts for Hunting proactively hunts threats, Microsoft Security Experts. August 3, 2022.
¹¹Implementing a Zero Trust security model at Microsoft, Inside Track staff. January 10, 2023.
¹²Digital Crimes Unit: Leading the fight against cybercrime, Microsoft. May 3, 2022.
¹³Mark’s List, Mark Simos.
Microsoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as Midnight Blizzard (previously tracked as NOBELIUM).
In a latest investigation by Microsoft Incident Response of a BlackByte 2.0 ransomware attack, we found that the threat actor progressed through the full attack chain, from initial access to impact, in less than five days, causing significant business disruption for the victim organization.
Microsoft detected a unique operation where threat actors carried out destructive actions in both on-premises and cloud environments.
This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397.
Microsoft is a leader in cybersecurity, and we embrace our responsibility to make the world a safer place.

source