Ever wished you could do more with Microsoft Excel? Microsoft just announced the release of a public preview of Python in Excel, which would allow users to add Python code directly into a spreadsheet.
This would enable data analysts, engineers, marketers, and students learning data science to work with Python code to perform complex statistical analysis, advanced visualizations, predictive analytics, and machine learning in Excel.
Users will be able to enter Python code directly into cells using the new =PY function, as Python will be integrated directly into the Excel grid, with no need to install additional software.
Microsoft explains that the new functionality leverages the Anaconda distribution of Python, an enterprise geared to data scientists and engineers that is also beginner-friendly. Anaconda includes many pre-packaged libraries and packages like pandas, Matplotlib, scikit-learn, NumPy, and SciPy.
As a secure operation, Microsoft says Python in Excel runs on the Microsoft Cloud with enterprise-level security within the Microsoft 365 experience. This means that the code is executed on the Microsoft Cloud and not locally, in an isolated container using Azure Container Instances and separate from other processes to diminish the risk of unauthorized access.
The data in users' workbooks is controlled through the specific functions xl()and =PY() to ensure data is secure and only authorized operations are performed.
The public preview of the Python integration on Microsoft Excel will be available to Microsoft 365 Insiders using the Beta Channel in Excel for Windows.
Microsoft has been systematically working to Strengthen its Edge browser by adding new features and updates on a regular basis, positioning it as a compelling alternative to Google Chrome. Yet, sometimes issues still arise due to various bugs in the Chromium code. This tutorial shares the most effective troubleshooting tips you need to follow if Microsoft Edge is not responding.
Good to know: check out our list of keyboard shortcuts to quickly access the most useful Microsoft Edge features.
Before diving into specific solutions, try these general troubleshooting tips if you’re experiencing issues like Microsoft Edge not responding or crashes.
FYI: want to remove the Bing Chat button from Edge? We can show you how.
If Microsoft Edge is not responding, try properly closing it down via the Task Manager, then restart the browser. In most cases, this will fix the problem.
Tip: learn how to fix the “Task Manager has been disabled by administrator” error.
If the Edge browser opens but stops functioning, attempt to repair it. Before starting, make sure you’ve closed the Microsoft Edge browser and logged in with administrative privileges.
If your Edge browser is not responding properly, it could be because an extension is not working correctly. To troubleshoot this, follow the steps below to deactivate your installed extensions to see whether the problem has been resolved.
Tip: find yourself missing Internet Explorer? Learn how to bring IE back to Windows 11.
Microsoft Edge may fail to respond if you have too many tabs or other programs open on your Windows computer. If you have too many open, try closing all tabs and windows on your browser – except the one displaying the error message.
Additionally, shut down any other applications currently running on your Windows computer, including background apps and processes. If you are downloading a file, pausing until the issue has been resolved is better. Afterward, check to see whether you can access the tab that was not responding in Microsoft Edge.
Are you using third-party antivirus software, like Norton, McAfee or Kaspersky? If so, you must check whether the virus protection has expired or the software has become outdated. Obsolete or expired software may interfere with the functioning of Microsoft Edge.
Once you have identified the issue, you can renew your virus protection plan or get the latest security update from the software company’s website.
All of your apps are probably installed on the C:\ drive of your computer. If you’re experiencing frequent Microsoft Edge crashes, it’s worth checking the storage space on your main drive.
If the C:\ drive is running low, take prompt action to free up some space. If you’re not sure how to get started, learn how to clean up your C:\ drive.
FYI: learn how to block pop-ups on Windows in Microsoft Edge and other popular browsers.
Finally, it could be possible that your wireless network is the culprit. To determine whether this is the case, try accessing the webpage that is causing the Edge not responding issue with another browser, such as Chrome, Firefox, or Brave. If the page still won’t load, it’s likely an issue with your network or the website itself.
Try restarting your modem and router to see whether this resolves the problematic Edge situation. However, if the problem persists, there may be an issue with the website itself. In this case, there isn’t much you can do, except try again in a few hours or the next day.
If you still can’t get Edge to work properly, it may be worth reinstalling Microsoft Edge directly from its official website. As a final solution, try restoring the Edge browser settings to default. On the other hand, if your browser is working just fine, learn how to use split screen in Edge for improved multitasking.
Image credit: Unsplash. All screenshots by Meenatchi Nagasubramanian.
Our latest tutorials delivered straight to your inbox
We may earn revenue from the products available on this page and participate in affiliate programs. Learn more ›
Back-to-School season is an opportunity for learners of all ages to expand their knowledge and get discounted access to valuable tools they can put to work every day. Until August 13 at 11:59 p.m. PST, you can get a lifetime license for Microsoft Office for Windows and a free business course from a renowned instructor.
The tools you use to work and learn may not always be budget-friendly, even if they’re essential to your ongoing productivity. For those who rely on Microsoft Word, Excel, PowerPoint, or any other apps in the Office Suite, subscription fees can feel like the constant cost of basic computer operations.
This Back-to-School season, focus on your learning without focusing on a recurring cost. Get a Microsoft Office Pro 2021 Windows Lifetime License for $39.97, and enjoy a free business course with your purchase. You’ll have to act quickly since this price drop only lasts until August 13 at 11:59 p.m. PST.
Dedicate yourself to learning without a monthly subscription fee like what you’d be paying to get Microsoft 365. This lifetime license for MS Office Pro 2021, which boasts a 4.2-star rating from PCMag, allows you to install Microsoft Word, Excel, PowerPoint, Outlook, Teams (free version), OneNote, Publisher, Access, and Skype for Business on one Windows computer or PC for life.
Make sure your computer meets the minimum requirements to download. You must have at least 4GB disk space and be running Windows 10 or 11. If you need to upgrade your operating system, low-cost Windows 11 Pro keys are available.
This bundle also comes with a course taught by Chris Haroun, a well-known venture capitalist and instructor of business and finance-related courses. While this course will not replace the information you would get from a formal MBA, it does make some of the same content more accessible by showing you how to launch a new business, craft presentations, and pitch ideas.
Make the most out of a season of learning, and invest in lifelong access to tools that could expand your horizons.
Until August 13 at 11:59 p.m. PST, get a Microsoft Office Pro 2021 for Windows Lifetime License and a Free Entire MBA in 1 Course for just $39.97. No coupon needed.
Prices subject to change.
You don’t need to blow a hole in your schedule or budget to gain the skills and knowledge you need to fast-track your business career.
Whether you want to grow your own business or to move up the ladder in the business world as quickly as possible, you may need to learn valuable entrepreneurial knowledge without commuting to classrooms or crashing your budget. While our solution doesn’t replace a formal MBA degree, you can gain additional business knowledge with this MBA course packaged with lifetime access to Microsoft Office Pro 2021.
You can now grab this bundle for only $49.99 (reg. $419.99). With this powerful duo, you can increase your success in current or potential business endeavors!
Taught by Chris Haroun, who boasts experience in venture capital, hedge funds, equities and consulting, you can feel confident that you’re gaining the proper knowledge for your entrepreneurial pursuits. Again, “The 2023 Total MBA Training in One Box” won’t replace an genuine MBA degree, but it can teach you everything from launching a business from scratch to going public.
You’ll discover insights into management consulting businesses and investment banking firms, as well as how they may benefit your company. You can also learn to create financial models from scratch and quickly examine a company’s finances and entire markets by the time this course is over.
Since you’ll get lifetime access to this 4.5-star rated MBA training, you can study at your own pace. Plus, you don’t have to finish the whole course before taking advantage of the practical and professional skills you develop. Best of all, you can conveniently access classes from desktops, laptops and even mobile devices.
As a huge bonus, this bundle includes a lifetime license for the Windows version of Microsoft Office Pro 2021. It includes Excel, Word, Access, Outlook PowerPoint, Publisher, Skype for Business and the free version of Teams. You’ll get an incredible deal on lifetime access to MS Office for your PC. Say goodbye to expensive yearly subscriptions!
Move up the business ladder with help from Microsoft Office Pro 2021 for Windows: Lifetime License + A Free Entire MBA in 1 Course to help you reach your entrepreneurial goals.
Prices and availability are subject to change.
Microsoft announced enhancements to the “cameo” functionality in Microsoft PowerPoint for both Windows and Mac platforms.
A cameo in this context refers to a small video feed, often from a camera, that can be embedded into PowerPoint slides. This feature is particularly useful for presentations where you want to include live video content within your slides. Microsoft 365 subscribers can access cameo on the desktop app for Windows and macOS.
Here are the introduced enhancements:
You can learn more about how to apply this in your presentation here.
If you are utilizing these additional features, it has been reported that the camera may not appear when using the cameo. This could be because another application is using the camera. In this case, you may need to select a different camera or disable the camera for the other application.
These enhancements are available to Beta Channel users running specific versions:
These updates aim to give users greater flexibility and control when integrating live camera feeds into their PowerPoint presentations. It’s a great way to make presentations more engaging and dynamic by incorporating real-time video content directly into your slides.
We're thrilled to announce the return of GamesBeat Summit Next, hosted in San Francisco this October, where we will explore the theme of "Playing the Edge." Apply to speak here and learn more about sponsorship opportunities here.
Microsoft has signed a 15-year deal to license Call of Duty and other Activision Blizzard games to Ubisoft in its latest bid to win antitrust approval for its $68.7 billion acquisition.
“In January 2022, Microsoft announced the proposed acquisition of Activision Blizzard to advance our goal to bring more creative and innovative games to players everywhere and on any device, said Brad Smith, president of Microsoft, in announcing the deal. “Today, we are taking another important step regarding this transaction. To address the concerns about the impact of the proposed acquisition on cloud game streaming raised by the UK Competition and Markets Authority, we are restructuring the transaction to acquire a narrower set of rights.”
Activision Blizzard CEO Bobby Kotick also praised the agreement and said the integration plan is proceeding.
The United Kingdom is the last country where antitrust clearance is needed for the deal to go through. One of its concerns was whether Microsoft would have a monopoly on cloud streaming technology.
“This includes executing an agreement effective at the closing of our merger that transfers the cloud streaming rights for all current and new Activision Blizzard PC and console games released over the next 15 years to Ubisoft Entertainment. The rights will be in perpetuity,” Smith said.
“As a result of the agreement with Ubisoft, Microsoft believes its proposed acquisition of Activision Blizzard presents a substantially different transaction under UK law than the transaction Microsoft submitted for the CMA’s consideration in 2022. As such, Microsoft today has notified the restructured transaction to the CMA and anticipates that the CMA review processes can be completed before the 90-day extension in its acquisition agreement with Activision Blizzard expires on October 18,” Smith added.
Under the restructured transaction, Microsoft will not be in a position either to release Activision Blizzard games exclusively on its own cloud streaming service—Xbox Cloud Gaming – or to exclusively control the licensing terms of Activision Blizzard games for rival services, Smith said.
The agreement provides Ubisoft with a unique opportunity to commercialize the distribution of games via cloud streaming. The agreement will enable Ubisoft to innovate and encourage different business models in the licensing and pricing of these games on cloud streaming services worldwide. Ubisoft will compensate Microsoft for the cloud streaming rights to Activision Blizzard’s games through a one-off payment and through a market-based wholesale pricing mechanism, including an option that supports pricing based on usage. It will also give Ubisoft the opportunity to offer Activision Blizzard’s games to cloud gaming services running non-Windows operating systems.
Smith also said, “Of importance, Microsoft’s obligations to provide cloud streaming rights in the European Economic Area remain in place, in full compliance with Microsoft’s commitments to the European Commission. The agreement with Ubisoft has been structured so that Microsoft will still acquire the rights needed to honor fully its legal obligations under its commitments to the European Commission, as well as its existing contractual obligations to other cloud game streaming providers, including Nvidia, Boosteroid, Ubitus, and Nware. Microsoft is engaging closely with the European Commission to support the EC’s assessment of the agreement and confirmation that the commitments remain undisturbed.”
Rivals like Sony and Nintendo have also signed deals, and in a trial that Microsoft won, Sony voiced its objections to Microsoft gaining a monopoly over Call of Duty. The transaction has been approved in more than 40 countries, and Microsoft said it will be good for players and the industry.
Ubisoft said these rights will further strengthen Ubisoft’s content offering through its subscription service Ubisoft+, as well as allowing Ubisoft to license streaming access of the Activision Blizzard catalog of games, including future releases, to cloud gaming companies, service providers, and console makers. This will help expand access for players across all streaming services, the French company said.
“We’re dedicated to delivering amazing experiences to our players wherever they choose to play,” said Chris Early, senior vice president of strategic partnerships and business development at Ubisoft. “Over the past 15 years we’ve built and honed our online services and distribution ecosystem into one of the most complete in the industry. Today’s deal will give players even more opportunities to access and enjoy some of the biggest brands in gaming.”
GamesBeat's creed when covering the game industry is "where passion meets business." What does this mean? We want to tell you how the news matters to you -- not just as a decision-maker at a game studio, but also as a fan of games. Whether you read our articles, listen to our podcasts, or watch our videos, GamesBeat will help you learn about the industry and enjoy engaging with it. Discover our Briefings.
The Microsoft Detection and Response Team (DART) has been renamed to Microsoft Incident Response (Microsoft IR). For more information on IR services, go to Microsoft Incident Response
I don’t know about you, but we’re still catching our breath after 2022. Microsoft Security blocked more than 70 billion email and identity threats last year.1 In the same 12-month span, ransomware attacks impacted more than 200 large organizations in the United States alone, spanning government, education, and healthcare.2 With statistics like those, providing a platform to share security insights and first-hand experience feels like a necessity.
With that goal in mind, Microsoft has launched a new kind of security webinar “for experts, by experts.” The new Security Experts Roundtable series will serve as an accessible video platform for cyber defenders to learn about some of the latest threats while gaining a big-picture view of the cybersecurity landscape. Our inaugural episode aired on January 25, 2023, with an expert panel consisting of:
This episode also features a special appearance by Rachel Chernaskey, Director of the Microsoft Digital Threat Analysis Center, who discusses cyber-enabled influence operations. I host a special remote interview with Mark Simos, Lead Cybersecurity Architect at Microsoft, on how to effectively communicate with your board of directors about cybersecurity. We also talk to Peter Anaman, Director and Principal Investigator at the Microsoft Digital Crimes Unit about tracking global cybercrime, and we have a special guest interview with Myrna Soto, Chief Executive Officer (CEO) and Founder of Apogee Executive Advisors, on the state of cybersecurity in the manufacturing sector.
Back in December 2020, Microsoft investigated a new nation-state attacker now known as Nobelium that became a global cybersecurity threat.3 The following year, the hacker gang Lapsus moved into the spotlight with large-scale social engineering and extortion campaigns directed against multiple organizations.4 Those threat groups are still active, but 2022 saw a slowing in their attacks. “We didn’t have too many high-profile mass-casualty events,” Ping points out. “But we did see a continuation of ransomware, identity compromises, and attacks centered on endpoints.”
The ransomware as a service (RaaS) ecosystem has continued to grow.5 Jeremy singles out DEV-0401, also known as Bronze Starlight or Emperor Dragon, as a China-based threat actor that’s “shifted their payloads to LockBit 2.0, developing their technology and emerging some of their tradecraft in order to evade detection and target our customers more prolifically.”6 Jeremy also calls out DEV-0846 as a provider of custom ransomware,7 as well as Russia’s Iridium as a source of ongoing attacks against transportation and logistics industries in Ukraine and Poland.8 He also cites Russia-based actor DEV-0586 as using ransomware as a ruse to target customers, then following up with destructive data “wiper” attacks.9
In his position as Director of Microsoft Defender Experts, Ryan brings a unique perspective on the changing threat landscape.10 “It’s been a proliferation of credential theft activity, largely stemming from adversary-in-the-middle attacks.” He points out that this kind of attack “underscores the importance of having a strategy for detection and hunting that’s beyond the endpoint; for example, in the email and identity space.”
“Identity compromises have been on the rise,” Ping concurs. “Attackers are just taking advantage of any vectors of entry that any customer has in their environment. So, it’s really important customers exercise good basic security hygiene.” She stresses that defenders should think of their environment as one organic whole, instead of separate parts. “If you have anything that touches the external world—domain controllers, email—those are all potential vectors of entry by attackers.” In short, protecting against the constantly evolving threats of today (and tomorrow) requires embracing a Zero Trust comprehensive approach to security.11
Cyber-enabled influence operations don’t grab headlines the way ransomware attacks do, but their effects are more pernicious. In this kind of cybercrime, a nation-state or non-state actor seeks to shift public opinion or change behavior through subversive means online. In Jeremy’s talk with Rachel, she breaks down how these types of attacks unfold in three phases:
The most prolific influence actors are labeled advanced persistent manipulators (APMs). Rachel uses the analogy that “APMs are to the information space what APTs (advanced persistent threats) are to cyberspace.” APMs are usually nation-state actors, though not always. Increasingly, the Microsoft Digital Threat Analysis Center (DTAC) sees non-state or private-sector actors employing the same influence techniques. In this way, a threat actor that wages a successful cyberattack might repurpose that capability for subsequent influence operations.
Rachel explains how DTAC uses the “four M model:” message, messenger, medium, and method. The message is just the rhetoric or the content that an actor seeks to spread, which typically aligns with the nation-state’s geopolitical goals. The messengers include the influencers, correspondence, and propaganda outlets that amplify the message in the digital environment. The mediums are the platforms and technologies used to spread the message, with video typically being the most effective. And finally, the methods consist of anything from a hack-and-leak operation to using bots or computational propaganda, or real-world elements like party-to-party political engagement.
So why should private organizations be concerned with cyber-influence operations? “Influence operations inherently seek to sow distrust, and that creates challenges between businesses and users,” Rachel explains. “Increasingly, our team is looking at the nexus between cyberattacks and subsequent influence operations to understand the full picture and better combat these digital threats.”
The Microsoft Digital Crimes Unit (DCU) consists of a global cross-disciplinarian team of lawyers, investigators, data scientists, engineers, analysts, and business professionals.12 The DCU is committed to fighting cybercrime globally through the application of technology, forensics, civil actions, criminal referrals, public and private partnerships, and the determined assistance of 8,500 Microsoft security researchers and security engineers. The DCU focuses on five key areas: Business Email Compromise (BEC), Ransomware, Malware, Tech Support Fraud, and Malicious Use of Microsoft Azure. According to Peter Anaman, Director and Principal Investigator at DCU, their investigations reveal that cybercriminals are moving away from a “spray-and-pray” approach toward the as a service model. Along with ransomware, cybercriminals are extending their retail services into new areas such as phishing as a service (PhaaS) and distributed denial of service (DDoS).
Threat actors have even created specialized tools to facilitate BEC, including phishing kits and lists of Checked email addresses targeting specific roles, such as C-suite leaders or accounts-payable employees. As part of the service, the seller will design the email template and even scrub the responses to make sure they’re valid. “All for a subscription model of, like, USD200 dollars a month,” Peter explains. DCU investigative evidence has observed a more than 70 percent increase in these services.1 “We’re finding that there’s a higher number of people who are committing these crimes. They have greater know-how on different technologies and online platforms that could be used as part of the [attack] vector.”
Regardless of the type of cybercrime, DCU goes after threat actors by executing on three main strategies:
In addition to arrest and prosecution, DCU deters cybercrime by disrupting the technical infrastructure used by criminals, causing them to lose their investments. In 2022, DCU helped to take down more than 500,000 unique phishing URLs hosted outside Microsoft while disrupting cybercriminals’ technical infrastructure, such as virtual machines, email, homoglyph domain names, and public blockchain websites.
DCU also works with Microsoft DART to gather intelligence and share it with other security professionals. Some of those indicators—a URL, domain name, or phishing email—may help with future investigations. “That intelligence [we gather] feeds back into our machine learning models,” Peter explains. “If that phishing page or kit is used again there will be better measures to block it at the gate, so our monitoring systems become stronger over time.”
When asked what an organization can do to protect itself, Peter suggests sticking to three cybersecurity basics. First: “Use multifactor authentication,” he stresses. “Ninety percent of [attacks] could have been stopped just by having multifactor authentication.” Second: “Practice [cyber] hygiene. Don’t just click links because you think it comes from a friend.” Cyber hygiene includes installing all software patches and system upgrades as soon as they become available. And third: “You’re really looking at the Zero Trust model,” Peter says. “Enforce least privilege [access]” so people only have access to the information they need. Bonus tip: “Make sure you have the same level of security on your personal email as you do on your work [email].”
In this segment, I have a chance to speak with one of my favorite folks at Microsoft. Mark Simos is Lead Cybersecurity Architect, Microsoft, (and PowerPoint super genius) with more than two decades of experience, so he knows something about dealing with a board of directors. Whether you work for a public or private company, the board is responsible for oversight. That means making sure that the leadership team is not only managing the business but also managing risks. And cybercrime is one of the biggest risks today’s organization contends with.
But for the board to understand the organization’s security positioning, they need to grasp how it relates to the business. Unlike dealing with finances, legal issues, or people management, cybersecurity is a new area for a lot of board members. According to Mark, a big part of winning them over is “making sure that the board members understand that cybersecurity is not just a technical problem to be solved, check, and move on. It’s an ongoing risk.”
In our talk, Mark lays out three basic things the board needs to know:
Mark provides a wealth of free resources you can access anytime on Mark’s List.13 Also, there’s a chief information security officer (CISO) workshop available as public videos and as a live workshop from Microsoft Unified (formerly Premier Support). The workshop provides plenty of material to help accelerate a productive relationship with your board, including:
Often board members don’t consider that security decisions can be made by asset owners, not just security teams. Mark suggests stressing the holistic aspect of cybersecurity as a differentiator from typical business unit concerns. “With security, it doesn’t matter where the leak is on the boat; it’s still going to sink,” he says. “So, it’s really important for folks to work together as a team and recognize that ‘I’m not just accepting the risk for me; I’m accepting it for everyone.’”
For the last segment of the webinar, we invited an expert to weigh in on one of the most-attacked industry segments across the globe—manufacturing. Myrna Soto is the CEO and founder of Apogee Executive Advisors, and a board member of prominent companies such as Headspace Health, CMS Energy, Banco Popular, Spirit Airlines, and many more. Cybersecurity in the manufacturing sector carries added urgency because many of these entities are part of the nation’s critical infrastructure—whether it’s manufacturing pharmaceuticals, supporting transportation, or feeding the power grid.
The smart factory has introduced more automation into the manufacturing ecosystem, creating new vulnerabilities. “One of the biggest challenges is the number of third-party connections,” Myrna explains. “It relates to how entities are interacting with one another; how certain companies have either air-gapped their Internet of Things (IoT) networks or not.” Myrna points out that the supply chain is never holistically managed by one entity, which means those third-party interactions are critical. She mentions the ability to encrypt certain data in machine-to-machine communications as a crucial part of securing an interconnected manufacturing ecosystem. “The ability to understand where assets are across the ecosystem is one of the key components that need attention,” she points out.
With the prospect of intellectual property loss, disruption to critical infrastructure, along with health and safety risks, Myra sees manufacturing as one area where security teams and board members need to work together with urgency. I asked her to offer some insights gleaned from time spent on the other side of the table—particularly what not to do. “Probably the most annoying thing is the tendency to provide us a deluge of data without the appropriate business context,” she relates. “I’ve seen my share of charts around malware detections, charts on network penetrations. That is difficult for most non-technical board members to understand.”
Be sure to watch the full Security Experts Roundtable episode. We’ll be doing one of these every other month until they kick us off the stage, so remember to sign up for our May episode. Before we wrap up for today, I’d like to invite you to join us on March 28, 2023, for a brand-new event: Microsoft Secure. This event will bring together a community of defenders, innovators, and security experts in a setting where we can share insights, ideas, and real-world skills to help create a safer world for all. Register today, and I’ll see you there!
For more cybersecurity insights and the latest on threat intelligence, visit Microsoft Security Insider.
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and Twitter (@MSFTSecurity) for the latest news and updates on cybersecurity.
1Microsoft Digital Defense Report 2022, Microsoft. 2022.
2Based on internal research conducted by Microsoft Digital Crimes Unit, January 2023.
3The hunt for NOBELIUM, the most sophisticated nation-state attack in history, John Lambert. November 10, 2021.
4DEV-0537 criminal actor targeting organizations for data exfiltration and destruction, Microsoft Threat Intelligence Center. March 22, 2022.
5Ransomware as a service: Understanding the cybercrime gig economy and how to protect yourself, Microsoft Defender Threat Intelligence. May 9, 2022.
6Part 1: LockBit 2.0 ransomware bugs and database recovery attempts, Danielle Veluz. March 11, 2022.
7Monthly news—January 2023, Heike Ritter. January 11, 2023.
8New “Prestige” ransomware impacts organizations in Ukraine and Poland, Microsoft Security Threat Intelligence. October 14, 2022.
9Destructive malware targeting Ukrainian organizations, Microsoft Threat Intelligence Center. January 15, 2022.
10Microsoft Defender Experts for Hunting proactively hunts threats, Microsoft Security Experts. August 3, 2022.
11Implementing a Zero Trust security model at Microsoft, Inside Track staff. January 10, 2023.
12Digital Crimes Unit: Leading the fight against cybercrime, Microsoft. May 3, 2022.
13Mark’s List, Mark Simos.
Microsoft Threat Intelligence has identified highly targeted social engineering attacks using credential theft phishing lures sent as Microsoft Teams chats by the threat actor that Microsoft tracks as Midnight Blizzard (previously tracked as NOBELIUM).
In a latest investigation by Microsoft Incident Response of a BlackByte 2.0 ransomware attack, we found that the threat actor progressed through the full attack chain, from initial access to impact, in less than five days, causing significant business disruption for the victim organization.
Microsoft detected a unique operation where threat actors carried out destructive actions in both on-premises and cloud environments.
This guide provides steps organizations can take to assess whether users have been targeted or compromised by threat actors exploiting CVE-2023-23397.
Microsoft is a leader in cybersecurity, and we embrace our responsibility to make the world a safer place.