It can be difficult to make a generative AI model understand a spreadsheet. In order to try to solve this problem, Microsoft researchers published a paper on July 12 on Arxiv describing SpreadsheetLLM, an encoding framework to enable large language models to “read” spreadsheets. SpreadsheetLLM could “transform spreadsheet data management and analysis, paving the way […]
Microsoft has been charged by the EU for breaking antitrust rules. The European Commission claims that by bundling Teams into the Office 365 and Microsoft 365 suites, the company disproportionately restricts competition in the market for communication apps. The primary reason for this is because Microsoft’s suite of business productivity tools, like Excel, Outlook and […]
The number of Microsoft vulnerabilities has mostly flattened in 2023, with elevation of privilege and identity attacks being particularly common, according to BeyondTrust’s annual Microsoft Vulnerabilities report. Identity and access management solutions company BeyondTrust studied the most significant CVEs of 2023 and Microsoft vulnerability data from Microsoft’s monthly Patch Tuesday bulletins. The report includes vulnerability […]
The term “copilot” for AI assistants seems to be everywhere in enterprise software today. Like many things in the generative AI industry, the way the word is used is changing. Sometimes it is capitalized, and sometimes it is not. GitHub’s choice of Copilot as a brand name was the first major use, followed by Microsoft […]
At the tail-end of last week, Microsoft published a report entitled Analysis of Storm-0558 techniques for unauthorized email access. In this rather dramatic document, the company’s security team revealed the background to a previously unexplained hack in which data including email text, attachments and more were accessed: from approximately 25 organizations, including government agencies and […]
![Stop calling every breach “sophisticated”! [Audio + Text] – Naked Security](https://exoticdigitalaccess.co.ke/wp-content/uploads/2023/02/eniac-1200.png)
The birth of ENIAC. A “sophisticated attack” (someone got phished). A cryptographic hack enabled by a security warning. Valentine’s Day Patch Tuesday. Apple closes spyware-sized 0-day hole. DOUG. Patching bugs, hacking Reddit, and the early days of computing. All that, and more, on the Naked Security podcast. [MUSICAL MODEM] Welcome to the podcast, everybody. I am […]
![Pwning the Windows kernel – the crooks who hoodwinked Microsoft [Audio + Text] – Naked Security](https://exoticdigitalaccess.co.ke/wp-content/uploads/2022/12/s3-ep113-1200.png)
DOUG. Wireless spyware, credit card skimming, and patches galore. All that, and more, on the Naked Security podcast. [MUSICAL MODEM] Welcome to the podcast, everybody. I am Doug Aamoth; he is Paul Ducklin. Paul, how do you do? DUCK. I’m very well, Doug. Cold, but well. DOUG. It’s freezing here too, and everyone is sick… but that’s December […]
![Data breaches can haunt you more than once! [Audio + Text] – Naked Security](https://exoticdigitalaccess.co.ke/wp-content/uploads/2022/12/s3-ep112-1200-1.png)
DOUG. SIM swapping, zero-days, the [dramatic voice] P-i-n-g of D-E-A-T-H, and LastPass… again. All that, and more, on the Naked Security podcast. [MUSICAL MODEM] Welcome to the podcast everybody. I am Doug Aamoth. With me, as always, is Paul Ducklin. Paul, how do you do? DUCK. Very well, Doug. You put some high drama sound into that […]
Just under two months ago, some worrying bug news broke: a pair of zero-day vulnerabilities were announced in Microsoft Exchange. As we advised at the time, these vulnerabilities, officially designated CVE-2022-41040 and CVE-2022-41082: [were] two zero-days that [could] be chained together, with the first bug used remotely to open enough of a hole to trigger […]