A Microsoft under attack from government and tech rivals after ‘preventable’ hack ties executive pay to cyberthreats


Microsoft has come under fire recently from both the U.S. government and rival companies for its failure to stop a Chinese hack of its systems last summer.

One change the tech giant is making in response: linking executive compensation more closely to cybersecurity. In April, a government review board described a hack of Microsoft last summer attributed to China as “preventable.” The U.S. Department of Homeland Security’s Cyber Safety Review Board pointed to “a cascade of errors” and a corporate culture at Microsoft “that deprioritized enterprise security investments and rigorous risk management.”

Read more…
Source: CNBC News


Sign up for our Newsletter


Related:

  • Midnight Blizzard conducts large-scale spear-phishing campaign using RDP files

    October 29, 2024

    Since October 22, 2024, Microsoft Threat Intelligence has observed Russian threat actor Midnight Blizzard sending a series of highly targeted spear-phishing emails to individuals in government, academia, defense, non-governmental organizations, and other sectors. This activity is ongoing, and Microsoft will continue to investigate and provide updates as available. Based on our investigation of previous Midnight Blizzard ...

  • Exploring CVE-2024-38227 vulnerability in Microsoft SharePoint

    October 25, 2024

    On September 10, Microsoft released another batch of updates addressing 79 vulnerabilities in its products. Among the patches that caught our attention were those for Microsoft SharePoint, an extensive content management system (CMS). Four out of the five SharePoint vulnerabilities covered by the September release allowed remote code execution (RCE) and one of them posed ...

  • China’s three reports on Volt Typhoon prove US’ cyberattacks detectable: experts

    October 18, 2024

    China’s three reports on Volt Typhoon revealed the truth behind the systematic cyberattack activities of the US and demonstrated that such operations of the US are detectable, experts said. China’s National Computer Virus Emergency Response Center (CVERC) on Monday released its latest report on Volt Typhoon, a hacker team Five Eyes nations and Microsoft have accused ...

  • Microsoft Digital Defense Report 2024: Microsoft customers face more than 600 million cybercriminal and nation-state attacks every day

    October 15, 2024

    In the last year, the cyber threat landscape continued to become more dangerous and complex. The malign actors of the world are becoming better resourced and better prepared, with increasingly sophisticated tactics, techniques, and tools that challenge even the world’s best cybersecurity defenders. Even Microsoft has been the victim of well-orchestrated attacks by determined and well-resourced ...

  • China again claims Volt Typhoon cyber-attack crew was invented by the US to discredit it

    October 15, 2024

    Chinese authorities have published another set of allegations that assert the Volt Typhoon cyber-crew is an invention of the US and its allies, and not a crew run by Beijing. Published on Monday in five languages, a document titled “Lie to Me: Volt Typhoon III – Unravelling Cyberespionage and Disinformation Operations Conducted by US Government Agencies” ...

  • Misconfigurations in Microsoft Exchange open new doors to email spoofing attacks

    September 1, 2024

    A new report from the Acronis Threat Research Unit has uncovered a vulnerability in Microsoft Exchange Online settings that could enable email spoofing attacks. This issue primarily affects users with a hybrid configuration of on-premises Exchange and Exchange Online, and those utilizing third-party email security solutions. In July 2023, Microsoft introduced a major change in how ...