Info@NationalCyberSecurity
Info@NationalCyberSecurity

US government faces criticism over handline Microsoft cybersecurity failures: Hashtag Trending for Tuesday April 16, 2024 | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware


Solar power is the largest source of new US electricity generation for the sixth month in a row, Microsoft is Hiking Prices on Dynamics 365 Business Apps By Up to 16.7%, VMware’s Desktop Virtualization Products Rebranded as “Omnissa”, Tesla is Laying Off Over 10% of Global Workforce Amid Delivery Slump and the U.S. Government gets some scathing criticism over Microsoft’s Cybersecurity Failures

All this and more on the “price might not be right” edition of Hashtag Trending. I’m your host, Jim Love. Let’s get into it.

New data shows solar power is rapidly expanding its share of electricity generation capacity across the United States.

According to the latest figures from the Federal Energy Regulatory Commission or FERC, solar was the number one source of new utility-scale electrical generating capacity in the U.S. for the sixth straight month in February.

Solar accounted for over 83% of the new capacity added that month, with 29 new solar units totaling over 1,000 megawatts coming online. Wind took second place, making up 16% of the new additions.

For the first two months of 2024, solar represented almost 80% of all new generating capacity installed, with wind at over 20%. Natural gas lagged far behind at just 1%.

The new solar projects have increased solar’s share of total installed U.S. utility-scale generating capacity to 8.2% – surpassing hydropower for the first time and moving into fourth place behind natural gas, coal and wind.

Ken Bossong, Executive Director of the SUN DAY Campaign, says solar is clearly on a major growth trajectory that is exceeding official forecasts.

“Without question, solar is on a roll as it surpasses FERC’s expectations and leads all other energy sources in providing new generating capacity.”

According to FERC projections, if just their “high probability” projects proceed as planned, utility-scale solar capacity could triple by 2027 and surpass both coal and wind to become the second largest source after natural gas.

When factoring in distributed solar like rooftop installations, total solar capacity may reach close to 20% within three years.

Renewables as a whole, including wind, solar, hydropower, biomass and geothermal, could see their combined share rise from the current 29% to over 35% – rapidly closing in on natural gas.

Canada’s solar industry has also seen growth, although perhaps not a these levels, but for 2021, the latest numbers we could find solar power increased by 13.6%.

If there are any experts out there on how Canada is really comparing, we’d love to hear from you.

Sources include: Renewables Now

A major cybersecurity incident was narrowly avoided at LastPass, one of the world’s leading password management companies.

LastPass revealed this week that threat actors recently targeted one of its employees in a sophisticated voice phishing or “vishing” attack using deepfake audio technology to impersonate the company’s CEO

The employee received a series of calls, texts and at least one voicemail featuring an AI-generated audio replica of the CEO’s voice attempting to initiate an urgent request. However, the attack failed because the employee recognized hallmarks of a social engineering scam, such as the unusual communication channel of WhatsApp, and reported it.

Mike Kosak, a LastPass intelligence analyst, said quote: “Due to the employee’s suspicion…our employee rightly ignored the messages and reported the incident so we could mitigate the threat.”

While deepfake audio is still an emerging threat, experts warn these types of AI-enabled impersonation attacks are on the rise. A recent global study found 25% of people have encountered an AI voice scam or know someone who has.

The U.S. government issued alerts last week warning healthcare organizations about cybercriminals using deepfake voice cloning to target IT help desks. The FBI and Europol have also cautioned that deepfakes may become a common tool for fraud, evidence tampering and other cybercrimes.

LastPass says it shared details of this incident to raise awareness, as the attacker likely used publicly available videos of their CEO to train the deepfake model. The company was previously targeted in data breaches last year.

Security experts advise organizations to have robust verification protocols, require supervisor approval for sensitive requests, and provide training to help staff detect deepfake social engineering attempts.

Sources include: Bleeping Computer

VMware’s suite of end-user computing products for desktop and application virtualization is getting a new brand identity – “Omnissa” – following their recent $4 billion sale to private equity firm KKR.

The products, which allow delivery of remote desktop experiences to PCs, tablets and mobile devices, were divested by VMware’s new owner Broadcom, which deemed them non-essential after acquiring the virtualization giant.

Signs point to KKR pushing ahead with rebranding the former VMware offerings as “Omnissa”, with official documentation and online resources for users already referencing the new name.

The rebrand comes as the remaining VMware product lines brace for a major system migration initiated by Broadcom that will temporarily pause support, training and purchasing services over the first weekend of May.

According to VMware, numerous customer-facing tools and portals will go offline starting April 30th as the company transitions from SAP to Broadcom’s Oracle software environment – a migration window extending until May 5th.

The tight turnaround for the backend system overhaul coincides with Broadcom’s fiscal quarter close, putting added pressure on teams to complete the complex data migration without disrupting any sales or revenue activities.

It also represents one of the first major tests for Broadcom in delivering on its promised support model bundling VMware’s virtualization products with services.

Any missteps during the transition could prompt backlash from VMware customers already facing rising costs under Broadcom’s revised contractual terms.

As Omnissa emerges as KKR’s newly-acquired brand for end-user computing, the fate of its former VMware siblings rests on Broadcom’s ability to execute a challenging system integration without sacrificing the seamless support experience it’s pledged for its VMware portfolio.

Sources include: The Register

In a major round of job cuts, Tesla is reducing its global workforce by more than 10% according to an internal memo from CEO Elon Musk.

The electric carmaker, which employs over 140,000 people worldwide, is eliminating thousands of roles just weeks after disappointing delivery numbers raised concerns about slowing demand.

In the memo, Musk wrote the painful but necessary move will allow Tesla to become “lean” and hungry again for its next growth cycle.

It comes after Tesla’s first quarter deliveries fell 20% from the prior quarter and over 8% year-over-year – the company’s first annual sales decline since 2020.

Tesla blamed the slump on production challenges with its updated Model 3, as well as supply chain disruptions from the conflict in the Red Sea region and an arson attack at its Berlin factory.

The staff reductions follow months of rumors about impending layoffs, with reports Tesla had instructed managers to identify the most critical roles and delayed some employee performance reviews earlier this year.

It’s not the first time Musk has dramatically cut headcount at Tesla to reduce costs during leaner periods. The company conducted multiple previous rounds of layoffs, including cutting staff working on its self-driving software last year.

The latest cuts also mirror Musk’s move to slash around half of Twitter’s workforce after acquiring the social media platform in 2022.

As Tesla faces intensifying competition and tries to ramp up production of new models like the Cybertruck, and that Cybertruck has had some very bad early reviews, the company is turning to headcount reductions despite Musk previously warning 2024 could see a sales slowdown.

With concerns mounting over cooling demand for its electric vehicles, investors will be watching closely whether the staff purge helps reset Tesla’s cost base ahead of its next targeted wave of growth.

Sources include: Business Insider

 

 

 

VMware’s suite of end-user desktop and application virtualization products is getting rebranded as “Omnissa” following their $4 billion divestiture to private equity firm KKR.

The move comes as the remaining VMware portfolio braces for a major transition shifting customer services from SAP to new owner Broadcom’s Oracle software environment in early May – a migration window that will temporarily pause support, training and purchase capabilities for several days.

As Omnissa emerges under new ownership and VMware products integrate deeper into Broadcom’s operations, customers impacted by both the pricing changes and platform shifts will be watching closely for any disruptions that could hinder the seamless user experience both tech giants have committed to providing.

Sources include: The Register

Microsoft has announced significant price increases coming this fall for its Dynamics 365 suite of cloud-based business applications.

In an update last week, the tech giant said it will raise prices across its Dynamics product line by between 9.26% and 16.67%, representing the first hike in five years.

The highest increase of nearly 17% will apply to the Finance, Supply Chain Management, and Commerce editions of Dynamics 365.

Other products like Sales, Customer Service, Field Service and core operations licenses face bumps of around 10% when the new pricing takes effect October 1st.

Microsoft’s corporate vice president Bryan Goode justified the increases by citing ongoing upgrades like AI-powered customer insights, data analytics capabilities and process automation added to Dynamics annually.

However, the software maker did not explain the varying degrees of price inflation across its different Dynamics product SKUs.

For U.S. government customers, the price hikes will be staggered over two phases in compliance with regulations, with a 10% jump first in October followed by another increase in 2025.

The increases follow similar moves by rival Salesforce last year and come as Microsoft prepares a new wave of AI-driven feature updates across Dynamics 365 powered by technologies like its Copilot assistant.

While inflation has been a factor over the past five years, the extent of these latest price increases from Microsoft may prompt some reassessment from Dynamics customers on the overall value proposition, especially for products facing the highest percentage bumps.

Sources include: The Register

Here’s another Microsoft story where I want to walk lightly, because it’s easy to bash on large companies, but it is a story that raises some critical questions.

A recent article in Wired reports that security experts and critics are accusing the U.S. government of giving Microsoft a free pass, despite the tech giant’s long track record of major cybersecurity lapses that have exposed sensitive government systems to hacking threats.

The story quotes a new report from the federal Cyber Safety Review Board slams Microsoft’s “inadequate security culture” after a 2022 incident allowed Chinese state hackers to breach the company’s systems and access government email communications.

It’s just the latest in a string of high-profile breaches impacting Microsoft customers over several years, including Russian hackers stealing source code and corporate secrets earlier this year.

Though heavily critical of Microsoft, the report is unlikely to spur any meaningful accountability from the U.S. government, which relies overwhelmingly on Microsoft products to power its operations.

Microsoft has become effectively “untouchable” according to experts, due to the government’s deep dependence on its software, its critical role supporting federal cybersecurity efforts, and its sophisticated strategy of positioning itself as a defender of digital safety.

This has allowed Microsoft to sidestep any consequences even as lawmakers fume over its security failures and practices like charging extra for basic threat monitoring that experts say should be included.

Administration officials have refused to criticize Microsoft openly, with some experts accusing the government of lacking the leverage to compel real changes at a company that represents a potential single point of failure for essential services.

Others argue the White House’s own national cybersecurity strategy calls for shifting more security burden to major tech firms like Microsoft that have the resources to invest heavily in defensive measures.

But so far, the U.S. government has demonstrated an inability or unwillingness to stand up to one of the world’s largest tech companies and enforce accountability, despite the risks Microsoft’s vulnerabilities pose to America’s digital infrastructure.

So, here’s my question.  We did a story on “cloud lock-in” recently where the UK government was concerned that without a meaningful alternative, even a government was effectively “locked in.”  With Microsoft’s dominance in so many areas from productivity suites to cloud and now security and even AI, how is the “competitive market” – or how is anybody – supposed to keep it in check?

Sources include: Wired

And that’s our show for today.  Love to hear your opinions as always. You can reach me at [email protected] or our new editorial address – [email protected]

Our show notes are now also posted at TechNewsDay.ca or .com take your pick – along with other stories. Check it out.

I’m your host Jim Love, have a Terrific Tuesday.

 

 

 

 

 

——————————————————-


Click Here For The Original Source.

National Cyber Security

FREE
VIEW