Too busy this week to catch all of the latest tech news? Have no fear: We’ve compiled and summarized TechRepublic’s top stories for Aug. 25 – Sept. 1.
What is the Microsoft Intelligent Data Platform?
Companies increasingly spread pertinent organizational and customer data across several systems, which increases the possibility of misuse or underuse of that data. Microsoft Intelligent Data Platform seeks to unify and standardize data across the organization.
TL;DR: Using Synapse Link and Microsoft Purview, the Intelligent Data Platform lets companies understand the data they have spread across multiple systems and then link operational and analytic data sets to better use the data they’re already creating and storing.
Cosmetics giant Sephora first to be fined for violating California’s Consumer Privacy Act
Sephora received a $1.2 million bill for violations of the CCPA. This is the first public fine under the law, which was passed in 2018. The cosmetics company has been charged with failing to inform customers of the sale of their personal data and neglecting to process requests to opt out of the sale of their data within the 30-day time frame required by the law.
TL;DR: Companies that do business in California and beyond should take note: Failure to make adjustments to their websites or policies in line with the law could soon put them in financial peril. Laws similar to the CCPA will go into effect in Virginia, Utah, Colorado and Connecticut in 2023.
Sliver offensive security framework increasingly used by threat actors
Microsoft has released a report stating that a common open source pentesting tool available on GitHub is also being used by attackers. The methods of attack available through Silver are easily obfuscated but not easily detectable by security professionals.
TL;DR: Microsoft and the UK’s National Cyber Security Center have offered detection methods for the currently-available versions of Silver, but these tools may not work for future or altered versions of the pentesting tool.
How a business email compromise attack exploited Microsoft’s multi-factor authentication
Bad actors were able to gain access to sensitive information by gaining access to an executive’s Microsoft 365 account and setting up an alternate authentication method to bypass the default multi-factor authentication settings. The account was breached in an AiTM attack that gave the attacker access to email and account settings.
TL;DR: Default multi-factor authentication settings should be examined, and where appropriate, companies should consider implementing alternate methods like Microsoft Hello or FIDO.
Why Web3.0 blockchain technology is driving a six trillion dollar market
Despite the recent downturns in the cryptocurrency markets, blockchain technology can be used to support a wide variety of industries and business cases. Healthcare, IoT, finance and retail are all poised to benefit from blockchain tech and the relative security of decentralized systems, says a recent report.
TL;DR: While most companies won’t use blockchain or cryptocurrencies for invoicing anytime soon, the technologies behind Web3.0 are driving innovations across industries, especially in combination with AI, decentralized apps, the metaverse and video gaming technologies.