By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Microsoft sued a cyber-espionage group with North Korean links tracked as Thallium for breaking into its customers' accounts and networks via spear-phishing attacks with the end goal of stealing sensitive information, as shown by a complaint unsealed on December 27. "To manage and direct Thallium, Defendants have established and operate a network of websites, domains, and computers on the Internet, which they use to target their victims, compromise their online accounts, infect their computing devices, compromise the security of their networks, and steal sensitive information from them," Microsoft's complaint says]. The lawsuit was filed by Microsoft on December 18 in the U.S. District Court for the Eastern District of Virginia, as first reported by Bloomberg Law's Blake Brittain. According to Microsoft, Thallium targets both public and private industry targets and it has been observed while previously attacking "government employees, organizations and individuals that work on Nuclear Proliferation issues, think tanks, university staff members, members of organizations that attempt to maintain world peace, human rights organizations, as well as many other organizations and individuals." The North Korean hackers are also believed to have been active since at least 2010 according to Redmond's complaint, and it is known for being behind spear-phishing attacks they operate via legitimate services such as Gmail, Yahoo, and Hotmail. A list of 50 domains used by Thallium in their attacks is available in Appendix A of Microsoft's complaint against the hacking group. Netscout's ATLAS Security Engineering & Response Team (ASERT) also tracks one of the North Korean hacking group's campaigns as STOLEN PENCIL. According to Netscout, the hackers' STOLEN PENCIL APT campaign has been targeting academic institutions since at least May 2018 in spear-phishing attacks with the end goal of stealing credentials. Based on several shared resources, Palo Alto Networks' Unit42 also linked Thallium's STOLEN PENCIL campaign with a malware dubbed BabyShark and delivered as part of a spear-phishing campaign focused "on gathering intelligence related to Northeast Asia’s national security issues," starting with November 2018. "Well-crafted spear-phishing emails and decoys suggest that the threat actor is well aware of the targets, and also closely monitors related community events to gather the latest intelligence," Unit42 said. Follow the link to OUR FORUM for more.

Microsoft is working on adding support to the Outlook on the web browser-based client for sending emails via alias email addresses (also known as aliases or proxy addresses). After the feature's release, Office 365 customers will be able to send messages via Outlook on the web using any previously set up alias besides their primary SMTP address. Email sender aliases support will prove useful for users who need to send emails from multiple branded domain names or on behalf of a specific company team or department. Having the choice to choose any alias available for their account will also remove the hassle of setting up shared Office 365 mailboxes or creating additional POP or IMAP accounts. "So to kick-off our journey to provide you and your users with the flexibility to send email using an alias, we're excited to announce that soon Outlook on the web (aka OWA) will natively support the ability to choose the sender or FROM from a drop-down list right within the compose pane," says the planned feature's Microsoft 365 roadmap entry. "And when the recipient receives that message, the FROM and REPLY TO will show that alias, regardless where the recipient's mailbox happens to live." This new feature designed to allow Office 365 customers to send email from proxy addresses (aliases) from Outlook on the web is currently under development, with Microsoft planning to make it generally available in all Exchange environments during Q4 2020. In related news, Microsoft is working on adding the highly popular Outlook for Windows Message Recall feature to the Exchange Online hosted cloud email service for businesses. Once it will roll out to all Office 365 environments during Q4 2020, the Message Recall feature will make it possible for users of Microsoft's cloud email to retrieve emails not yet opened by the recipients, regardless of the email client they use. Redmond is also planning to add protection against Reply-All email storms in Exchange Online sometime during Q3 2020, an issue impacting Office 365 members of improperly locked down email distribution lists. Reply-All storms (aka reply-allpocalypses) are huge chain reaction email sequences usually started by one of the members of a large email list who replies to the entire list using the "Reply All" feature. This can lead to accidental Distributed Denial of Service (DDoS) incidents that could take down some of the email servers used to deliver the numerous replies. Follow this and more on OUR FORUM.

In 2019, smartphone brands have made huge jumps in camera quality, especially when it comes to zoom and low-light. On the other hand, video quality hasn’t been given the same amount of attention. That could change in 2020 with the Qualcomm Snapdragon 865’s improved ISP. Yet, even as Android smartphones are shipping with larger internal storage capacities, have faster modems, and are now supporting 5G networks, an old limitation prevents most of these phones from saving video files that are larger than 4GB in size. However, that could change in Android 11, the next major version of Android that’s set to release in 2020. I’ll try to summarize the reasoning behind this limitation without going too deep into the technical aspects. Basically, Google decided that Android’s MediaMuxer and MPEG4Writer classes, which are respectively responsible for muxing (combining) video files and saving them as MP4 files, should support outputting an MP4 file with a maximum size of 2^32 – 1 byte, which is approximately 4GB. This decision was made in early 2014, back when the Google Nexus 5 with its maximum 32GB of internal storage was still on the market, SD cards were still widely in use, and the first phones with 4K video recording had just come to market (Galaxy Note 3). Thus, there wasn’t much demand to save video files over 4GB in size: most phones didn’t have enough storage, SD cards formatted in FAT32 wouldn’t support it anyway, and few phones recorded in high enough quality to even meet that limitation. Fast forward 5 years and much has changed: there are now phones with 1TB of storage, SD cards are now the exception rather than the norm, and 4K video recording is ubiquitous, with 8K video recording soon to reach devices. Today, if you record a 4K video on the Pixel 4, your video will reach 4GB in size in about 12 minutes; that’s at the default quality settings of 30fps for the frame rate and 48Mbps for the bitrate. After about 12 minutes of recording, the camera app will save the video and immediately begin recording another video – without the user noticing. When you check your phone’s DCIM folder, you’ll notice that what was supposed to be one continuous video recording has instead been split into multiple video files. For example, a 73-minute video recording on my Pixel 4 was split into 7 different files – all of which were seen by Google Photos as separate recordings. It’s not difficult to mux these MP4 files before uploading to Google Photos, but you’ll have to use a third-party app if you want to do so. Most people wouldn’t bother or know how to do so, I would imagine. Further details provided on OUR FORUM.

Time is running out for anyone still on Windows 7. Soon there'll be no more security and software updates. Here's what you need to do. The end is near: All support for Windows 7 expires on Jan 14,2020. While the operating system will remain fully functional, no more updates mean you could be working on a computer with major security holes that won't ever be fixed by Microsoft. Considering that the number of vulnerabilities on Windows 7 that could be potential entry points for Trojans or viruses is steadily increasing, you need to have a plan to upgrade to Windows 10. Most private users will be able to get a free update. Windows 10 accepts Windows 7 installation keys – provided you still have that edition installed. You can make the change in three ways: Upgrade the Windows 7 installation to Windows 10, replace it with a brand new Windows 10 installation or install the new operating system parallel to the old one. Whichever you do, you should save your data beforehand and download the free Media Creation Tool from Microsoft. With this, the disk image required for the migration can be downloaded and saved on a USB stick, for example. The advantage of a parallel installation is that all your programs, settings and data will remain untouched. The entire Windows 7 installation is preserved and is only a restart away. If you're upgrading, the experts recommend that you check that all your drivers are up to date beforehand, in particular critical ones such as for the graphics chip or USB interfaces. You also need to uninstall any virus scanner, as Windows 10 brings its own (Defender). Otherwise, the upgrade may fail due to outdated drivers or because the virus scanner blocks it. When you go to upgrade, you need to insert the USB stick or DVD containing the Windows 10 disk image while Windows 7 is running and click on the "Setup.exe" file. If you want a fresh install of Windows 10 that completely replaces Windows 7, you need to restart the computer so it can boot from the USB stick or DVD.

At Microsoft’s Ignite 2019 conference, the company announced the general availability date for its new Edge web browser. The Chromium-based Microsoft Edge will be available on January 15 and it appears that the migration will happen in the background through an over-the-air software update. In updated support documentation, Microsoft quietly announced that Chromium-based Edge will be rolled out to Windows 10 computers via a Windows Update. It makes sense since the Chromium-based version of Edge is not tied to Windows or any operating system releases. The document suggests that users will not have the option to keep the old Edge and the new browser would be deployed ‘automatically’ for all systems running Windows 10 version 1803 (April 2018 Update) or newer. “To help our customers become more secure and up-to-date, Microsoft will distribute Microsoft Edge (Chromium-based) through Automatic Updates for Windows 10 RS4 and newer,” the company said. While the consumers will be forced to try the new Edge experience, Microsoft says it will launch a Blocker Toolkit for organizations so administrators can control the installation of the new browser on configurations with automatic Windows Update enabled. Microsoft is hoping to address the bugs and add new extensions to the store ahead of the browser’s general availability in January. Microsoft is inviting developers to update their existing Edge extensions and as well as migrate their other extensions to the new browser. The classic Edge never got a significant number of browser extensions due to its low adoption and Microsoft’s strict policy of manually reviewing each extension. While Microsoft will still review the extensions and the process could be slow, Edge users will be able to install Chrome or Chromium extensions from other marketplaces such as Chrome web store. Chromium-based Edge currently has more than 100 extensions available on its add-ons website, but the store is likely to get many more add-ons ahead of the browser’s general availability in January. Follow this and more on OUR FORUM.

Microsoft has unveiled the Xbox Series X, its flagship next-generation console succeeding Xbox One, promising leading performance at up to 8K or 120Hz. While formerly teased under the Project Scarlett moniker, it closes the year with an early glimpse of its top-tier SKU on track for late 2020. That includes a sleek all-black tower-style casing, with a refined Xbox controller characterized by a fresh look and share button. The Xbox Series X is expected to go head-to-head with the Sony PlayStation 5 next holiday, kicking off a new hardware cycle scrambling for performance. Microsoft has detailed sizeable CPU and GPU upgrades under the hood, backing our previously-reported Xbox Series X specifications, looking to support improved resolutions, framerates, and overall graphical fidelity. And while pledging to deliver Xbox Series X in 2020, Microsoft is yet to open preorders for the console. With a formal price yet to be unveiled, we're yet to receive the opportunity to lock down a payment – assumedly on hold until closer to launch. While some third-party retailers allow buyers to "register" interest and subscribe to future updates, there's no official option to preorder in late 2019. With the Xbox Series X reveal, GameSpot sat down with Xbox partner director of program management, Jason Ronald, discussing the team's current stance of preorders. "We think, in the end, what people want from us is ... to put a controller [in their] hand," Ronald told GameSpot. "People tell me, 'Hey, I want to pre-order right now,' and we definitely love that--like it's great to have those fans--but I also know that these investments aren't trivial for families. I want to be transparent about what our design goals are." So, when will Xbox Series X preorders go live? That's currently unclear, with Microsoft remaining coy on plans and when future updates are expected. Redmond is still locking down the final hardware configuration planned for the console, which makes sense given the full year before launch. When preorders do go live, expect Amazon, GameStop, Best Buy, and all other major retailers to stock the device. Pricing for the Xbox Series X also remains a mystery, although with both Xbox One and Xbox One X positioned at $500 from launch, expect a somewhat similar ballpark for the next console. Whether the Xbox Series X sees a dedicated reveal event next spring, similar to the original Xbox One, or Microsoft shelves the device until E3 in June, expect to more on pricing, and how to place your order in 2020. Follow this thread by visiting OUR FORUM.