Time to get things back on track.

That’s what Microsoft is aiming for on the cybersecurity side after an embarrassing 2024 that was punctuated with the CrowdStrike-driven outage in July that shut down hospitals, airlines, and other major businesses. Initially thought to be a cyberattack, the CrowdStrike glitch struck Microsoft systems and set virtual machines into a restart loop, rendering them unusable.

In order to supersede further glitches, Microsoft announced in a blog post Nov. 19 that it was launching the Windows Resiliency Initiative.

Details, details. The initiative contains a number of programmatic changes that will make things easier for IT teams and administrators, including Quick Machine Recovery, a new feature that Microsoft says will enable “IT administrators to execute targeted fixes from Windows Update on PCs, even when machines are unable to boot, without needing physical access to the PC.” That feature, Microsoft said, will be open to the Windows Insider Program early next year.

Read the rest here.—EH

When Amazon Web Services (AWS) finds leaked credentials, it goes into principal mode and puts them into a Breakfast Club of restrictions.

While the quarantine restricts certain actions—like the listing of identities or the deleting of a role—some malicious actions are still possible. A free, open-source tool from Permiso Security called “DetentionDodger” finds those detained credentials and what threat actors can still do with them.

“Just knowing the key was quarantined is one issue, but it’s going through and saying, based on all the current permissions, what are all the naughty things that this key can still do, even with that quarantine policy applied? What are all the ways an attacker could dodge detention for this access key based on its current capabilities?” Daniel Bohannon, principal security researcher, told IT Brew. (Bohannon did not create the tool. His colleague Bleon Proko, who contacted IT Brew through email, led the development.)

Hardcoded times. Bohannon said he has seen threat actors using leaked credentials to spin up virtual machines and install Bitcoin miners; he’s also seen key thieves use the company’s large language model (LLM) service Bedrock and abuse AWS’s Simple Email Service to send spam.

“If someone compromises an account for a large organization, what if you can send emails as that organization or just send out spam using their infrastructure at their cost?” Bohannon said.

Read more here.—BH

Python has overtaken JavaScript as the most popular programming language on GitHub, according to the latest edition of GitHub’s annual Octoverse report—probably in large part due to a surge of interest in big data and AI.

According to GitHub, 2024 saw nearly double the number of generative AI projects (a 98% increase), with contributions to those projects rising 59% overall. Martin Woodward, VP of developer relations at GitHub, told IT Brew he believes AI “seems to be…helping more and more people actually call themselves developers.”

There are now over 518 million projects on GitHub, according to the Octoverse report, with over 5.2 billion contributions tracked throughout the year. While Python is used for innumerable purposes, it’s particularly useful for machine learning and big data projects, both of which are key parts of generative AI.

Throughout 2024, Woodward said, the lion’s share of AI development shifted from building machine learning tools like PyTorch and TensorFlow to projects using the resulting models.

Keep reading here.—TM