Sean Kalinich

After Phill Spencer’s recent comments on why Microsoft can’t beat Sony or Nintendo via “normal methods” we started to wonder why he would make this kind of statement. So, with our usual OCD we dove into some of the things that are happening at both Microsoft and Microsoft Gaming. Microsoft has been in an interesting spot and not for the first time. They seem to get into this spot where they are in between strategic and tactical projects. In this “down” time we tend to seem them look to shore up documentation, investigate acquisitions to expand their reach, and start to plan for their next conquest.

Microsoft’s Patch Tuesday for May included a patch that was a fix for a flaw that was created from another patch back in March 2023. The March patch was meant to fix vulnerability CVE-2023-23397 which was a known exploited critical vulnerability in Microsoft Outlook’s MapUrlToZone security measure. It was allegedly abused by Russian based threat actors since April 2022. The new flaw is a bypass for the fix put in place in March.

There is an old saying that says, when you can no longer do, you teach. This might be a relatively true axiom in the regular world, but in the world of cybercrime it is certainly not what you find happening. Instead, we tend to see that when organized groups no longer want the headache and hassle of doing the heavy lifting for attacks, they just build a platform to sell their tools to others. We have seen ransomware as a service, malware as a service, malvertising as a service, and even phishing as a service.

If I were to build a list of companies that I would not want to build an AI project Meta, the parent company of Facebook is probably sitting at the top of the list. Yet here we are with a company known for manipulating users, user data and a proven habit of abusing the information it has. Meta is building an AI tool they are calling ImageBind that looks to expand on AI currently understands an environment. Most current AI image generators are (in very simple terms) texts to image generators. They take input in the form of words and create an image from learned input (again in very simple terms).

Yesterday we reported on a ransomware attack that impacted PC and component manufacturer MSI. When they, MSI, disclosed the attack they claimed there was no significant impact, but failed to consider that most, if not all, modern ransomware attacks also incorporate exfiltration techniques to ensure a ransom is paid. This this case, the group Money Message had exfiltrated data a claimed 1.5TB of data that included firmware, source code, and databases. This sounds a bit significant at this point.

In January of 2023 the Print Management Software company PaperCut was advised of two Remote Code Execution (RCE) bugs. These bugs were in their PaperCut MF and PaperCut NG software products. PaperCut worked with the group that identified the bugs, TrendMicro, to develop a patch prior to disclosure of the flaw. The patch was made available to PaperCut clients on March 8th and the vulnerability was disclosed on April 20th. However, as is the case with things like this, the patches were not rolled out as one would have hoped.

Updated May-08-2023 with statement from Intel
Back in early April MSI, a popular PC and PC component maker, disclosed that it had a security incident. They stated that they quickly rolled out their Incident Response Team and enacted their recovery procedures (IR and BC/DR plans). Not much was known about the attack at the time, including when the incident happened, just that the disclosure was made to the relevant authorities.

Ransomware is a pain in the ass, no matter what type it is. You have a piece of code that comes in, encrypts all your files, steals them and then you must deal with paying a ransom of some sort to either get your files back or prevent potential disclosure of sensitive information. It is not exactly what you want to deal with on a given day. So, when a new method of deploying ransomware pops up you can excuse our thinking “oh what fresh hell is this”.

Phil Spencer, CEO of Microsoft Gaming recently admitted that Xbox is not able to beat rivals Nintendo and Sony using normal methods. The means that Spender is talking about is the release of console specific titles. He feels that gamers are not likely to change allegiances simply because Xbox comes out with a new Xbox only title regardless of how anticipated that title is. He is right about this, but it also works in the opposite direction. Xbox gamers are not likely to switch to Sony or Nintendo simply because of a premier title.

A not so new feature at DecryptedTech is going to be our thoughts on gaming, game releases, and the game industry as a whole. This is actually not something new to DecryptedTech. In the past we had our Short Attention Span reviews of AAA titles where we jumped in with both feet to see if a new game release could even capture our attention. Now we are looking to dive a little deeper into each game.

Page 13 of 224