By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy

Back in the day, Microsoft seemingly kept a long list of enemies otherwise known as competitors, as the company’s product portfolio grew in ambition. However, the days of vindictive and arguably petty Microsoft seem to be behind the company as it’s enemies list shrinks and its collaboration roster expands, yet, there are still a few areas in where the company keeps a healthy competitive nature and to that end, some software, services, and companies remain on a figurative and literal blacklist. According to a report from GeekWire, not only does Microsoft have a figurative blacklist, there is a literal blacklist of products that have been obtained and services from the following companies are frowned upon in internal use by the Redmond-based software company including obvious names such as Amazon Web Services and Kaspersky as well as a few head-scratchers in Grammarly and GitHub. Perhaps, the most noteworthy exclusions come from recent IPO darling Slack, to which Microsoft offers a competitor product in its Teams communication service. Unlike its more neutral stance on cross-platform usage and development, Microsoft seems to be taking an active roll in discouraging and even prohibiting the use of Slack by company employees.  We have some of this prohibited software posted on OUR FORUM.

Google will not be launching a sequel to last year’s Pixel Slate tablet, according to Business Insider and Computer World, and will instead focus its Chrome OS hardware efforts on traditional laptop devices like the Pixelbook. “For Google’s first-party hardware efforts, we’ll be focusing on Chrome OS laptops and will continue to support Pixel Slate,” a spokesperson told Business Insider. Translation: you can expect the Slate to continue to receive software and security updates for several years to come — but there won’t be a Pixel Slate 2. Rick Osterloh, who leads Google’s hardware business, confirmed as much on Twitter on Thursday afternoon. Google went so far as to reveal that it has axed two in-development tablet products, moving the employees who had been working on them to other areas of the company. (Most have apparently joined the Pixelbook team.) The tablets were both smaller in size than the Pixel Slate and were planned for release “sometime after 2019.” But disappointing quality assurance testing results led Google to completely abandon both devices. Google informed employees of its decision on Wednesday. The Pixel Slate received largely mediocre reviews when it went on sale last year. Google earned praise for the device’s hardware design, but the software felt unfinished — Chrome OS has yet to really feel at home on a tablet — and lower-priced versions of the Slate suffered from extremely sluggish performance and lag. Google has resolved some of those issues with updates, but more than anything else, the company might have realized that taking on Apple’s iPad was going to be a losing battle. Follow this thread on OUR FORUM.

Microsoft might be adding an Office app key to physical keyboards for Windows 10 PCs or laptops. In addition to the Windows key, the future keyboards from Redmond may also come with a dedicated Office key that will let you access Microsoft’s Office suite and associated shortcuts. Like the Windows key, a dedicated Office key may help users quickly launch the productivity suite. An internal survey about Office key was also spotted online to determine the usefulness of an Office key on PC keyboards. The idea hasn’t been finalized yet and Microsoft’s form is gathering suggestions or feedback from users. The feedback form is for users (?employees) who have experimented with keyboards that have a dedicated Office key. Microsoft has also included a concept image of the key on a keyboard. As per the concept render, the Office key would be located next to the alt key on the left side. If such a key is introduced, the new layout of the keyboards could be – Windows Key, Alt, Office key and Space bar. The form, which is part of an internal survey at Microsoft, also gives us a little bit of insight into the new keyboard key. The Office key would introduce new shortcuts on Windows and you’ll be able to launch a particular Office app with a keyboard combo. For instance, Office Key + W and Office Key + P will launch Microsoft Word and PowerPoint respectively. If the idea is brought to production, the manufacturers have to dedicate more space to integrate this button into the existing keyboard layout. Get a better perspective by visiting OUR FORUM.

Microsoft issued a warning over the weekend about an active Linux worm that is targeting a recently disclosed Linux Exim mail server vulnerability. Though existing mitigations exist to block the worm functionality of this infection, Microsoft states that Azure servers can still be infected or hacked through this vulnerability. Exim is a very popular mail server software, or message transfer agent (MTA), that is used to send and receive an email for its users. Recently, the CVE-2019-10149 vulnerability was discovered in Exim 4.87 to 4.91 that allows attackers to remotely execute commands on a vulnerable server. Last week, Amit Serper of CyberReason discovered an active worm utilizing this vulnerability to infect Linux servers running Exim with cryptocurrency miners. The worm would then utilize the infected server to search for other vulnerable hosts to infect. In an article posted Saturday, the Microsoft Security Response Center (MSRC) confirms that they have detected this worm targeting Azure customers. "This week, MSRC confirmed the presence of an active Linux worm leveraging a critical Remote Code Execution (RCE) vulnerability, CVE-2019-10149, in Linux Exim email servers running Exim version 4.87 to 4.91," stated a blog post by  JR Aquino, a Microsoft manager in Azure Incident Response. "Azure customers running VMs with Exim 4.92 are not affected by this vulnerability," Microsoft warns, though, that even though the worm functionality is being mitigated, it does not mean that vulnerable Azure server is protected from the remote code execution vulnerability and could still be infected or hacked. Complete details are posted on OUR FORUM.

Three U.S. universities have disclosed data breach incidents impacting personally identifiable information of students or employees following unauthorized access to some of their employees' email accounts. All three universities — Graceland University, Oregon State University, and Missouri Southern State University — have notified the individuals whose personal information was potentially stolen or accessed about the security incidents. In addition, no evidence has been found of the impacted personal information being stolen or used in a malicious manner while investigating the disclosed data privacy incidents involving all three universities. As the university discovered during the breach investigation, "the personal information of some people who had interacted with these email accounts over the past several years was available during the time the unauthorized user(s) had access." As the university discovered during the breach investigation, "the personal information of some people who had interacted with these email accounts over the past several years was available during the time the unauthorized user(s) had access." After analyzing the contents of the impacted Office 365 accounts, MSSU found that the emails contained within stored "first and last names, dates of birth, home addresses, email addresses, telephone numbers, and social security numbers." We have named all 3 universities and have their comments posted on OUR FORUM.

A new Android Trojan that uses web push notifications to redirect users to scam and fraudulent sites has been discovered by security researchers on Google's Play Store. Multiple fake apps of well-known brands that distributed the malware dubbed Android.FakeApp.174 got removed in early June after researchers from Doctor Web reported them to Google. While the apps were only installed by a little over 1000 users, the malware operators could publish other similar apps at any time on the Play Store and might also be switching to more aggressive attack methods such as redirecting victims to malicious payloads, launching phishing attacks targeting bank customers, or spreading fake news. For instance, "Potential victims can think the fake notification is real and tap it only to be redirected to a phishing site, where they will be prompted to indicate their name, credentials, email addresses, bank card numbers, and other confidential information," Doctor Web explains. When the malicious fake apps are first launched, the Android.FakeApp.174 Trojan loads a site hardcoded in its settings using the Google Chrome web browser, a website which asks the targets to allow notifications under the guise of verifying that the user is not a bot. Upon agreeing to enable web push notifications for "verification purposes," the compromised device's owner is subscribed to the site's notifications and will be spammed with dozens of notifications sent by Chrome using Web Push technology. These push notifications can pose as a wide range of alerts ranging from new social media messages and news to new social media events and notifications seemingly being pushed by applications installed on the device. Follow this by visiting OUR FORUM.