Microsoft Archives

Winsage

May 22, 2025

Palestinian developer disrupts Microsoft keynote: ‘my people are suffering’

Microsoft's Build developer conference experienced protests for two consecutive days due to the company's ties to Israel. During a keynote by Jay Parikh, a Palestinian tech worker interrupted to express concerns about Microsoft's contracts with the Israeli government, calling for an end to the collaboration. Security removed the protester, who was supported by the group No Azure for Apartheid. The previous day, Microsoft employee Joe Lopez also interrupted a keynote to speak against the company's contracts with Israel, urging colleagues to speak out. Microsoft is conducting an internal review of its technology's role in the Gaza conflict, maintaining that its relationship with Israel's Ministry of Defense is commercial and that its technologies are not misused. This follows previous instances of dissent within Microsoft, including disruptions at a 50th-anniversary event.

Winsage

May 22, 2025

Screw the Windows Search Bar, and Use Command Palette Instead

Mac users utilize Spotlight for searching applications, files, calculations, and web browsing, while Windows users have the Search Bar, which is less versatile. Command Palette is a new keyboard launcher for Windows, replacing PowerToys Run, allowing users to execute commands, search the web, find files, and create custom bookmarks with global keyboard shortcuts. Command Palette is part of PowerToys, which can be downloaded from GitHub, the Microsoft Store, or via the Windows Package Manager. After installing PowerToys version 0.9 or higher, users can enable Command Palette in the settings and customize its keyboard shortcut. Users can search for files by selecting the File search option and typing the desired term, and they can switch between open windows and execute commands in the Terminal. The hidden package manager WinGet allows users to install applications via Command Palette without opening the Terminal. Users can also enhance Command Palette with third-party extensions, which are currently limited but may expand in the future.

Winsage

May 22, 2025

Brian Eno Criticizes Microsoft for Support of Israeli Military

Brian Eno has written an open letter to Microsoft titled “Not in My Name,” urging the company to stop providing artificial intelligence and cloud services to the Israeli military. He expresses concern that Microsoft's technological contributions could enable war crimes, stating that the company has acknowledged its support for Israel’s Ministry of Defense. Eno plans to donate his fee from the Windows 95 project to aid victims of the conflict in Gaza. He references a Microsoft blog post about the company's software and services being used by the Israeli government in ways condemned by legal scholars and human rights organizations. Eno emphasizes that selling advanced AI and cloud services to a government involved in systemic ethnic cleansing constitutes complicity and calls for a reevaluation of corporate ethics. He commends Microsoft employees who have spoken out against the company's actions and invites others to join his call for accountability.

Winsage

May 22, 2025

Microsoft quietly released an open source command line text editor for Windows 11 — here’s how you can try it now

Microsoft has introduced a new command line text editor named Edit, designed for Windows 11 and compatible with Linux. It is an open-source tool aimed at users who prefer terminal-based applications, similar to Nano or Vim. A GitHub repository is available for access to the source code and additional resources.

Winsage

May 22, 2025

Microsoft blocks emails that contain ‘Palestine’ after employee protests

Microsoft employees have discovered that emails containing specific terms related to Gaza and Palestine, such as “Palestine,” “Gaza,” and “Genocide,” are being blocked in the company's internal communication system. Variations of these terms, like “Israel” or “P4lestine,” do not face the same restrictions. The No Azure for Apartheid (NOAA) protest group claims this selective blocking is an attempt to suppress free speech among employees advocating for Palestinian rights, labeling it as censorship. Microsoft has acknowledged making adjustments to its email system to limit the circulation of “politically focused emails” and stated that emailing large numbers of employees about non-work-related topics is inappropriate. This situation has coincided with protests against Microsoft's contracts with the Israeli government, including disruptions during the Build developer conference.

Winsage

May 22, 2025

Microsoft’s and Google’s dueling developer conferences reveal opposite AI strategies—and a big weakness for one company

FORTUNE is a recognized business media publication in the U.S. and internationally, known for its insights and analysis. It emphasizes the importance of understanding its Terms of Use and Privacy Policy for user transparency. FORTUNE adheres to strict privacy standards, providing a California Notice at Collection and a comprehensive Privacy Notice regarding the protection of user information and the handling of personal data. The publication may receive compensation for certain links to products and services, which supports its operations, but offers may change without notice.

Winsage

May 22, 2025

Microsoft says 394,000 Windows computers infected by Lumma malware

Microsoft announced the dismantling of the Lumma Stealer malware project in collaboration with global law enforcement. Over 394,000 Windows computers were identified as infected by Lumma between March 16 and May 16. The malware is known for stealing sensitive information such as passwords and credit card details. Microsoft, with a court order, dismantled the web domains supporting Lumma's infrastructure, while the U.S. Department of Justice took control of its central command structure. More than 1,300 domains were seized or transferred to Microsoft, with 300 acted upon by law enforcement and Europol. Other tech firms like Cloudflare and Lumen assisted in this effort. Since 2022, hackers have been acquiring Lumma through underground forums, and it has been used in phishing campaigns and attacks on various sectors, including gaming, education, and critical infrastructure.

Winsage

May 22, 2025

US and Europe crack down on hacking tool used by cybercriminals worldwide

US and European authorities have seized computer systems used by hackers to access a sophisticated hacking tool called Lumma, which has been involved in high-profile cybercrimes, including ransomware attacks and bank thefts. Microsoft took offline approximately 2,300 web domains linked to this activity. Around 394,000 computers worldwide running Windows software were found to be infected by Lumma, targeting various institutions, including airlines, universities, banks, and hospitals, resulting in credit card losses of .5 million in 2023. The primary developer of Lumma is based in Russia, where he markets the tool on platforms like Telegram, charging between [openai_gpt model="gpt-4o-mini" prompt="Summarize the content and extract only the fact described in the text bellow. The summary shall NOT include a title, introduction and conclusion. Text: US and European authorities have taken significant steps to dismantle a sophisticated hacking tool that has been instrumental in a series of high-profile cybercrimes, including ransomware attacks and bank thefts. On Wednesday, the US Justice Department announced the seizure of the computer systems utilized by hackers to access the tool, known as Lumma. Concurrently, Microsoft executed a court order to take offline approximately 2,300 web domains associated with this cybercriminal activity. Impact on Cybercrime This coordinated effort represents a substantial setback for a global hacking enterprise that has proliferated over the past two months. Microsoft reported discovering around 394,000 computers worldwide running Windows software infected by Lumma. The tool has been leveraged to target a range of institutions, from airlines and universities to banks and hospitals, with several Fortune 500 companies also falling victim. Brett Leatherman, the FBI’s deputy assistant director for cyber operations, revealed that Lumma-related attacks resulted in credit card losses totaling .5 million in 2023 alone. However, the crackdown faces challenges, particularly due to the involvement of Russian sovereignty. Analysts from Microsoft have identified the primary developer of Lumma as being based in Russia, where he markets various access levels to the tool on platforms like Telegram and other Russian-language forums, charging between 0 and ,000. The US has previously charged numerous Russian hackers with serious cyber offenses against American entities, yet only a fraction of these individuals have been brought to trial in the US. Russian diplomats have consistently opposed the extradition of accused cybercriminals, complicating efforts to hold them accountable. When asked whether the FBI believes Lumma’s lead developer is currently in Russia, Leatherman refrained from providing specific details, stating, “Regardless of where these individuals sit, even if we can’t charge them with criminal conduct, our victim-centric approach is really focused on targeting that underlying ecosystem … because it brings relief to victims.” The law enforcement operation was a collaborative effort involving Europol, several American and European tech firms, and a Japanese organization. This strategy underscores a growing trend in combating cybercrime, leveraging the extensive reach of software companies within the global economy. Leatherman emphasized the broader implications of this investigation, stating, “This is part of a greater law enforcement investigation into the group [behind Lumma], and we hope that this will also fracture trust within the ecosystem itself.”" max_tokens="3500" temperature="0.3" top_p="1.0" best_of="1" presence_penalty="0.1" frequency_penalty="frequency_penalty"] and ,000. The law enforcement operation involved Europol and several tech firms and aims to disrupt the ecosystem supporting cybercrime.

Winsage

May 22, 2025

Windows 95 chime composer Brian Eno denounces Microsoft for its ties to Israeli government

Renowned musician Brian Eno announced he will donate the earnings from his Windows 95 startup chime to support those affected in Gaza. This decision follows scrutiny of Microsoft’s contracts with the Israeli government amid ongoing humanitarian crises. Eno criticized Microsoft for its involvement in operations contributing to violations of international law and called for the company to suspend services supporting such actions. Microsoft acknowledged its contracts with Israel’s Ministry of Defense but claimed an internal review found no evidence of its technologies targeting civilians in Gaza. Following the October 7, 2023 attack by Hamas, significant casualties have been reported in Gaza, with estimates of over 52,000 to as high as 109,000 deaths. Human rights organizations have accused Israel of war crimes. Protests by Microsoft employees have occurred, demanding accountability for the company's actions. Eno emphasized the need for artists and corporations to consider the implications of their contributions.

Tech Optimizer

May 21, 2025

Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer

Microsoft has monitored Lumma Stealer, an infostealer malware used by financially motivated threat actors. Lumma Stealer, also known as LummaC2, functions as a malware-as-a-service (MaaS) solution that extracts data from browsers and applications, including cryptocurrency wallets. The entity behind Lumma is identified as Storm-2477, which maintains the malware and its command-and-control (C2) infrastructure. Affiliates can create malware binaries and manage C2 communications through a panel provided by Storm-2477. Ransomware groups have integrated Lumma Stealer into their operations. Lumma Stealer employs various delivery techniques, including phishing emails, malvertising, drive-by downloads, Trojanized applications, and abuse of legitimate services. Specific campaigns have been identified, such as one in April 2025 that used EtherHiding and ClickFix techniques to deliver Lumma Stealer via compromised websites. Another campaign on April 7, 2025, targeted Canadian organizations with emails containing invoice lures that led to malicious downloads. The malware is developed using C++ and ASM, employing advanced obfuscation techniques to evade detection. It can extract a wide range of user data, including browser credentials, cryptocurrency wallet information, and user documents. Lumma Stealer maintains a robust C2 infrastructure with multiple hardcoded and fallback C2 servers, utilizing encryption methods to secure communications. Microsoft's Digital Crimes Unit has disrupted Lumma Stealer's infrastructure by blocking approximately 2,300 malicious domains. Recommendations to mitigate the impact of Lumma Stealer include strengthening Microsoft Defender configurations, implementing multifactor authentication, and utilizing phishing-resistant authentication methods. Microsoft Defender products can detect and block activities associated with Lumma Stealer, providing alerts and insights for incident response.