Microsoft Outlook 2016 Introduction Training Course

The QES Microsoft Outlook 2016 Introduction training course is designed to give you the fundamental skills.

How to replace Microsoft and support the BDS boycott

reach out to your tech friends about replacing windows with an alternative operating system, such as linux or a *BSD OS. if you decide to do this on your own, make sure to back up your hard drive first. windows profits off your usage data (even if you never paid for it) and can use it to train their AI, which is arming israel.

if your work or school requires you to acquire windows, look up massgrave (it's very simple to activate windows).

duckduckgo is just microsoft's bing in a trench coat. they have made a secret exception for microsoft's tracking services in the past. check out Searx instances, or try alternative indie web search engines such as Marginalia or Wiby.

if you're using microsoft's outlook for email, consider Tuta or Disroot (avoid proton; it's all privacy theatre that's only somewhat better than other email providers, and the CEO has voiced support for trump).

don't pay to watch the minecraft movie that's coming out. i've heard it's incredibly underwhelming anyway.

insist on playing minecraft but don't want to give microsoft money? avoid bedrock edition. check out UltimMC if you need a way to acquire java edition and you don't own it. if you're a server operator, you can set your server to offline mode in server.properties which allows people who acquire minecraft the cool way to connect, but this should be paired with a server-side authentication plugin/mod for safety reasons (in offline mode, anyone can log in with any username, including a whitelisted or operator username, and there are bots scanning for servers to grief). don't use realms. disable telemetry with mods if you can.

get a vpn (i recommend airvpn for p2p connections) and download qBittorrent. in case you're interested in media published by microsoft. or just in general. learn to torrent, and make sure all your torrent traffic goes through your vpn service.

if you're using microsoft edge, consider switching to an alternative browser such as LibreWolf (basically firefox with better privacy and security out of the box; mozilla is not the innocent robin hood figure they're made out to be) or Ungoogled-Chromium (chromium without the google spyware; unfortunately lacks auto-update in most cases).

if you're using microsoft's AI for anything, consider getting a library card instead.

Over the last decade, the Kremlin's most aggressive cyberwar unit, known as Sandworm, has focused its hacking campaigns on tormenting Ukraine, even more so since Russian president Vladimir Putin's full-scale invasion of Russia's neighbor. Now Microsoft is warning that a team within that notorious hacking group has shifted its targeting, indiscriminately working to breach networks worldwide—and, in the last year, has seemed to show a particular interest in networks in English-speaking Western countries.

On Wednesday, Microsoft's threat intelligence team published new research into a group within Sandworm that the company’s analysts are calling BadPilot. Microsoft describes the team as an “initial access operation” focused on breaching and gaining a foothold in victim networks before handing off that access to other hackers within Sandworm’s larger organization, which security researchers have for years identified as a unit of Russia’s GRU military intelligence agency. After BadPilot's initial breaches, other Sandworm hackers have used its intrusions to move within victim networks and carry out effects such as stealing information or launching cyberattacks, Microsoft says.

Microsoft describes BadPilot as initiating a high volume of intrusion attempts, casting a wide net and then sorting through the results to focus on particular victims. Over the last three years, the company says, the geography of the group's targeting has evolved: In 2022, it set its sights almost entirely on Ukraine, then broadened its hacking in 2023 to networks worldwide, and then shifted again in 2024 to home in on victims in the US, the UK, Canada and Australia.

“We see them spraying out their attempts at initial access, seeing what comes back, and then focusing on the targets they like,” says Sherrod DeGrippo, Microsoft’s director of threat intelligence strategy. “They’re picking and choosing what makes sense to focus on. And they are focusing on those Western countries.”

Microsoft didn't name any specific victims of BadPilot's intrusions, but broadly stated that the hacker group's targets have included “energy, oil and gas, telecommunications, shipping, arms manufacturing,” and “international governments.” On at least three occasions, Microsoft says, its operations have led to data-destroying cyberattacks carried out by Sandworm against Ukrainian targets.

As for the more recent focus on Western networks, Microsoft's DeGrippo hints that the group's interests have likely been more related to politics. “Global elections are probably a reason for that,” DeGrippo says. “That changing political landscape, I think, is a motivator to change tactics and to change targets.”

Over the more than three years that Microsoft has tracked BadPilot, the group has sought to gain access to victim networks using known but unpatched vulnerabilities in internet-facing software, exploiting hackable flaws in Microsoft Exchange and Outlook, as well as applications from OpenFire, JetBrains, and Zimbra. In its targeting of Western networks over the last year in particular, Microsoft warns that BadPilot has specifically exploited a vulnerability in the remote access tool Connectwise ScreenConnect and Fortinet FortiClient EMS, another application for centrally managing Fortinet's security software on PCs.

After exploiting those vulnerabilities, Microsoft found that BadPilot typically installs software that gives it persistent access to a victim machine, often with legitimate remote access tools like Atera Agent or Splashtop Remote Services. In some cases, in a more unique twist, it also sets up a victim's computer to run as so-called onion service on the Tor anonymity network, essentially turning it into a server that communicates via Tor's collection of proxy machines to hide its communications.

Another, separate report Tuesday from the cybersecurity firm EclecticIQ pointed to an entirely distinct hacking campaign that firm also ties to Sandworm. Since late 2023, EclecticIQ found the hacker group has used a malware-infected Windows piracy tool, distributed via Bittorrent, to breach Ukrainian government networks. In those cases, EclecticIQ found, the hackers have installed a remote access tool called Dark Crystal RAT to carry out cyberespionage.

Any sign of Sandworm, which Microsoft refers to by the name Seashell Blizzard, raises alarms in part because the group has a history of hacking operations that go far beyond mere spying. Over the last decade, the group has caused at least three blackouts by targeting electric utilities in Ukraine—still the only such hacker-induced blackouts in history. The group also released the NotPetya malware that spread worldwide and did at least $10 billion in damage, and it used wiper malware to destroy countless networks in more targeted attacks across Ukraine both before and after the 2022 invasion.

Microsoft has so far found no evidence that, in BadPilot's targeting of Western networks specifically, Sandworm has shown any intention to carry out anything other than espionage. “This seems very early in terms of initial resource gathering, trying to get this much persistent access,” says Microsoft's DeGrippo. “Then we would have to wait to see what they do with it.”

But she notes that BadPilot is nonetheless tied to a larger group that has a history of highly disruptive cyberattacks. “Therefore," says DeGrippo, "the potential actions that they could take next is of deep concern.”

Regarding AI and Climate Change

I know that, generally, most people on this website seem to have an understanding that AI is bad. But, let's expand (with sources at the bottom).

We know that AI steals people's work and uses it and recycles it without ever asking for permission or giving credits.

But, do you know about AI's impact on our planet?

In order to have a 67% chance of Earth's climate returning to the way it was before human intervention, we have five years to completely halt all carbon emissions. Five years. To reduce our carbon emissions to zero. Each year that we fail to reduce our carbon emissions and pollution according to the targets set by the Paris Climate Agreement, we lose more of our carbon budget and give ourselves less time to transition to a sustainable future.

And AI is burning us through energy, water resources, and carbon even faster.

With each search, AI can use anywhere from 30-100 kilowatts of electricity. Millions of gallons of water are required to cool the hardware used for training and running generative AI models, which strains municipal water systems and local ecosystems. Tech companies that have implemented AI, like Microsoft, Google, and Meta, have seen 48-66% in increases in carbon emissions.

And resource usage will only increase as AI is further developed and more widely used.

The outlook is grim. But we have seen throughout history that collective movement of the people does change things. We need to mobilize. Stop using AI. Educate the people around you about the climate crisis and AI's contributions to it.

Our future depends on it.

~

References and further reading:

The Climate Book by Greta Thunberg

Explained: Generative AI’s environmental impact by Adam Zewe 

Generative AI’s environmental costs are soaring—and mostly secret by Kate Crawford 

AI’s Climate Impact Goes Beyond its Emissions by Jude Coleman 

AI Is Pushing the World Toward an Energy Crisis by Ariel Cohen 

AI’s Energy Demands Are Out of Control by Reece Rogers 

AI’s Insatiable Appetite for Energy by David Gelles 

The Obscene Energy Demands of AI by Elizabeth Kolbert 

To Do List dan Kalender Digital.

Sejak bekerja di sebuah perusahaan Swasta di Jakarta dulu, salah seorang mentorku mengenalkanku dengan fitur kalender outlook. Ia terbiasa memasukkan semua jadwalnya dan to do list harian ke dalam outlooknya.

Dari situpun aku belajar bagaimana agar dalam sehari benar-benar produktif. Setiap bulan target2 itu akan di review sekaligus schedule bulan selanjutnya.

Bahkan, atasanku rata-rata memasukkan jadwal mereka ke dalam kalender yang kesemuanya telah terintegrasi, sehingga kami sebagai bawahan pun mengetahui jadwal beliau.

Aku pun masih ingat saat melanjutkan studi di Swedia dulu, termasuk saat training di Inggris, kalender professorku rata-rata dapat diakses, sehingga kita bisa tahu availabilitas beliau tanpa harus mengonfirmasi manual. Termasuk booking meeting dengan beliau pun semua sudah melalui kalender tsb, dan tersinkronisasi dengan semua device selama kita login akun tersebut. Saat kita ingin membooking study room pun juga sudah terconnect melalui platform digital, dan setiap orang memiliki batas maksimum waktu utk menggunakanya. Hal yang aku impikan semoga suatu saat digitalisasi ini benar benar menyeluruh di tempatku sekarang.

Hingga saat ini aku masih membiasakan diri mencatat segala to do list dan jadwal melalui outlook calendar dan microsoft to do list. Untuk mengurangi whatsapp mahasiswa keperluan konsultasi aku menggunakan microsoft booking form yang juga tersinkron di kalenderku. Sengaja kubuat link kalenderku visible ke para mahasiswa agar mereka dapat mengetahui availabilitasku. Rasanya begitu puas saat mengetahui to do list itu tercentang satu per satu.

Sayangnya barangkali tidak semua orang familiar dengan fitur fitur seperti ini. Undangan rapat bahkan mengirim file skripsi kadang masih lewat wa, yang membuat memori hp mudah sekali penuh (apa wktunya ganti hp wkwk). Kadang aku berpikir padahal untuk berlangganan fasilitas seperti ini, sudah pasti institusi membayar mahal, namun sayangnya belum terutilisasi secara maksimal. Akhirnya digitalisasi tak ubahnya seperti hal-hal manual yang dilakukan secara digital.

Apakah kamu merasakan hal yang sama?

#30haribercerita #30hbc2404

New online habits (nerd talk)

I've joined the Proton mail and Vivaldi browser family.

With all that is going on with corporate corruption, scam mails and hacking. I decided to get a few new baskets for my eggs, sort of speak. These are programmed in the EU and promises safety for their users.

I thought it wouldn't hurt to try them out and support their business. But I still have some trust issues and will take it slow.

Once I finished setting up my accounts, I noticed that Proton is still working on it's safety features. Not that it didn't feel safe. It just had some issues connecting with my phone number (Yeah, I wanted to start fresh and actually give a company my number.) I had to set up my old mail to verify the account for now. Fine then. Hopefully I get that fixed. I was planning on eventually dissing my old outlook mail for lacking privacy. Now I need it the same way a minor need the signature of a abusive parent to set this train in motion. Sigh~

The Vivaldi browser had a similar problem. But the issue was mostly in the storage of passwords and bookmarks. Which I didn't fully plan to use anyway. At least they let me know what the issue was and ask me to check for updates to have that fixed. That straight forward level of informative customer service felt new to me. Like they actually care what I know and what I think. Google and Microsoft better watch their tone.

Once I get Vivaldi going the way I want, I'll log in to my social media accounts on there. They even have calendar services and cloud saved bookmarks between phones and computers. This will be extremely helpful for art-projects and job-hunting.

Diploma in Computer Application

A Diploma in Computer Application (DCA) is a popular short-term course that offers a solid foundation in computer fundamentals and applications. It's designed to equip individuals with the necessary skills to work in various IT-related roles.

Why Choose a DCA Course?

Quick and Efficient: DCA courses are typically shorter in duration, making it a time-effective way to acquire essential computer skills.

Practical Learning: The curriculum emphasizes hands-on training, allowing students to gain practical experience with software applications and hardware components.

Diverse Career Opportunities: A DCA certification opens doors to a wide range of job roles, including:

Data Entry Operator

Computer Operator

Web Designer

Software Tester

Technical Support Specialist

IT Assistant

Foundation for Further Studies: A DCA can serve as a stepping stone for higher education in computer science, information technology, or related fields.

Core Subjects in a DCA Course

Computer Fundamentals: Basic concepts of computers, hardware components, and software applications.

Operating Systems: Understanding and using various operating systems like Windows, Linux, and macOS.

Microsoft Office Suite: Proficiency in MS Word, Excel, PowerPoint, and Outlook.

Internet and Web Technologies: Basics of the internet, web browsing, email, and web development tools like HTML, CSS, and JavaScript.

Database Management Systems: Introduction to database concepts and SQL.

Programming Languages: Basic programming concepts in languages like C, C++, or Python.

How to Choose a Good DCA Institute

When selecting a DCA institute, consider the following factors:

Experienced Faculty: Ensure that the institute has experienced and knowledgeable faculty members.

Infrastructure: Well-equipped computer labs and other facilities are essential for practical learning.

Placement Assistance: A good institute should offer job placement assistance to help students secure employment.

Course Curriculum: The curriculum should be up-to-date and relevant to industry standards.

Fee Structure: Compare fees and financial aid options offered by different institutes.

By pursuing a Diploma in Computer Application, you can enhance your digital literacy, boost your career prospects, and stay relevant in the ever-evolving technological landscape.

Bennett University: A Leading Destination for Quality Higher Education

When it comes to choosing the right university, students are not just looking for academic excellence but also for institutions that provide holistic development. Bennett University, located in Greater Noida, Uttar Pradesh, is emerging as a prime destination for higher education in India. Established by the Times of India Group in 2016, Bennett University is dedicated to empowering students with cutting-edge skills and global perspectives.

Why Bennett University Stands Out

1. World-Class Curriculum

Bennett University offers a range of undergraduate, postgraduate, and doctoral programs designed in collaboration with leading global institutions. The curriculum is tailored to meet the demands of a rapidly evolving job market, especially in areas like engineering, management, law, and media.

The University emphasizes experiential learning, ensuring that students are equipped with practical skills to excel in real-world scenarios. The faculty includes accomplished academicians and industry professionals, providing students with invaluable insights into their fields.

2. Industry Partnerships and Internships

Bennett University has strong collaborations with leading companies, offering students unparalleled exposure to industry trends. These partnerships open up a wide array of opportunities, including internships and live projects, where students can apply their theoretical knowledge in a practical setting.

The University’s ties with global giants like Microsoft, Amazon Web Services (AWS), and IBM enable students to participate in exclusive training sessions, hackathons, and innovation challenges.

3. State-of-the-Art Infrastructure

The Bennett University campus is designed to foster an environment conducive to learning and innovation. Spread over 68 acres, the campus boasts modern classrooms, laboratories, and research centers. The University is equipped with the latest technological tools to provide students with a world-class education experience.

Additionally, the university offers excellent hostel facilities, libraries, recreational spaces, and sports amenities to ensure that students have a well-rounded campus life.

4. Global Exposure and International Collaborations

What truly sets Bennett University apart is its global outlook. The institution has partnered with internationally renowned universities, including Georgia Tech, Johnson Cornell, and Babson College, allowing students to gain global exposure through exchange programs, joint research initiatives, and international conferences.

This international collaboration enables students to understand global academic and professional standards, making them highly competitive in the global job market.

5. Entrepreneurship and Innovation Ecosystem

Bennett University is committed to nurturing the entrepreneurial spirit among students. The Center for Innovation and Entrepreneurship (CIE) is a hub where students can work on innovative ideas and develop them into market-ready products. The CIE provides mentorship, incubation, and funding opportunities to budding entrepreneurs.

With the growing startup culture in India, Bennett’s focus on entrepreneurship ensures that students are ready to contribute to and lead new ventures.

6. Placements and Career Support

Bennett University has a dedicated placement cell that works tirelessly to ensure that students secure positions in top companies. The university has an impressive placement record, with graduates being hired by leading multinational corporations such as Google, Deloitte, Microsoft, and Tata Consultancy Services.

The placement team also offers career counseling, soft skills training, and interview preparation to help students present themselves confidently to prospective employers.

Courses Offered at Bennett University

Bennett University offers a diverse range of courses across multiple disciplines:

Engineering: B.Tech (in various specializations including Computer Science, Electronics, and Biotechnology)

Management: BBA, MBA

Law: BA LLB (Hons.), BBA LLB (Hons.)

Media and Liberal Arts: BA (Journalism and Mass Communication), BA Liberal Arts

Doctoral Programs: Ph.D. in various fields

Each program is designed to provide in-depth knowledge while fostering critical thinking and problem-solving skills.

Campus Life at Bennett University

Campus life at Bennett is vibrant, with a wide range of cultural, social, and academic activities. The university organizes frequent guest lectures, workshops, and seminars to enrich students’ learning experiences. Moreover, Bennett has numerous student clubs and societies that cater to a variety of interests, from performing arts to robotics and coding.

Sports enthusiasts also have ample opportunities to engage in activities such as cricket, basketball, football, and swimming. With its blend of academics and extracurricular activities, Bennett University ensures that students develop both personally and professionally.

Why Choose Bennett University?

Choosing Bennett University is about more than just earning a degree. It’s about becoming part of a community that is committed to excellence, innovation, and leadership. With its focus on holistic development, Bennett University ensures that students are prepared to take on challenges, drive change, and lead in their respective fields.

For students looking for a university that offers world-class education, industry exposure, and global opportunities, Bennett University is the perfect choice.

Office Receptionist

Location

Brampton, ON

 

BenefitsPulled from the full job description

Designated paid holidays

RRSP match

Tuition reimbursement

Full job description

_

Dawn Foods is a global leader in bakery manufacturing and ingredients distribution. As the partner of choice for inspiring bakery success, we help customers grow their business through meaningful partnerships, research-driven insights and innovations, and products and expertise they can depend on. As a family-owned company, our commitments to our people, products, customers, and corporate values, are all part of our recipe for success.

_

Why work for Dawn Foods?

PEOPLE. PRODUCTS. CUSTOMERS.

Why should you apply? We invest in you!

Industry-leading health insurance after 30 days

Competitive Pay

Generous company retirement benefit contributions

10 Paid Company Holidays

3 weeks of vacation each year

Professional training

Family-owned business over 100 years in service

An opportunity for career advancement, working as part of an empowering workforce

What will you do as an Office Receptionistat Dawn Foods?

Answer all incoming telephone calls, direct appropriately and/or take messages

Meet and greet all visitors and provide assistance as required

Oversee and control all office courier services in accordance with standard operating procedures

Manage incoming and outgoing mail and upkeep of postage equipment

Manage invoices in AP system related to Brampton location

Maintain adequate stock of all office and building supplies and control the supply room.

Assist Customer Service team members when needed.

What Does It Take to be an Office Receptionist at Dawn Foods?

Below are the minimum qualifications to be a fit for this job.

Minimum 1 year of experience in an administrative role

Detail oriented and have the ability to work independently and complete objectives.

High School Diploma or GED.

Ability to multi-task

Maintain confidentiality

Proficient in Microsoft Office, including Excel, Word, PowerPoint, Outlook and Teams.

SAP experience preferred but not required.

Physical Demands & Work Environment

The physical demands described here are representative of those that must be met by a Team Member to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Ability to work in a professional office environment. Will be expected to work onsite.

Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception, and the ability to focus

Note: The level of physical effort may vary from site to site and in some cases be greater or lesser than documented here.

If this sounds like the opportunity that you have been looking for, please click "Apply.”

About Our Benefits

Dawn is proud to employ the top talent in the baking industry, and we reward our people with competitive compensation packages and award-winning benefit offerings. We also help protect our Team Members’ future financial health with a generous RRSP matching program that provide additional retirement funds and many tools and resources on financial wellness. The contributions start from your first pay. Dawn also encourages professional growth through tuition assistance and educational programs, and we are always searching for ways to improve our industry-leading services and benefits.

Compensation: $41,430 - $62,150 Annual Salary

_

An Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability, pregnancy, sexual orientation, gender identity/gender expression, citizenship status, military or veteran status, genetic information or any other status or condition that is protected by applicable law.

Boost your productivity with our expert-led Microsoft Outlook Training in the UK. Learn email management, scheduling, and time-saving tips. Ideal for professionals and businesses. Book your training today!

Microsoft Outlook 2016 Advanced Training - QES Academy

The QES Microsoft Outlook 2016 Advanced training course will assist participants build on their existing knowledge of Microsoft Outlook 2016.

ChatGPT, the artificial intelligence-powered chatbot, breaches rules on data protection, an Italian watchdog says.

An inquiry by Italy's Data Protection Authority (DPA) found data privacy violations, which the BBC understands are related to collecting personal data and age protections.

The chatbot relies on being fed large amounts of data from the internet.

ChatGPT's maker OpenAI has 30 days to respond with its defence. The BBC has contacted OpenAI for comment.

Italy has taken a firm stance on data protection when it comes to ChatGPT.

It was the first Western country to block the product in March 2023, citing privacy concerns.

ChatGPT was reinstated around four weeks later, after stating it had successfully "addressed or clarified" the issues raised by the DPA.

Italy's DPA launched a "fact-finding activity" at the time, which it says has now found data privacy violations.

In a statement, the DPA said it "concluded that the available evidence pointed to the existence of breaches of the provisions contained in the EU GDPR [General Data Protection Regulation]".

They are related to mass collection of users' data which is then used to train the algorithm.

The regulator is also concerned that younger users may be exposed to inappropriate content generated by the chatbot.

Under the EU's GDPR law, firms which break the rules can be fined up to 4% of the company's global turnover.

Italy's DPA works alongside the European Union's European Data Protection Board - which set up a special task force to monitor ChatGPT in April 2023.

At the time of ChatGPT's reinstatement in Italy in April 2023, the Italian regulator told the BBC that it "welcomed the measures OpenAI implemented" but called for even more compliance.

In particular, a spokesperson said, it wanted more action around "implementing an age verification system and planning and conducting an information campaign to inform Italians of what happened as well as of their right to opt-out from the processing of their personal data for training algorithms".

An OpenAI spokesperson said at the time that it would continue talks with the regulator.

OpenAI has close links with tech giant Microsoft, which has invested billions of dollars into the company.

Microsoft has integrated AI into its Bing search engine, as well as its Office 365 apps such as Word, Teams and Outlook.

Last week, WIRED published a deep-dive investigation into Trickbot, the prolific Russian ransomware gang. This week, US and UK authorities sanctioned 11 alleged members of Trickbot and its related group, Conti, including Maksim Galochkin, aka Bentley, one of the alleged members whose real-world identity we confirmed through our investigation. Coincidence? Maybe. Either way, it's a big deal.

In addition to the US and UK sanctions, the US Justice Department also unsealed indictments filed in three US federal courts against Galochkin and eight other alleged Trickbot members for ransomware attacks against entities in Ohio, Tennessee, and California. Because everyone charged is a Russian national, however, it is unlikely they will ever be arrested or face trial.

While Russian cybercriminals typically enjoy immunity, the same may not remain true for the country’s military hackers. The lead prosecutor of the International Criminal Court (ICC) says the ICC will begin pursuing charges for cyber war crimes. The prosecutor, Karim Khan, did not name Russia, but the move follows a formal petition from the Human Rights Center at UC Berkeley’s School of Law asking the ICC to prosecute Russia’s Sandworm hackers for war crimes. Part of Russia’s GRU military intelligence agency, Sandworm is responsible for causing blackouts in Ukraine, the only known instances of cyberattacks shutting down an electrical grid. Sandworm also released the NotPetya malware against Ukraine, which ultimately spread globally and caused an unprecedented $10 billion in damages worldwide.

Russia is far from the only country that engages in offensive cyberwar tactics. China-backed hackers have repeatedly targeted the US and other countries, and they may be getting some help finding unpatched vulnerabilities. A Chinese law passed in 2022 demands that any network technology company operating in the country share details about vulnerabilities in its products with the Chinese government within two days of their discovery. Information about these vulnerabilities may then be shared with China’s hackers. It’s unclear how many Western companies comply with the law or provide enough information to allow Chinese hackers to exploit the products’ flaws.

Speaking of Chinese hackers, Microsoft this week finally explained how China’s state-sponsored hackers managed to steal a cryptographic key that allowed the attackers to successfully access the Outlook email accounts of at least 25 organizations, including US government agencies. According to Microsoft, the hackers broke into the account of a company engineer using token-stealing malware. They then used that account to access a cache of crash data that accidentally contained the signing key they then stole and used to go on an Outlook hacking spree. None of this was supposed to be possible, and Microsoft says it has corrected several flaws in its systems that allowed the attack to happen.

Before he died in a mysterious plane crash last month following an attempted coup against Russian president Vladimir Putin, Yevgeny Prigozhin wasn’t just the leader of the Wagner Group mercenaries. He was also the head of the notorious Internet Research Agency (IRA), a Russian outfit responsible for widespread disinformation campaigns. While the IRA was reportedly shut down, new research shows that pro-Prigozhin trolls continue to push his agenda. Many of the accounts spreading disinformation on X (formerly Twitter) have been banned. But since when has that stopped them?

Elsewhere, we explained how prompt injection attacks against generative AI chatbots like ChatGPT take advantage of a flaw that’s difficult to fix. We detailed how hard it is to opt out of allowing Facebook to use your data to train its AI. We have a rundown on Proton Sentinel, a suite of tools that are similar to Google’s offerings but with a strong emphasis on privacy and security. We also co-published a story with The Markup into Axon’s quest to build Taser-armed drones. And we got the inside scoop on a meeting between top US spies and civil liberties groups over Section 702 of the Foreign Surveillance Intelligence Act, which is set to expire at the end of the year.

But that’s not all. Each week, we round up the security and privacy news we didn’t cover in depth ourselves. Click the headlines to read the full stories. And stay safe out there.

Your New Car Is a Privacy Nightmare

Car companies are collecting and selling extremely detailed personal data from drivers who have no real way to opt out, a new report from the Mozilla Foundation found. Researchers spent hundreds of hours studying 25 privacy policies for major car brands and found that none of them met the foundation’s minimum standards around privacy and security.

According to the report, modern cars, stuffed to the roof with sensors, collect more information about you than just about any other product in your life. They know where you go, what you say, and how you move your body. Nissan’s privacy policy, for example, allows the company to collect and share drivers’ sexual activity, health diagnosis data, and genetic information, according to the report.

Eighty-four percent of the brands that researchers studied share or sell this kind of personal data, and only two of them allow drivers to have their data deleted. While it is unclear exactly who these companies share or sell data to, the report points out that there is a huge market for driver data. An automotive data broker called High Mobility cited in the report has a partnership with nine of the car brands Mozilla studied. On its website, it advertises a wide range of data products—including precise location data.

This isn’t just a privacy nightmare but a security one. Volkswagen, Toyota, and Mercedes-Benz have all recently suffered data leaks or breaches that affected millions of customers. According to Mozilla, cars are the worst category of products for privacy that they have ever reviewed.

Update Your iPhone: Apple Fixes No-Click Zero-Days

Apple has just released a security update to iOS after researchers at Citizen Lab discovered a zero-click vulnerability being used to deliver Pegasus spyware. Citizen Lab, which is part of the University of Toronto, is calling the newly discovered exploit chain Blastpass. Researchers say it is capable of compromising iPhones running the latest version of iOS (16.6) without the target even touching their device. According to researchers, Blastpass is delivered to a victim’s phone through an iMessage with an Apple Wallet attachment containing a malicious image.

The Pegasus spyware, developed by NSO Group, enables an attacker to read a target’s text messages, view their photos, and listen to calls. It has been used to track journalists, political dissidents, and human rights activists around the world.

Apple says customers should update their phones to the newly released iOS 16.6.1. The exploit can also attack certain models of iPads. You can see details of the affected models here. Citizen Lab urges at-risk users to enable Lockdown Mode.

North Korean Hackers Target Security Researchers Again

North Korea-backed hackers are targeting cybersecurity researchers in a new campaign that is exploiting at least one zero-day vulnerability, Google’s Threat Analysis Group (TAG) warned in a report released Thursday. The group did not provide details about the vulnerability since it is currently unpatched. However, the company says it is part of a popular software package used by security researchers.

According to TAG, the current attack mirrors a January 2021 campaign that similarly targeted security researchers working on vulnerability research and development. Like the previous campaign, North Korean threat actors send researchers malicious files after first spending weeks establishing a relationship with their target. According to the report, the malicious file will execute “a series of anti-virtual machine checks” and send collected information—along with a screenshot—back to the attacker.

Georgia DA in Trump RICO Case Gets Doxxed

In order to shield prospective jurors from harassment, District Attorney Fani Willis asked the judge in Donald Trump’s racketeering trial to prevent people from capturing or distributing any sort of image or identifying information about them. The motion, filed in Fulton County Superior Court on Wednesday, revealed that immediately after the indictment was filed, anonymous individuals on “conspiracy theory websites" had shared the full names, ages, and addresses of 23 grand jurors with “the intent to harass and intimidate them.”

Willis also revealed that she had been the victim of doxxing when the personal information of her and her family—including their physical addresses and “GPS coordinates”—was posted on an unnamed website hosted by a Russian company. Willis, who is Black, had previously disclosed that she faced racist and violent threats after the announcement of her investigation into the former president.

Microsoft 365 Personal 1 User 12 Month Office 365 Personal is a subscription built to help you get things done from nearly anywhere on your favorite devices. Now includes the new Office 2016 apps for your PC and Mac. Compatible with Windows 7 or later, Office 2016 for Mac requires Mac OS X 10.10. Microsoft account required Installed Office applications Word, Excel, PowerPoint, OneNote, Outlook, Publisher, Access. Publisher and Access are available on PC only. Current Office application versions are Office 2016 for Windows and Mac. Customers with an active subscription will be entitled to the newest versions when available. Now includes the new Office 2016 apps for your PC and Mac. Work across multiple devices Get the installed Office experience on 1 PC or Mac, 1 tablet and 1 phone (including Windows, Apple, and Android devices). You can count 2-in-1 Windows devices, such as the Microsoft Surface Pro, as either a PC or a tablet. Work across multiple devices Get the full installed Office experience on 1 PC or Mac, 1 tablet and 1 phone (including Windows, Apple, and Android devices). PC: Office 2016 versions of Word, Excel, PowerPoint, OneNote, Outlook, Publisher, and Access. Windows 7 or later required. You can count 2-in-1 Windows devices, such as the Microsoft Surface Pro, as either a PC or a tablet. Mac: Office 2016 versions of Word, Excel, PowerPoint, OneNote and Outlook. Office 2016 for Mac requires Mac OS X 10.10 or later. Windows tablet: Office 2016 versions of Word, Excel, PowerPoint, OneNote, Outlook, Publisher, and Access. Windows 8 or later required. Office Mobile applications (Word, Excel, PowerPoint, and OneNote) require Windows 10. Windows phone: Office Mobile applications (Word, Excel, PowerPoint, OneNote, Outlook Mail, and Outlook Calendar) require Windows 10. iOS: Office for iPad and iPhone requires iOS 8.0 or later. Office for iPad Pro requires iOS 9.0 or later. Android: Office for Android can be installed on tablets and phones that meet the following criteria: running Android KitKat 4.4 or later version and have an ARM-based or Intel x 86 processor. Access from anywhere Get 1TB of OneDrive cloud storage for documents, photos, and videos, so you can edit and share them from anywhere, on all your devices. Stay connected with Skype Stay in touch with your friends and family around the globe with 60 monthly Skype minutes. Use Skype minutes to call mobile phones and landlines from any device where you have Skype installed, whether it?s your mobile phone, tablet, TV, or other device. Skype account required. Always up to date With an active Office 365 Personal subscription, you never have to worry about upgrading your Office, because you always have access to the latest Office applications, features, and services. Microsoft support As an Office 365 subscriber, you can get help right away from Microsoft-trained experts, by phone or chat?at no extra charge. What's in the box Microsoft Office 365 Personal, 1 User, 1 Year Subscription (PC, Mac)

Supercharge Your Workflow with Microsoft AI Copilot: The Ultimate Guide

In the ever-evolving digital landscape, efficiency isn't just a buzzword—it's the backbone of success. Enter Microsoft AI Copilot, your new digital sidekick designed to streamline tasks, enhance productivity, and let you focus on what truly matters.

🤖 Meet Microsoft AI Copilot: Your Digital Ally

Microsoft AI Copilot is an intelligent assistant seamlessly integrated into Microsoft 365 applications like Word, Excel, PowerPoint, Outlook, and Teams. It's like having a tech-savvy colleague who's always ready to help—minus the coffee breaks.

✨ Key Features at a Glance

Natural Language Processing (NLP): Communicate with your tools as you would with a colleague. Just type your request, and Copilot understands and acts. 

Contextual Recommendations: Copilot learns from your work patterns, offering suggestions that align with your tasks and goals.

Automated Content Generation: Draft reports, emails, or presentations swiftly. Copilot provides a starting point, saving you time and effort.

Data Insights and Analytics: In Excel, Copilot analyzes data trends, helping you make informed decisions without delving deep into complex formulas. 

Seamless Integration: Whether you're drafting a document or scheduling a meeting, Copilot works across Microsoft 365 apps to ensure a cohesive experience.

💼 Why Integrate Copilot into Your Business?

Boosted Productivity: Automate routine tasks, allowing your team to focus on strategic initiatives.

Enhanced Collaboration: With integrated tools, teams can communicate and collaborate more effectively, breaking down silos.

Informed Decision-Making: Access real-time insights, enabling quicker and more accurate business decisions.

🔧 Getting Started with Copilot

Assess Your Needs: Identify areas where Copilot can add value, such as content creation or data analysis.

Train Your Team: Ensure your team understands how to leverage Copilot's features effectively.

Monitor and Optimize: Regularly review Copilot's impact and adjust its use to maximize benefits.

🌟 Real-World Impact

Companies integrating AI tools like Copilot have reported significant time savings and productivity boosts. For instance, a study highlighted that employees saved up to six hours per week by utilizing AI-driven features in their workflows.  

🛠️ Ready to Transform Your Workflow?

Embracing Microsoft AI Copilot isn't just about keeping up with technology—it's about staying ahead. By integrating Copilot into your operations, you're not only enhancing efficiency but also empowering your team to achieve more with less effort.