A U.S. senator has called for an FTC investigation into Microsoft’s cybersecurity practices, highlighting their role in enabling ransomware attacks on critical infrastructure. The concern centers around Microsoft’s default support for outdated encryption algorithms like RC4, which have been exploited in recent high-profile breaches such as the Ascension healthcare system attack. #Ascension #Kerberoasting
Keypoints
- Senator Ron Wyden urged the FTC to investigate Microsoft for cybersecurity negligence.
- The 2024 Ascension ransomware attack was traced back to a phishing incident exploiting Microsoft Edge and Active Directory.
- Microsoft continues to support the insecure RC4 encryption algorithm despite federal warnings.
- The company has delayed implementing patches that disable RC4, risking widespread vulnerabilities.
- Failures in Microsoft’s security practices have led to significant breaches impacting U.S. government and healthcare systems.
Read More: https://thecyberexpress.com/ftc-to-investigate-msft-kerberoasting-flaws/