Wyden urges FTC probe of Microsoft cybersecurity practices
Public Sector Action
Summary
Hide ▲
Show ▼
On 2025-09-11, U.S. Senator Ron Wyden urged the FTC to probe Microsoft over alleged gross cybersecurity negligence, warning that the company's defaults and RC4 support could keep driving ransomware risk across U.S. critical infrastructure and healthcare networks. The request cites the Ascension ransomware breach, which disrupted electronic health records and exposed personal and medical data tied to nearly 5.6 million individuals. The letter seeks federal scrutiny of Microsoft's security posture, including the attack path associated with Kerberoasting and Active Directory service-account exposure.
Related Happenings
MuddyWater Microsoft Teams social-engineering campaign with Chaos ransomware decoy
Campaign
First: 06.05.2026 16:02
Last: 06.05.2026 16:02
Sources 1
About this happening:
The **MuddyWater** campaign used **Microsoft Teams** social engineering and a **Chaos ransomware** decoy to gain access, steal credentials, and establish persistence. The operatio...
MuddyWater Microsoft Teams social-engineering campaign with Chaos ransomware decoy
CampaignAbout this happening: The **MuddyWater** campaign used **Microsoft Teams** social engineering and a **Chaos ransomware** decoy to gain access, steal credentials, and establish persistence. The operatio...
Code of conduct-themed Microsoft AiTM phishing campaign
Campaign
First: 05.05.2026 09:35
Last: 05.05.2026 09:35
Sources 1
About this happening:
A **large-scale phishing campaign** used code of conduct-themed lures and **legitimate email services** to push victims to attacker-controlled domains and steal **authentication t...
Code of conduct-themed Microsoft AiTM phishing campaign
CampaignAbout this happening: A **large-scale phishing campaign** used code of conduct-themed lures and **legitimate email services** to push victims to attacker-controlled domains and steal **authentication t...
Silk Typhoon / Hafnium coordinated intelligence-gathering campaign
Campaign
First: 27.04.2026 22:56
Last: 27.04.2026 22:56
Sources 1
About this happening:
The **Silk Typhoon / Hafnium** operation is tied to a **coordinated intelligence-gathering campaign** spanning **February 2020 to June 2021**, underscoring a sustained espionage e...
Silk Typhoon / Hafnium coordinated intelligence-gathering campaign
CampaignAbout this happening: The **Silk Typhoon / Hafnium** operation is tied to a **coordinated intelligence-gathering campaign** spanning **February 2020 to June 2021**, underscoring a sustained espionage e...
Latest development: 28.04.2026 15:30
US officials described Silk Typhoon/Hafnium activity from February 2020 to June 2021 as a coordinated intelligence-gathering campaign that targeted US universities and COVID-19 researchers, including a Texas university network, and later expanded into Microsoft Exchange Server vulnerability exploitation. The operation reportedly used stolen mailbox access to search for vaccines, treatments, and testing research, and the FBI said the campaign affected more than 12,700 US organizations.
UNC6692 email bombing and Microsoft Teams impersonation campaign
Campaign
First: 25.04.2026 18:07
Last: 25.04.2026 18:07
Sources 1
About this happening:
UNC6692 is running a **social-engineering campaign** that uses **email bombing** and **Microsoft Teams impersonation** to push targets toward remote access and initial compromise....
UNC6692 email bombing and Microsoft Teams impersonation campaign
CampaignAbout this happening: UNC6692 is running a **social-engineering campaign** that uses **email bombing** and **Microsoft Teams impersonation** to push targets toward remote access and initial compromise....
Storm-1175 high-tempo Medusa ransomware campaign
Campaign
First: 07.04.2026 13:02
Last: 07.04.2026 13:02
Sources 1
About this happening:
**Storm-1175** is running a **high-tempo Medusa ransomware campaign** that has repeatedly exploited **n-day and zero-day flaws** to gain initial access before patching closes the...
Storm-1175 high-tempo Medusa ransomware campaign
CampaignAbout this happening: **Storm-1175** is running a **high-tempo Medusa ransomware campaign** that has repeatedly exploited **n-day and zero-day flaws** to gain initial access before patching closes the...
Timeline
-
11.09.2025 17:51 1 articles · 8mo ago
Wyden office warns Microsoft about Kerberoasting
Technical Analysis UpdateWyden's office urged Microsoft to warn customers that Kerberoasting could exploit RC4 support in Microsoft software and extract encrypted service account credentials from Active Directory.
Show sources
- Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence — thehackernews.com — 11.09.2025 17:51
-
11.09.2025 17:51 2 articles · 8mo ago
Wyden asks FTC to probe Microsoft over ransomware risk
Legal Policy Action UpdateU.S. Senator Ron Wyden called on the FTC to investigate Microsoft for alleged gross cybersecurity negligence, citing the Black Basta ransomware attack on Ascension that disrupted electronic health records and exposed personal and medical information tied to nearly 5.6 million individuals.
Show sources
- Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence — thehackernews.com — 11.09.2025 17:51
- Senator Wyden Urges FTC to Probe Microsoft for Ransomware-Linked Cybersecurity Negligence — thehackernews.com — 11.09.2025 17:51