Latest news with #OneDrive
Hindustan Times
3 days ago
- Hindustan Times
When cloud turns cold: How one OneDrive lockout left user without 30 years of photos and work
What would you do if everything you had saved for 30 years - photos, work files, personal memories - suddenly became unreachable? This is the reality for one Windows 11 user who put their faith in Microsoft's OneDrive, only to find themselves locked out of their own digital life. The Reddit user's story began with a simple goal: move files from several old hard drives onto a new, larger one. To make the process easier, they decided to use OneDrive as a temporary storage space. All their files, including irreplaceable photos and important documents, were uploaded to the cloud. Once the uploads were complete, the old drives were wiped clean, with the plan to download everything onto the new drive. But before that final step could happen, the unexpected struck. The user's Microsoft account was locked without warning. Suddenly, access to OneDrive - and every file stored there - was gone. Attempts to contact Microsoft support led nowhere. Each request for help was met with automated replies, offering no explanation for the lockout and no path to recover the data. 'This feels not only unethical but potentially illegal, especially in light of consumer protection laws. You can't just hold someone's entire digital life hostage with no due process, no warning, and no accountability. If this were a physical storage unit, there'd be rights, procedures, timeframes. Here? Nothing. Just a Kafkaesque black hole of corporate negligence,' the user wrote on Reddit. This situation highlights a risk that many overlook. Cloud storage is often seen as a safe, reliable place for our most important files. But when access depends on a single account, and that account is suddenly suspended, years of memories and work can be lost in an instant. The user's frustration grew as repeated efforts to reach a real person at Microsoft failed. With no clear reason for the lockout and no way to resolve it, the files remained out of reach. Microsoft's recent changes to account and storage policies have made these risks even more real. Accounts that are inactive or without a valid licence can be locked and eventually deleted, sometimes with little warning. This means that even if you have followed all the steps, your data could still be at risk if you rely on just one cloud service. The lesson from this story is clear: never trust a single service with your most valuable data. Always keep multiple backups, using both local storage and different cloud providers if possible. If something goes wrong with one, you still have a way to recover your files. As more of our lives move online, stories like this remind us that digital trust can be fragile. Taking simple steps to protect your data can make all the difference when the unexpected happens.
Gizmodo
12-06-2025
- Gizmodo
Windows 11 Pro for 95% Off Brings the Price Down to Almost $0, This Limited Deal Expires Soon
If you're looking to upgrade your PC's operating system, we have great news for you. You can enjoy a new UI designed for multitasking with a whole slew of new security features with Windows 11 Pro. StackSocial has Windows 11 Pro down to a measly $10 (use code 'MSO5') for a limited time. Typically a new Windows license will run you about $200, but it's a solid 95% off at the moment. That's right, StackSocial's discounts go hard. So if you've been considering upgrading, there's no better time this moment. See at StackSocial Maximize Your Productivity With These New Features Universal Search is a new tool now on the the taskbar that lets you literally search for anything. Whether you're looking for specific files or apps on your computer or need recipes or maps on the web, it will look through all systems to find exactly what you need. Contacts, notes from class—you name it. All with one search bar. We all know what OneDrive is at this point, don't we? Sync your files and preferences across all your devices. Need to respond to an urgent email with an attachment? Maybe you forgot to submit a paper. Deadline is within the hour and you're nowhere near home nor your laptop? Just pull it up on OneDrive from your phone and submit. Boom. I personally love having it so when I travel, I can just take my Surface and not have to worry about not being able to access all my stuff from my main PC at my desk at home. Desktop is a complete game changer, albeit a poorly named feature. As a freelance worker, I use the same PC for work, leisure—pretty much everything. It can be cumbersome having all of that on one desktop. Luckily, Windows 11 Pro lets you have multiple. You can organize custom desktops with different shortcuts, widgets, and even wallpaper. Set yourself up with a desktop for school, one for personal use, for gaming, a side hustle perhaps? Then easily swap between them all right on the taskbar. And there are so many Windows shortcuts you may not even know about. You ever use Win + V? It's like Ctrl + V on steroids. This will pull up your whole clipboard and history of what you copied. Makes its tremendously easy to move multiple bits of info into a form or spreadsheet. No more flipping between tabs — just copy everything you need, then use Win – V to access all of them and select the right ones for the right fields. The latest operating system from Microsoft—Windows 11 Pro—has been cut down in price by a crazy 95% (use code 'MSO5'. Upgrade your system's OS to Windows 11 Pro for just $10. See at StackSocial
Techday NZ
12-06-2025
- Techday NZ
Over 80,000 Microsoft Entra ID accounts hit by major takeover campaign
Proofpoint has identified an active account takeover campaign targeting Microsoft Entra ID users and exploiting the TeamFiltration penetration testing framework. The campaign, which Proofpoint has named UNK_SneakyStrike, has involved attackers gaining unauthorised access to native applications including Microsoft Teams, OneDrive, and Outlook. According to the company's research, since December 2024 this activity has impacted over 80,000 user accounts across hundreds of organisations, resulting in several instances of successful account takeover. Attack methods UNS_SneakyStrike deploys the TeamFiltration pentesting framework to carry out its attacks, leveraging the Microsoft Teams API and Amazon Web Services (AWS) servers in multiple geographical regions. The attackers execute user-enumeration and password-spraying attacks to identify and compromise target accounts. TeamFiltration, which was first released in January 2021, is a post-exploitation tool originally designed for legitimate penetration testing and risk evaluation of Microsoft 365 environments. The tool automates a variety of tactics, techniques, and procedures (TTPs) associated with account takeover campaigns, including account enumeration, password spraying, and data exfiltration. The attackers have exploited access to specific resources and applications with TeamFiltration's features for persistent access. These include "backdooring" via OneDrive, accomplished by uploading malicious files to a user's OneDrive and replacing desktop files with rogue versions, potentially containing malware or macros for ongoing access. Proofpoint noted, "TeamFiltration helps automate several tactics, techniques, and procedures (TTPs) used in modern ATO attack chains. As with many security tools that are originally created and released for legitimate uses, such as penetration testing and risk evaluation, TeamFiltration was also leveraged in malicious activity." Identifying the activity Proofpoint researchers analysed TeamFiltration's public GitHub documentation and configuration files to identify a rare user agent string — representing an outdated Teams client — being used during suspicious activity. This served as a key indicator for tracking unauthorised uses of the tool. They also observed attempts by attackers to access sign-in applications from devices incompatible with those services, suggesting the use of user agent spoofing as a means to disguise the source of the attacks. Another indicator was the pattern of attempted access to a defined list of Microsoft OAuth client applications. The applications are capable of obtaining special "family refresh tokens," allowing attackers to exchange them for access tokens to exploit various native Microsoft applications. Proofpoint found that TeamFiltration's most recent client ID list contained some inaccuracies, with incorrect mappings for 'Outlook' and 'OneNote'. Despite this, the tool's configuration closely aligned with a known family of client IDs published publicly by another cyber security research initiative. AWS infrastructure and behaviour TeamFiltration requires an AWS account to conduct its simulated attacks. Its password spraying function systematically rotates through different AWS Regions, and its enumeration features rely either on a disposable Microsoft 365 Business Basic account or, following recent updates, on a OneDrive-based method. Proofpoint stated, "TeamFiltration's enumeration function leverages the disposable account and the Microsoft Teams API to verify the existence of user accounts within a given Microsoft Entra ID environment before launching password spraying attempts. A recent update to the tool's code introduced a OneDrive-based enumeration method, enhancing its enumeration capabilities." Attacks attributed to TeamFiltration have been observed originating from AWS infrastructure and rotating across multiple AWS regions, with password spraying attempts systematically spread for wider impact and to hinder detection. Campaign analysis Proofpoint began tracking a distinct activity set, UNK_SneakyStrike, after differentiating malicious use of TeamFiltration from legitimate penetration testing activity. The main difference was that attackers operated in indiscriminate, high-volume bursts across many cloud tenants, while security assessments tend to be more targeted and controlled. Proofpoint threat researchers have recently uncovered an active account takeover (ATO) campaign, tracked as UNK_SneakyStrike, using the TeamFiltration pentesting framework to target Entra ID user accounts. Using a combination of unique characteristics, Proofpoint researchers were able to detect and track unauthorized activity attributed to TeamFiltration. According to Proofpoint findings, since December 2024 UNK_SneakyStrike activity has affected over 80,000 targeted user accounts across hundreds of organizations, resulting in several cases of successful account takeover. Attackers leverage Microsoft Teams API and Amazon Web Services (AWS) servers located in various geographical regions to launch user-enumeration and password-spraying attempts. Attackers exploited access to specific resources and native applications, such as Microsoft Teams, OneDrive, Outlook, and others. The volume of login attempts linked to TeamFiltration saw a marked increase starting in December 2024, peaking in January 2025. Over 80,000 user accounts across approximately 100 cloud tenants were targeted, with multiple cases of account takeover observed. Patterns and regional targeting UNK_SneakyStrike activities typically occur in concentrated bursts, focusing on numerous users within a single cloud environment, and then pausing for periods of four to five days. The apparent strategy varies by organisation size: all users within smaller tenant environments are targeted, but only specific user subsets are selected among larger tenants. The primary sources for malicious login activity were traced to AWS infrastructure in three regions: the United States (42% of IP addresses), Ireland (11%), and Great Britain (8%). Tool risks and future outlook Proofpoint noted that penetration testing tools such as TeamFiltration are intended to benefit defensive security operations, but acknowledged their potential for malicious use. "While tools such as TeamFiltration are designed to assist cyber security practitioners in testing and improving defense solutions, they can easily be weaponized by threat actors to compromise user accounts, exfiltrate sensitive data, and establish persistent footholds." The company expects such advanced tools to become more common among attackers. "Proofpoint anticipates that threat actors will increasingly adopt advanced intrusion tools and platforms, such as TeamFiltration, as they pivot away from less effective intrusion methods." Proofpoint has provided security indicators, including a list of observed IP addresses and user agent strings, to aid organisations in detecting potential unauthorised access related to this campaign. The company recommends correlating these indicators with additional context and behavioural analytics for accurate detections.
Yahoo
06-06-2025
- General
- Yahoo
Decatur man accused of possessing child sex abuse material
DECATUR, Ill. (WCIA) — A Decatur man is facing charges of possessing child pornography after police accused him of uploading images of child sex abuse to his Microsoft OneDrive account and having images showing a young girl's rape. Kevin Horve is facing three counts of possessing pornographic content depicting someone 13 years or younger. He was arrested on Tuesday and made his first appearance in court the following day. In a sworn statement, Decatur Police Officer Timothy Wisniewski said the investigation into Horve started in February, when the Decatur Police Department received a tip from the National Center for Missing and Exploited Children. Wisniewski was assigned to investigate the tip. Champaign man gets probation after pleading guilty to child pornography possession The tip was originally reported by Microsoft, which flagged 11 images that were uploaded to an account of its OneDrive platform. Wisniewski said at least four of the images depicted naked girls under the age of 13. Further investigation found 84 more images in the account's records; none of the original images were among the new photos found, but Wisniewski said another four depicted naked girls. The OneDrive account was registered to Horve, Wisniewski said, and the IP address listed with each file was registered to a Comcast account with Horve named as the subscriber. The address was geolocated to an address on Greenhill Road. Detectives served a search warrant for that address on Tuesday, and Horve was the only person present when the warrant was executed. Wisniewski said that during an interview with officers, Horve confirmed his Internet provider is Comcast and that he is the only user of the electronic devices officers seized. As the interview continued, Wisniewski said Horve explained that he had previously experimented with AI programs to create images of celebrities. 'Kevin was asked in the images were sexual images,' Wisniewski said in the statement. 'Kevin responded, 'Well yeah, obviously' and explained he was trying to create images of celebrities.' Decatur woman convicted of child porn sentenced after six-month delay Horve said he used the AI for a few months until Microsoft gave him a warning that stated he was creating content depicting people who were too young. He then deleted his Microsoft360 account after the warning. Wisniewski did not explain the connection between the AI content and the real content Horve is accused of possessing, and the charges he is facing don't reflect AI-generated pornography. They do reflect the three images that were found on one of the seized laptops. In all three of those images, a girl under the age of 13 is shown engaging in sexual intercourse. Appearing in court on Tuesday, Judge Lindsey Shelton granted a petition by the State's Attorney's Office to detain Horve ahead of his trial. He is due back in court on June 18 for a preliminary hearing. Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
&w=3840&q=100)
Business Standard
05-06-2025
- Business
- Business Standard
ChatGPT rolls out recording and integrations with GDrive, Outlook, and more
OpenAI is expanding ChatGPT's productivity capabilities with a suite of new features. The latest update introduces record mode, cloud drive integration, and deep research connectors, enabling users to access, analyse and manage content more efficiently. ChatGPT can now pull information from services like Google Drive, Dropbox, Box, SharePoint, and OneDrive, offering users access to internal documents and simplifying research and collaboration. ChatGPT: Key features introduced in the latest update Recording Mode ChatGPT's new recording feature enables users to record and transcribe meetings. It generates time-stamped notes and can suggest follow-up actions. Users can search meeting notes in the same way they search documents and files from connected cloud services. Additionally, action items can be converted into Canvas documents—OpenAI's collaborative workspace for writing and coding. ChatGPT now integrates directly with Google Drive, Dropbox, OneDrive, Box, and SharePoint. Users can ask questions and ChatGPT will fetch relevant answers from their files saved in the listed cloud storage platforms. OpenAI clarified that it does not use data from Teams, Edu, or Enterprise accounts—including connected files—for training. Responses from the assistant include citations and honour existing file permissions. Deep research connectors OpenAI is also rolling out beta research connectors for platforms like HubSpot, Linear, and select Microsoft and Google services. These allow users to compile research by combining internal data with web-sourced information. The feature is available to all paid users. The list of supported platforms includes: Box Dropbox GitHub Gmail Google Calendar Google Drive (Docs, Sheets, Slides) HubSpot Linear Outlook (Calendar, Email) SharePoint Teams MCP support OpenAI is also introducing support for Model Context Protocol (MCP) for Pro, Team, and Enterprise users. MCP enables ChatGPT to connect with external tools, further expanding its ability to deliver context-rich, tailored insights.
