Particle.news
Download on the App Store
10 ARTICLES
·
3d ago

Wyden Urges FTC Probe of Microsoft Over Defaults Linked to Ascension Ransomware

Microsoft says RC4 use is minimal, with default deprecation in Active Directory planned for early 2026.

Image
A view shows the Microsoft logo on the day of the Hannover Messe, in Hanover, Germany, March 31, 2025. REUTERS/Fabian Bimmer
Image
Senator Urges FTC Probe Into Microsoft After Ascension Ransomware Attack

Overview

  • The FTC confirmed receipt of Sen. Ron Wyden’s Sept. 10 request to investigate Microsoft for alleged “gross cybersecurity negligence.”
  • Wyden’s office said the Ascension breach started when a contractor clicked a malicious Bing search result in Edge, leading to an Active Directory compromise and ransomware spread.
  • The attackers allegedly used Kerberoasting against RC4-based Kerberos tickets, a weakness federal agencies have warned has been exploited in health care and by foreign actors.
  • Ascension reported exposure of data for about 5.6 million patients and temporary disruptions to hospital operations during the 2024 incident.
  • Microsoft says RC4 constitutes less than 0.1% of its traffic, cites compatibility concerns, and plans to disable RC4 by default in certain Active Directory deployments starting Q1 2026 with additional mitigations.