Microsoft is home to a diverse team of researchers focused on supporting a healthy global society, including finding ways technology can address human rights problems affecting the most vulnerable populations around the world. With a multi-disciplinary background in human-computer interaction, data science, and the social sciences, the research team partners with community, governmental, and nongovernmental organizations to create open technologies that enable scalable responses to such challenges.
The United Nations’ International Organization for Migration (IOM) provides direct assistance and support to migrants around the world, as well as victims and survivors of human trafficking. IOM is dedicated to promoting humane and orderly migration by providing services to governments and migrants in its 175 member countries. It recently reported 50 million victims of forced labor globally, including 3.3 million children, 6.3 million in commercial sexual exploitation, and 22 million trapped in forced marriages. Understanding and addressing problems at this scale requires technology to help anti-trafficking actors and domain experts gather and translate real-world data into evidence that can inform policies and build support systems.
On-Demand Watch now to learn about some of the most pressing questions facing our research community and listen in on conversations with 120+ researchers around how to ensure new technologies have the broadest possible benefit for humanity.
Today, using software developed by Microsoft researchers, IOM released its second synthetic dataset from trafficking victim case records, the first ever public dataset to describe victim-perpetrator relations. The synthetic dataset is also the first of its kind to be generated with differential privacy, providing an additional security guarantee for multiple data releases, which enables the sharing of more data and allows more rigorous research to be conducted while protecting privacy and civil liberties.
The new data release builds on several years of collaboration between Microsoft and IOM to support safe data sharing of victim case records in ways that can inform collective action across the anti-trafficking community. This collaboration began in July 2019 when IOM joined the accelerator program of the Tech Against Trafficking (TAT) coalition, with the goal of advancing the privacy and utility of data made available through the Counter Trafficking Data Collaborative (CTDC) data hub – the first global portal on human trafficking case data. Since then, IOM and Microsoft have collaborated to improve the ways data on identified victims and survivors—as well as their accounts of perpetrators—can be used to combat the proliferation of human trafficking.
“We are grateful to Microsoft Research for our partnership over almost four years to share data while protecting the safety and privacy of victims and survivors of trafficking.”
– Monica Goracci, IOM’s Director of Programme Support and Migration Management
The critical importance of data privacy when working with vulnerable populations
When publishing data on victims of trafficking, all efforts must be taken to ensure that traffickers are wholly prevented from identifying known victims in published datasets. It is also important to protect individuals’ privacy to avoid stigma or other potential forms of harm or (re)traumatization. Data statistics accuracy is another concern: the statistics must simultaneously enable researchers and analysts to guarantee victims’ privacy and extract useful insights from the dataset containing personal information. This is critically important: if a privacy method were to over- or under-report a given pattern in victim cases, it could mislead decision makers to misdirect scarce resources and therefore fail to tackle the originating problem.
The collaboration between IOM and Microsoft was founded on the idea that rather than redacting sensitive data to create privacy, synthetic datasets can be generated in ways that accurately capture the structure and statistics of underlying sensitive datasets, while remaining private by design. But not all synthetic data comes with formal guarantees of data privacy or accuracy. Therefore, building trust in synthetic data requires communicating how well the synthetic data represents the actual sensitive data, while ensuring that these comparisons do not create privacy risks themselves.
From this founding principle, along with the need to accurately report case counts broken down by different combinations of attributes (e.g., age range, gender, nationality), a solution emerged: to release synthetic data alongside privacy-preserving counts of cases, matching all short combinations of case attributes. The aggregate data thereby supports both evaluation of synthetic data quality and retrieval of accurate counts for official reporting. Through this collaboration and the complementary nature of synthetic data and aggregate data—together with interactive interfaces with which to view and explore both datasets—the open-source Synthetic Data Showcase software was developed.
In September 2021, IOM used Synthetic Data Showcase to release its first downloadable Global Synthetic Dataset, representing data from over 156,000 victims and survivors of trafficking across 189 countries and territories (where victims were first identified and supported by CTDC partners). The new Global Victim-Perpetrator Synthetic Dataset, released today, is CTDC’s second synthetic dataset produced using an updated version of Synthetic Data Showcase with added support for differential privacy. This new dataset includes IOM data from over 17,000 trafficking victim case records and their accounts of over 37,000 perpetrators who facilitated the trafficking process from 2005 to 2022. Together, these datasets provide vital first-hand information on the socio-demographic profiles of victims, their accounts of perpetrators, types of exploitation, and the overall trafficking process—all of which are critical to better assist survivors and prosecute perpetrators.
“Data privacy is crucial to the pursuit of efficient, targeted counter-trafficking policies and good migration governance.”
– Irina Todorova, Head of the Assistance to Vulnerable Migrants Unit at IOM’s Protection Division
A differentially private dataset
In 2006, Microsoft researchers led the initial development of differential privacy, and today it represents the gold standard in privacy protection. It helps ensure that answers to data queries are similar, whether or not any individual data subject is in the dataset, and therefore cannot be used to infer the presence of specific individuals, either directly or indirectly.
Existing algorithms for differentially private data synthesis typically create privacy by “hiding” actual combinations of attributes in a sea of fabricated or spurious attribute combinations that don’t specifically reflect what was in the original sensitive dataset.
This can be problematic if the presence of these fabricated attribute combinations misrepresents the real-world situation and misleads downstream decision making, policy making, or resource allocation to the detriment of the underlying population (e.g., encouraging policing of trafficking routes that have not actually been observed).
When the research team encountered these challenges with existing differentially private synthesizers, they engaged fellow researchers at Microsoft to explore possible solutions. They explained the critical importance of reporting accurate counts of actual attribute combinations in support of statistical reporting and evidence-based intervention, and how the “feature” of fabricating unobserved combinations as a way of preserving privacy could be harmful when attempting to understand real-world patterns of exploitation.
Those colleagues had recently solved a similar problem in a different context: how to extract accurate counts of n-gram word combinations from a corpus of private text data. Their solution, recently published at the 2021 Conference on Neural Information Processing Systems, significantly outperformed the state of the art. In collaboration with the research team working with IOM, they adapted this solution into a new approach to generating differentially private marginals—counts of all short combinations of attributes that represented a differentially-private aggregate dataset.
Because differentially private data has the property that subsequent processing cannot increase privacy loss, any datasets generated from such aggregates retain the same level of privacy. This enabled the team to modify their existing approach to data synthesis—creating synthetic records by sampling attribute combinations until all attributes are accounted for—to extrapolate these noisily reported attribute combinations into full, differentially-private synthetic records. The result is precisely what IOM and similar organizations need to create a thriving data ecosystem in the fight against human trafficking and other human rights violations: accurate aggregate data for official reporting, synthetic data for interactive exploration and machine learning, and differential privacy guarantees that provide protection even over multiple overlapping data releases.
This new synthesizer is now available to the community via Microsoft’s SmartNoise library within the OpenDP initiative. Unlike existing synthesizers, it provides strong control over the extent to which fabrication of spurious attribute combinations is allowed and augments synthetic datasets with “actual” aggregate data protected by differential privacy.
Access to private-yet-accurate patterns of attributes characterizing victim-perpetrator relationships allows stakeholders to advance the understanding of risk factors for vulnerability and carry out effective counter-trafficking interventions, all while keeping the victims’ identities private.
“The new dataset represents the first global collection of case data linking the profiles of trafficking victims and perpetrators ever made available to the public, while enabling strong privacy guarantees. It provides critical information to better assist survivors and prosecute offenders.” – Claire Galez-Davis, Data Scientist at IOM’s Protection Division.
An intuitive new interface and public utility web application
Solving problems at a global scale requires tools that make safe data sharing accessible wherever there is a need and in a way that is understandable by all stakeholders. The team wanted to construct an intuitive interface to help develop a shared evidence base and motivate collective action by the anti-trafficking community. They also wanted to ensure that the solution was available to anyone with a need to share sensitive data safely and responsibly. The new user interface developed through this work is now available as a public utility web application in which private data aggregation and synthesis are performed locally in the web browser, with no data ever leaving the user’s machine.
“I find the locally run web application incredibly interactive and intuitive. It is a lot easier for me to explain the data generation process and teach others to use the new web interface. As the data is processed locally in our computers, I don’t need to worry about data leaks.” – Lorraine Wong, Research Officer at IOM’s Protection Division.
What’s next for the IOM and Microsoft collaboration
Microsoft and IOM have made the solution publicly accessible for other organizations, including central government agencies. It can be used by any stakeholder who wants to collect and publish sensitive data while protecting individual privacy.
Through workshops and guidance on how to produce high-quality administrative data, the organizations plan to share evidence on exploitation and abuse to support Member States, other UN agencies, and counter-trafficking organizations around the world. This kind of administrative data is a key source of information providing baseline statistics that can be used to understand patterns, risk factors, trends, and modus operandi that are critical for policy response formulation.
For example, IOM has been collaborating with the UN Office on Drugs and Crime (UNODC) to establish international standards and guidance to support governments in producing high-quality administrative data. It has also been collaborating with the UN International Labour Organization (ILO) to index policy-oriented research on trafficking in a bibliography. Finally, IOM is producing an online course, including a module that includes guidance on synthetic data, to encourage safe data sharing from governments and frontline counter-trafficking agencies.
“Being able to publish more data than we have done in the past, and in an even safer way, is a great achievement,” explained Phineas Jasi, Data Management and Research Specialist at IOM’s Protection Division. He added that “The aim is for these data to inform the evidence base on human trafficking, which in turns helps devise efficient and targeted counter-trafficking policies and achieve good migration governance.”
Translating data into evidence is the goal of the related ShowWhy application from the same Microsoft research team, which guides domain experts through the end-to-end process of developing causal evidence from observational data. Just like Synthetic Data Showcase, it makes advanced data science capabilities accessible to domain experts through a suite of interactive, no-code user interfaces.
“Driving a coordinated global response against human trafficking requires removing traditional barriers to both data access and data analysis,” said Darren Edge, Director at Microsoft Research. “With our Synthetic Data Showcase and ShowWhy applications, we are aiming to empower domain experts to develop causal evidence for themselves, from sensitive data that couldn’t otherwise be shared, and use this to inform collective action with a precision and scale that couldn’t otherwise be imagined.”
Today, we are glad to release the third version of the threat matrix for Kubernetes, an evolving knowledge base for security threats that target Kubernetes clusters. The matrix, first released by Microsoft in 2020, was the first attempt to systematically cover the attack landscape of Kubernetes. Since then, the project has received great attention and interest from the Kubernetes security community and was updated last year to keep up with the evolving threat landscape. The latest version of the matrix comes in a new format that simplifies usage of the knowledge base and with new content to help mitigate threats. The new matrix is available at: http://aka.ms/KubernetesThreatMatrix.
What’s new
Mitigations methods
Understanding the attack surface of containerized environments is the first step of building security solutions for these environments. In addition to helping organizations measure and assess coverage of threats with matching detections, the updated threat matrix for Kubernetes can now also help organizations with a systematic approach to apply mitigation techniques that prevent attacks from being successfully launched.
In this third version of the threat matrix, we introduce a collection of mitigations specific to Kubernetes environments and associate each with relevant threat techniques. Those mitigations, as displayed below in Figure 1, provide practical tools to prevent the various attack techniques, using built-in Kubernetes and cloud tools.
Figure 1. A technique page with a mitigation section
When reviewing the different threat techniques in the matrix, a list of relevant mitigations is provided so that organizations can see if they are taking all the necessary steps to prevent a threat. Additionally, when looking at a specific mitigation, a list of relevant threat techniques is displayed and can help organizations prioritize their mitigation implementation plan according to their threat assessment and detection coverage in each area.
Mapping to MITRE ATT&CK techniques
Last year, MITRE added a container matrix to the MITRE ATT&CK framework. MITRE ATT&CK for containers matrix, inspired by Microsoft threat matrix for Kubernetes, is a result of a joint effort between MITRE, Microsoft, and additional companies in the industry. The differences between Microsoft’s and MITRE’s matrices are described in this blog. In the new version of the Microsoft threat matrix for Kubernetes, we include a mapping between the Microsoft matrix and MITRE ATT&CK techniques and mitigations, as displayed below in Figure 2. This can help organizations to efficiently use the two frameworks.
Figure 2. Mapping to MITRE ATT&CK techniques
MITRE ATT&CK matrix for containers does not have an equivalent technique for each of the techniques in the Microsoft threat matrix for Kubernetes. When there is no equivalent technique in the MITRE matrix, the Microsoft techniques might be mapped to a MITRE technique that is not part of MITRE’s containers matrix but shares the same principle. For example, the Backdoor Container (MS-TA9012) technique explains that attackers can use Kubernetes controllers (such as daemonsets) to run their code and survive reboots of the pods\nodes. This is very similar to MITRE’s Create or Modify System Process technique (T1543), which is about using services\daemons for the exact same purpose. Another example is the mapping between Malicious Admission Controller (MS-TA9015) and MITRE’s Event Triggered Execution. Although MITRE doesn’t talk about containerized environment, those two techniques share the same idea. In cases when there is no matching MITRE technique with the same principle, the Microsoft technique will not point back to a MITRE technique.
New techniques
The new version of the matrix also introduces two new techniques and additional re-categorization of existing techniques:
New technique: Static pods
A persistence technique which allows attackers to deploy pods that aren’t managed by the Kubernetes API server.
New technique: Collecting data from pod
Kubernetes-native technique which allows attackers to extract data from running pods.
Extending existing technique: Container service account
Attackers may create new service accounts or steal tokens of existing service accounts for future use from inside and outside the cluster. Therefore, we also added this technique to the persistence tactic.
Attackers may use management interfaces for discovery purposes, after gaining initial access to the cluster. By using the network reachability between pods, attackers can connect to management interfaces from the internal network, allowing them to get valuable information about the workload. Thus, we also added this technique to the discovery tactic.
Figure 3. New techniques and re-categorization of existing techniques
New web interface
As new threats were added to the Kubernetes matrix and additional content was introduced, it became increasingly harder to effectively deliver the breadth of information included in the matrix as a blog post. Looking for ways to make it easier to use the Kubernetes threats and mitigations matrix as reference material for day-to-day security operations, we are releasing the matrix as a web site, shown in Figure 4 below.
Figure 4. The new interface of the threat matrix for Kubernetes
The threat matrix for Kubernetes can help organizations to have visibility to the unique attack surface of Kubernetes and help them to measure their coverage to those threats. With the new mitigation section, organizations can now understand the measures required to prevent those threats.
Microsoft Defender for Cloud can help detect and mitigate threats in your Kubernetes environments. Learn more about Microsoft Defender for Cloud support for container security.
This fall, I had the opportunity to attend the Minority Corporate Counsel Association’s annual Creating Pathways to Diversity Conference, which convenes law firms, in-house counsel and thought leaders to discuss diversity and inclusion topics and issues within the legal profession. Though I was there to humbly accept MCCA’s Employer of Choice award on behalf of Microsoft, I also had the opportunity to hear first-hand about challenges and successes legal professionals are experiencing as they look to grow and support their diverse legal talent. I was impressed by the commitment and sense of urgency displayed and, while the industry has a long way to go, I left the conference with renewed hope that, by working together, we can make meaningful progress to achieve a truly diverse legal profession.
As we focus on furthering this important work, for the 14th year in a row, today we are publishing the results of Microsoft’s Law Firm Diversity Program (LFDP) for 2022 and recognizing the progress of our law firm partners in advancing diversity and inclusion within their organizations.
The benefits of diversity enable Microsoft to accomplish its mission to empower every organization and every person on the planet to achieve more. With an increasingly diverse workforce, it is imperative that the law firms that work with our business and legal teams reflect that diversity and remain committed to creating inclusive environments where lawyers and legal professionals from all backgrounds can thrive. Diverse teams bring a range of lived experiences and unique insights, and are more creative, more innovative and drive greater customer and client engagement.
The LFDP is an incentive-based program that provides bonuses to participating firms, calculated as a percentage of their annual fees, for achieving and/or exceeding diversity representation goals. Every year, Microsoft reviews and iterates on the LFDP diversity goals to enable and ensure continued progress. Since the program was established in 2008, there have been three significant changes:
In 2015, we shifted the focus of the program to tracking progress in leadership; namely partner diversity and diversity on law firm executive and management committees.
In 2020, we expanded the number of firms in the program to include not only those firms in our strategic partner program but also those firms who do a substantial amount of work for us in the U.S. In this same year, we also put a greater focus on the growth of African American, Black, Hispanic and Latinx lawyers in leadership.
In 2021, we increased partner-level growth targets for all diverse categories within the program to include diverse representation of women, racial and ethnic minorities, LGBTQ, veteran and disabled lawyers.
Our most recent changes in 2020 and 2021 reflect an urgency to advance diversity in the legal profession overall. For too long, the pace of growth in diverse representation has been too slow and not at pace with the diversity of the clients and communities the profession serves.
2022 Law Firm Diversity Program results
For the 2022 program term, there were 33 participating firms which included 12 strategic partner firms and 21 firms with whom Microsoft does a substantial amount of work within the U.S. Firms participating in the program include international firms, domestic and regional firms, boutique firms and one woman-owned firm. All firms have an opportunity to earn a 2-3% bonus based on meeting goals within the program.
Diversity on the teams that work for Microsoft
The strongest area of performance continues to be diverse representation on teams that work on Microsoft matters. We continue to see gains year over year. All firms in our strategic partner panel met the benchmark goal of 50% diverse representation on our matters or increased growth from last year. For all other firms in the program, 76% met these goals as well.
Diversity in leadership
The program continued to see improvement in diverse representation in partnership ranks though progress slowed overall across categories measured in 2022. The past two years have been challenging for the legal industry in the United States with significant attrition within the associate ranks, a competitive lateral market and an increasing number of lawyers making career changes or leaving the profession entirely. This year’s program results appear to show that our law firm partners were not immune to these market factors.
Growth in overall diversity in the partnership ranks was flat; however, 73% of firms met or exceeded the benchmark goals of 36%. Collectively, firms report partnerships that are 40.6% diverse.
Representation of women in the partnership grew 0.8% to 27.4%, resulting in a net percentage change of 3%.
Representation of racial and ethnic minorities in the partnership grew 0.9% to 14.4%, resulting in a net percentage change of 6%.
For partners in other diverse categories, including partners that identify as LGBTQ+, disabled, or hold veteran status, growth was flat with representation of these groups collectively at 6% of the partnership.
For Microsoft’s strategic partner firms, for whom diversity on executive or management committees is tracked, representation grew 4% to 50.6%, resulting in a net percentage change of 8.8%.
Recognizing law firms achieving diversity goals
While overall program numbers show modest increases from the previous year, there are some bright spots among individual firm performance. We would like to recognize those firms that achieved at least 60% of the program metrics. The firms in this group were able to not only maintain benchmark goals for representation but also grew diversity in their partnerships (overall) through increased representation of African American, Black, Hispanic, Latinx, Asian, women and/or LGBTQ, veterans, and disabled lawyers in their partnerships. All met goals of increasing diversity on the teams that work on Microsoft matters.
“At ArentFox Schiff, diversity, equity and inclusion are part of our DNA. Microsoft’s Law Firm Diversity Program has been a catalyst for change, driving the legal industry to make diversity, equity and inclusion a priority, and we are proud to partner with Microsoft on these initiatives.”
“The LFDP meaningfully moves the DE&I needle forward both by partnering with Microsoft’s outside firms to better understand the firms’ DE&I footprint generally and for Microsoft matters specifically, and by rewarding success based on clear metrics.”
“At Fish, we believe that diversity is the fuel of innovation, and diversity of experience and background enhances the quality and ingenuity of the legal services that we provide,” said Fish & Richardson principal Betty Chen. “It is incumbent upon us as a partner law firm to accelerate diversity within our own ranks in order to drive the pace of progress within the legal industry as a whole, and we’re proud to once again partner with Microsoft in that effort.”
“Greenberg Traurig is a proud partner in Microsoft’s Law Firm Diversity Program. Diversity equity, and inclusion undergird everything we do at Greenberg Traurig and we are excited to be recognized. A more just world only happens by design, intention and commitment and our clients are best served by teams that can provide diverse experiences and points of view. We look forward to our continued collaboration with Microsoft as we work together to move the needle now and for the generations to come.”
“We are proud to share Microsoft’s steadfast commitment to advancing diversity, equity and inclusion (DEI). Microsoft’s Law Firm Diversity Program is a shining example of how in-house legal departments and outside counsel can partner together to keep DEI top of mind throughout the year and hold ourselves accountable in terms of the diversity of our teams and the impact of our overall DEI efforts.”
“Today, more than ever, our D&I efforts are focused on tailoring our approach to the interests and needs of each diverse Team Member. This of course begins with a flexible talent model, but our progress is accelerated when we have the opportunity to partner with a client like Microsoft that shares our belief that diversity and inclusion must be a core value of our legal profession.”
Industry progress
Our emphasis on diversity in law firm leadership is intentional. While certainly not the only path, for many new lawyers, a law firm is likely the first step in their careers. According to the American Bar Association’s 2022 Profile of the Legal Profession, in 2021 roughly half of law school graduates were employed with law firms at least 10 months after graduation. And industry data indicates that the pipeline to firms and to the partnership is becoming more diverse.
The 2021 NALP Report on Diversity in U.S. Law Firms reports that the representation of associates of color has continued to increase since 2010 (from 19.53% to 27.60%). The percentage of women associates has also grown to 48.21%, which is the highest the percentage has been in nearly three decades. The NALP survey also highlighted historic gains for women (55.06%) and people of color (41.34%) in summer associate ranks in 2021. LBGTQ representation also continued to grow in the 2021 summer associate class (8.41%). Even with these gains, the NALP report highlighted that “clos[ing] the outcome gaps in the pipeline from summer associate to law firm partner remains the biggest challenge facing the profession.” In fact, closing those gaps has implications not just for law firm partnerships, but for the profession at large.
The path to partnership is a system contingent on mentorship, training, professional development and sponsorship. For lawyers on this path, a firm often makes investments to advance not only their skills but also their access to resources, exposure to clients and participation on firm leadership committees – creating a space at the table to share the pool of influence, available work and, potentially, credit and compensation. Moreover, the path to partnership creates a launching pad to opportunities in the judiciary, government and politics, business, and non-profit and other service agencies. A lack of diverse representation either in the partnership or on the path to partnership undercuts our collective interest in a more diverse profession overall and the ability of the profession to innovate and adapt to an increasingly complex global landscape.
Going forward
We are maintaining Law Firm Diversity Program metrics from last year. We recognize that additional time is needed to track performance against our growth metrics as well as follow that pipeline to partnership. However, we remain committed to measuring results, acknowledging progress and finding ways to partner with our law firms through our other aligned commitments on pro bono and volunteer service.
One change we will make is asking all our participating firms to provide us with a copy of their MCCA Diversity Scorecard. The scorecard results allow both clients and firms to look beyond numbers and understand what additional efforts may be needed to advance more diverse and inclusive organizations. You can learn more about the MCCA Diversity Scorecard at www.mcca.com.
Thank you
We thank all our firms for their commitment to this program and efforts outside of it with agencies and initiatives dedicated to diversity and inclusion such as the American Bar Association, the Minority Corporate Counsel Association, the Leadership Council on Legal Diversity, Diversity Lab and many others – organizations we are also deeply committed to at Microsoft.
Although we are excited about the ongoing impact of this year’s Law Firm Diversity Program, our work is not done. Opportunities remain to make greater progress across all diverse communities. There are no true wins, only progress to acknowledge and a call for greater investment and focus on diversity and inclusion in the legal profession.
Three years ago, I began a soul-searching journey involving my own mental wellness. As Quality of Life Program Manager with 343 Industries, I have the privilege to engage in work coordinating the Halo team’s cultural and philanthropic efforts as well as working with Team Xbox and Microsoft to develop diversity and inclusion initiatives. As much as I love my job, at the end of busy days filled with meetings and thoughtful conversations, I can find myself worn down. Depleted. At first, I thought I was just peopled-out because I am an introverted person, but when I started talking to a therapist about it, I discovered that I experience clinical depression.
For the first time in my life, I finally had the words to describe the wet, heavy blanket I had been carrying all this time. With this awareness, I’m working on how to better care for myself. I talk with my therapist about what triggers my depression and how I can deal with my day-to-day life. Depression is not an end-level boss to beat; it is a part of me that I work to accept and manage. I take medication as part of my treatment, now, and I’ve never felt more balanced in my life! Initially, I had a lot of apprehension about taking medication, but it’s a change I’m glad I talked through and eventually made. With medication, my brain started doing something that it seemed everyone else was able to do. So, now I take medicine for heartburn and heartache, what’s the difference?
Gaming is one of the main ways that I feed my soul or my spirit. I love all kinds of gaming: board games, card games, and party games. But especially video games. I have been Cloud Strife taking on Shinra. I have been an adventurer and taken an arrow to the knee. I have lived a thousand lives over and over again through the stories of video games. When I am really in the depths of my depression, I often turn to Katamari Damacy. That game makes no sense at all, but it’s such a delight. You are tasked with rolling up all the things in the world into a ball, everything from fruit to furniture to buildings to people, and somehow…make new stars out of it? I have no idea. But, when the world doesn’t make sense, I can just roll up all the junk into a ball and keep going.
Gaming can be such a great source of release. And, while I love competition as much as the next gamer, the times when gaming has helped me the most is when I am using it to relax and explore. As a Black man, spaces where I feel that security can be hard to find. Moreover, I know that that’s not something out of the ordinary, which is why I’m adamant about playing games that bring me joy and encouraging others to do the same. I have Minecraft caves and Stardew Valley farms that I have enjoyed as much as some of my plasma-scorched battlefields. Ultimately, I just like seeing people, myself included, play what makes them happy (minus any toxicity)!
Gaming is fun and, honestly, I just want to say to other men out there, and especially to other Black men, it’s okay to have fun with gaming and not take it so seriously. It’s okay for it to not be a competition and just have a relaxing time planting crops in a cozy game. You do you.
Games also have the potential to be this transformative experience that can connect us with other people and experiences. Spiritfarer, which is a management simulator that tells a story about grief through relationships, straight-up made me cry as I connected with my own experiences of grief. I once attended an in-game funeral for a real person I have never met because I felt so connected to them through the relationship we developed over gaming. I think it’s mind-blowing that games have the power to connect us like that. Because, really, it’s not what we are going through that is so difficult, but that we often try to go through it alone.
Life is not a single-player game. To anyone out there feeling alone, just know this: someone cares. Someone, most likely someone you know and love, is willing to hear you out. Whether or not you have the privilege to seek out therapy right now, finding someone to talk to about what you are going through is always a great first step.
If you need some support and aren’t sure where to turn, start with one of the resources below. Join the Team Xbox community as we embrace the power of play as one of many tools to encourage mental wellness throughout the year.
Discover
Xbox Ambassadors Feature Stories about How Video Games Helped Them through Stress and Burn Out
To promote Mental Health Awareness, Xbox Ambassadors shared how video games have helped them through times of stress and burn out.
v Amarie v She/Her. United States.
“The Elder Scrolls Online has my heart when it comes to stress relief. The biggest reason for this is the music that the game offers and the amazing landscapes. Tamriel is the most beautiful place to escape too, and I can spend hours exploring. I am so grateful to this game and the community has been amazing. In a very strange way Tamriel feels like a 2nd home to most [of] us who really immerse ourselves. I am truly, truly grateful.”
CutePixiestik She/Her. United States.
“My gaming was placed on back burner when I became a parent. However, as my child grew up and financial stresses lessened, I got back into gaming with playing with my son and convincing my husband to try also. Gaming was there to give me a special time to share with my family and provide an outlet for stress and stiff fingers and eye-hand coordination. From playing Fortnite, Halo, Call of Duty and Asphalt 9, they all seem to give me an outlet to put the stresses of the day away and enjoy gaming with friends and family.”
Microsoft Rewards members can earn and donate points to organizations supporting mental wellness with Xbox. The organizations below will be featured on console:
Crisis Text Line – Crisis Text Line provides free, 24/7, high-quality text-based mental health support and crisis intervention in English and Spanish by empowering a community of more than 55,000 trained volunteers to support people in their moments of need. Text PAUSE to 741741 to connect with a volunteer crisis counselor. (US)
The Games and Online Harassment Hotline (Feminist Frequency) – The Games and Online Harassment Hotline is a free, text message-based, confidential emotional support hotline. This Hotline was created specifically for the gaming community. Whether you’re a player, a developer, a streamer, a competitor — any part of this community — they are here for you, whether that means offering emotional support or finding the referrals and resources that you need. (US)
Take This – Take This is a mental health advocacy organization with a focus on the game industry and community. They provide resources, training, and support individuals and companies that help the gaming community improve its mental well-being and resilience. The organization addresses the underlying conditions that can create and perpetuate mental health challenges: stigma, harmful studio culture, harassment and toxicity, lack of diversity and accessibility, and problematic game and community design. Take This also runs the AFK Room Program at game conventions. (US)
Lifeline– Lifeline is a national charity providing all Australians experiencing emotional distress with access to 24-hour crisis support and suicide prevention services. They are committed to empowering Australians to be suicide-safe through connection, compassion and hope. (AUS) – Coming soon!
Xbox gamers can earn Microsoft Rewards points in various ways when they join, such as playing games and completing Game Pass Quests, completing offers in the Microsoft Rewards app on Xbox, and select purchases at the Microsoft Store (exclusions apply). Earn points and redeem them for real rewards. Join us today and donate through Xbox.
Play
Take a Break and Recharge Your Way with Games Curated by Staff at Microsoft
Games allow us to immerse ourselves in fantasy realms and experience different perspectives in a powerful way. In a world where we could all benefit from additional ways to rest and reset regularly, more games are being designed with the opportunity to recharge in mind. As a common tool for relaxation, comfort, and cultivating positive feelings, games can help us create supportive communities in which we can relate to each other’s experiences and share stories of how games have impacted our lives.
We want to highlight a collection of games that provide an escape from the trials of life, give us ways to connect to our unique identities, and share stories that explore the significance and strength of mental health awareness. We understand that people play games for a variety of reasons, ranging from wanting to relax to wanting to dive deep into emotional stories they can empathize with. As part of our ongoing work to create more inclusive gaming ecosystems and elevate content that resonates with communities, we are including a diverse set of games, allowing people to engage with content that appeals to their personal gaming needs. This collection is available on Xbox, Windows, Mobile, and the Cloud year-round.
Persona 5 Royal (Available with Xbox Game Pass and Rated M) — Persona 5 Royal steps up an already incredible story that navigates the cross-section of mental health and heroism by introducing the character Dr. Takuto Maruki. As the guidance counselor of Shujin Academy, Dr. Maruki supports the Phantom Thieves’ by listening to their traumatic pasts, validating their emotions, and providing them with empathy and encouragement. Not only does this game elegantly portray the complex feelings that come with common human struggles like grief, trauma, dissociation, and depression, but now it also provides a prime example of the positive impact that therapy can have on our lives. Content warning: suicide.
Hellblade: Senua’s Sacrifice (Available with Xbox Game Pass and Rated M) — Senua, a Celtic warrior, embarks on a haunting vision quest into Viking Hell to save the soul of her dead lover. Developer Ninja Theory collaborated closely with neuroscientists and people with lived experiences of psychosis to bring Senua’s story to life with authenticity.
Disney Dreamlight Valley (Available with Xbox Game Pass) — In this unique hybrid of adventure games and life-simulators, Disney Dreamlight Valley allows players to be a hero in a Disney-themed universe of their own creation. Filled with iconic Disney and Pixar characters, storylines in the form of quests, and seemingly endless customization options, this game provides a calming atmosphere for open exploration, free from any form of combat, while engaging fans in a captivating story that they can complete at their leisure.
Unpacking (Available with Xbox Game Pass) — This zen puzzle game allows you to unweave the coming-of-age story of a queer woman moving through a variety of stages in life. Decorate and organize each new interior living space in a meditative way while contemplating what we hold on to and let go of through the sentimental meaning of our personal belongings.
Stardew Valley (Available with Xbox Game Pass) — Winner of the Dr. Mark Award from Take This for excellent portrayal of mental health, healing, and hope, Stardew Valley is a calming game full of farming, building relationships, and task completion that provides a satisfying feeling of accomplishment. Complete with a relaxing soundtrack, this game is all about slowing down.
View this collection on the Microsoft Store on Xbox and the Microsoft Store on Windows in all Xbox regions. Visitors can find this collection at any time by searching within the Stores for “Mental Health” and related terms.
Find a Save Point
Perhaps you enjoy cozy games with cartoon graphics and chill play options? Or perhaps you prefer an RPG with retro graphics and an engaging story? Whatever way you choose to recharge, we wanted to share this beautiful nighttime camping scene, which is reminiscent of save points in many games which you can use as your profile theme or gamerpicas a reminder to take a pause, breathe, and rest on your journey.
Never Fight Alone with Gears of War
Gears of War has always told stories about belonging and brotherhood. The rapidly rising rates of suicide, depression, and loneliness concern us deeply and we believe in the opportunity to come together to reduce and prevent further suffering.
The Coalition has made a multi-year commitment to donate 1% of net revenue from all Gears of War games and merchandise to organizations working to prevent suicide and combat loneliness. This year, all proceeds benefit Crisis Text Line.
To show your support, you can purchase the 2022 Benefit Tee from the Xbox Gear Shop.
New Gamerpics, Profile Theme, and Avatar Items
In honor of mental health awareness, we’re introducing a new gamerpic, profile themes, and avatar items featuring Xbox logos inspired by relaxing, cozy games! We hope you will be inspired to take a break and relax in the world of your favorite cozy game, perhaps by crafting, decorating, building relationships, or enjoying the view of a star-filled sky. These gamerpics and profile themes will be available on console and the Xbox PC app. Get your avatar items here. Content is subject to availability by country.
Tune in
Xbox Plays Celebrates Mental Health Awareness
In December, the Xbox Plays team will feature some great guest streamers who will take over the Xbox Twitch channel and share their favorite feel-good games, stress relief tips, and more! Follow us on Xbox Twitchand don’t miss any of these cozy streams!
Monday, December 5 from 11 a.m.-2 p.m. PT – Phedranplaying Minecraft
Monday, December 5 from 3 p.m.-6 p.m. PT – sheilurplaying Disney Dreamlight Valley
Wednesday, December 14 from 3 p.m.-6 p.m. PT – emmeplaying Stardew Valley
Xbox Partners with Calm
The holidays can be a time of joy and connection, but for many, they can negatively affect mental health. One place people are turning to destress and re-energize is through gaming, according to a recent survey conducted in six countries by YouGov, and commissioned by Xbox. Of the survey respondents who play video games, 54% turn to video games to relieve stress.
Now, players everywhere will have a new tool to improve their general wellness, all within two video game universes. Calm, the #1 app for sleep, meditation and relaxation is partnering with Xbox to bring the first-ever video game-themed soundscapes to the platform. Officially available on December 7, players can immerse themselves and enjoy the meditative sounds of whirling waves and chattering birds from the ocean expanse of Sea of Thieves and the ambient alien sounds of Zeta Halo from Halo Infinite both available through Calm Premium. To ensure players can listen to the new soundscapes with ease, we’re also announcing a new Xbox Game Pass Ultimate Perk. Starting today, Ultimate members can receive three months of Calm Premium for free, and then 50% off their first year subscription, when they sign up (new Calm Premium members only). Calm also offers a 7-day free trial to Calm Premium subscription content via www.calm.com/freetrial.
The partnership with Calm is part of Xbox’s ongoing commitment to supporting players’ mental health and connecting them with resources to support their well-being. According to Calm, 81% of people who use Calm 5 or more times per week reported an improvement in their stress levels, as did 68% of people who engaged with the app only once or twice per week.
Check out the new Sea of Thieves and Halo Infinite soundscapes through Calm Premium by taking advantage of the Xbox Game Pass Ultimate Perk today.
About Calm
Calm is the leading mental health brand, on a mission to support everyone on every step of their mental health journey. With the #1 app for sleep, meditation and relaxation, Calm’s transformational content supports users across seven languages in more than 190 countries. Calm Business, Calm’s enterprise-level solution, helps employees improve their mental health to stay productive in the workplace. Over 3,000 organizations around the world trust and choose Calm Business as their mental health partner. Calm Health, Calm’s mental health care solution for payers, providers and self-insured employers, connects mental and physical healthcare to drive positive patient outcomes through clinical, condition-specific mental health programs, caregiver communication tools and more. Fast Company’s Most Innovative Companies of 2020 and Time100’s Most Influential Companies of 2022. For more information, please visitwww.calm.com.
The ways in which we interact with one another have certainly shifted over the last few years. Thanks to technology, we have the ability to work from almost anywhere and minimize nonessential face-to-face appointments. But some things haven’t changed in a hybrid world: our need for human connection and community.
Today, we’re excited to announce communities in Microsoft Teams—a new experience that enables people to come together, connect, share, and collaborate. Whether your group is a recreational sports team, event planning committee, parent-teacher association, or even a small business, this new experience gives groups of all kinds a digital space to stay connected before, during, and after gatherings. Communities is currently rolling out in the free version of Microsoft Teams.1
Share information, organize events, and keep your community groups in sync
In addition to everything you can already do in Microsoft Teams—including sending chats, calling people, and sharing photos or files—you can now create a space for community groups to come together, organize, and share ideas.
Communities in Microsoft Teams
Easily bring together your communities in one place.
With this new community experience, you’ll be able to:
Easily post messages to everyone in the group.
Organize events and add them to the community calendar for everyone to see.
Share and store documents dedicated to group activity.
Filter content to quickly access photos, videos, events, and links.
Get started with your community
It’s easy to get started. Simply create a community with our suggested community types on the home screen.2 You can also add branding elements like a group picture for your community. Then, invite group members through their email address or phone number, or by sharing a link or QR code so they can join directly.3
You’ll be able to easily manage the online community, too. Community owners have the ability to manage settings, set community guidelines, and moderate content by adding or removing participants and posts as needed to help community members feel safe.
Organize and host community events
Communities in Teams includes a new events experience for organizing virtual, hybrid, or in-person events. For instance, you can add new events or meetings to your community calendar, invite guests, track attendance, and follow up with attendees through direct private chats. When it comes to online events, you can easily add dial-in details and a link so your participants can join seamlessly. And for in-person events, you can add a location and give attendees precise directions with a visual map.
Hybrid and virtual guests can join events from any device through audio or video. And features such as adding an event cover image, together mode, and screen sharing can help you foster a sense of unity and engagement during meetings—no matter where everyone’s located.
Learn how others are using Teams to connect as a community
Today, we’re pleased to announce that we’re working with organizations such as the American Youth Soccer Organization (AYSO); USA Hockey; California School for the Deaf, Riverside; Indian Institute of Technology, Madras (IIT Madras); and AISECT.
AYSO plans to use Teams to help connect volunteers, centralize communications, and create a single location for its 500,000-member community group off the field. Coaches can learn more about their players, set practice schedules and field availability, make announcements about upcoming practices, and discuss enrollments for next season.
USA Hockey, the largest youth-based hockey organization in the US, plans to use communities in Teams to advance and grow the game of ice hockey beginning at the youth grassroots level. Their vast coast-to-coast network of volunteers, coaches, officials, and parents will use Teams to ease the coordination of games, trainings, and development programs, on and off the ice.
California School for the Deaf, Riverside uses Teams to connect staff, students, and families. The staff uses Teams to share ASL vocabulary videos, weekly events, and details about upcoming classes, and to conduct Q&A sessions. Teams is helping families bridge the gap and stay connected.
IIT Madras will be using Teams to enable mentorship-led communities for its data science program. Mentors will be able to help students with course curriculum and technical questions, both asynchronously and with live online office hours, in one place.
AISECT is one of India’s leading social enterprises and aims to upskill women, job seekers, people with disabilities, and nano entrepreneurs to improve workforce participation. With Teams, AISECT will be able to publish training calendars, schedule and share details about recurring classes, broadcast announcements pre- and post-sessions, run surveys on training quality, and address other needs in real-time.
Coming soon
In 2023, people can access SignUpGenius within Teams to recruit volunteers, coordinate events, and manage a variety of sign ups. SignUpGenius is a leading solution within the Lumaverse Technologies platform, which empowers people to change the world together by simplifying scheduling, volunteer and member management, event planning, and fundraising.
We look forward to partnering with more organizations and communities in 2023 and beyond as we continue to build out new and exciting experiences in Teams.
Use the communities in Teams features for your small business
A tight-knit small business with a dedicated following can function similarly to a community group. Help nurture and support these more friendly working relationships by enabling your team and customers to come together in shared spaces online.
With communities in Teams, your small business can move seamlessly from customer calls to team events and everything in between. You can create a virtual community group with diehard customers to announce a new sale, or just as easily create a Carpool Community for coworkers who want to share a ride to the office.
Whatever you need to collaborate on, communities in Teams allows you to create different places and organize groups to meet, chat, share, and plan—together.
How to access communities in Teams
The new community experience empowers communities to come together to achieve more—whether you’re a virtual, hybrid, or in-person community, Teams can help you connect simply and securely. Communities in Teams is available for all iOS and Android customers using the free version of Microsoft Teams.1 It’s also coming soon to desktop.
When signed in with a Microsoft account, you can access communities in Teams through the Home tab in the mobile app. To switch between accounts, tap on your profile picture and add your Microsoft account.4
To create a community, click on Home to get started. If you already use Microsoft Teams for work or school on mobile, simply switch accounts. There’s no need to download another app, and no data is shared with your employer.
1Communities is available in Microsoft Teams (free), Teams Essentials when you sign in with a Microsoft account, Microsoft 365 Personal, and Microsoft 365 Family.
Microsoft’s longest-running franchise commemorates community accomplishments.
Microsoft Flight Simulator is thrilled to mark another momentous milestone made possible by our tremendous community. Since the introduction 27 months ago of the latest version of Microsoft Flight Simulator, we have released 27 robust updates to simmers. All completely free!
We would not have reached any of these milestones without the continued support of our amazing community and their ongoing engagement and contributions. Because it’s a day for celebrating numbers, we want to share a few more impressive accomplishments of our community:
500 million flights
40 billion miles flown
Equivalent of 10 million trips around the Earth
Equivalent of 200 round trips from the Earth to the Sun
And we’re just getting started! We have exciting plans for 2023 and beyond. Join the 10 million pilots in Microsoft Flight Simulator today! The sky is calling!
Microsoft Flight Simulator is available for Xbox Series X|S and PC with Xbox Game Pass, PC Game Pass, Windows, and Steam, and on Xbox One and supported mobile phones, tablets, and lower-spec PCs via Xbox Cloud Gaming.
Microsoft Flight Simulator Premium Deluxe 40th Anniversary Edition
Xbox Game Studios
☆☆☆☆☆68
★★★★★
$119.99$95.99
From light planes to wide body jets to gliders and helicopters, fly highly detailed and accurate aircraft in the Microsoft Flight Simulator 40th Anniversary Edition. The world is at your fingertips. The Premium Deluxe 40th Anniversary Edition includes everything from the Deluxe Edition plus 5 additional highly accurate planes with unique flight models and 5 additional handcrafted international airports. Premium Deluxe Additional Aircraft
• Boeing 787-10 Dreamliner
• Cirrus Aircraft SR22
• Pipistrel Virus SW 121
• Textron Aviation Cessna Citation Longitude
• Zlin Aviation Shock Ultra Premium Deluxe Additional Airports
• Denver International Airport (USA)
• Dubai International Airport (United Arab Emirates)
• Frankfurt Airport (Germany)
• Heathrow Airport (United Kingdom)
• San Francisco International Airport (USA) Explore Your World
• Vivid and Detailed Landscapes – Immerse yourself in the vast and beautiful world that is our planet with over 1.5 billion buildings, 2 trillion trees, mountains, roads, rivers and more.
• Living World – The Earth is vibrant and ever-changing and so is the world of Microsoft Flight Simulator, which includes live traffic, real-time weather, and animals. Earn Your Wings
• Aircraft – Hone your pilot skills in a variety of aircraft from light planes to commercial jets with comprehensive flight models. Every aircraft includes highly detailed and accurate cockpits with realistic instrumentation.
• Checklist System – From pro to beginner, scale your level from full manual to full assist with interactive and highlighted instrument guidance and checklist. Test Your Skill
• Live Weather -The weather engine enables users to switch on the live weather mode to experience real-time weather including accurate wind speed and direction, temperature, humidity, rain and more.
• Day and Night Engine – Experience flight at any time of day or year allowing for night VFR, visual flight rules, navigation.
• Aerodynamic Modeling – A state-of-the-art physics engine with over 1000 control surfaces per plane allows for a truly realistic experience. Microsoft Flight Simulator has fulfilled the aspirations of aviators worldwide for 40 years. Celebrate the award-winning franchise with the 40th Anniversary Edition, loaded with all-new features, aircraft and content that span the history of aviation. The 40th Anniversary Edition update introduces:
• 1 true-to-life Airbus A310 Airliner
• 2 helicopters and 14 heliports
• 2 gliders and 15 glider airports
• 7 famous historical aircraft including the Hughes H-4 Hercules (aka the Spruce Goose)
• 4 classic commercial airports
• 24 classic missions from the franchise’s past
Microsoft Flight Simulator Deluxe 40th Anniversary Edition
Xbox Game Studios
☆☆☆☆☆41
★★★★★
$89.99$71.99
From light planes to wide body jets to gliders and helicopters, fly highly detailed and accurate aircraft in the Microsoft Flight Simulator 40th Anniversary Edition. The world is at your fingertips. The Deluxe 40th Anniversary Edition includes everything from the Standard Edition plus 5 additional highly accurate planes with unique flight models and 5 additional handcrafted international airports. Deluxe Additional Aircraft
• Diamond Aircraft DA40-TDI
• Diamond Aircraft DV20
• Textron Aviation Beechcraft Baron G58
• Textron Aviation Cessna 152 Aerobat
• Textron Aviation Cessna 172 Skyhawk Deluxe Additional Handcrafted Airports
• Amsterdam Airport Schiphol (Netherlands)
• Cairo International Airport (Egypt)
• Cape Town International Airport (South Africa)
• O’Hare International Airport (USA)
• Adolfo Suárez Madrid–Barajas Airport (Spain) Explore Your World
• Vivid and Detailed Landscapes – Immerse yourself in the vast and beautiful world that is our planet with over 1.5 billion buildings, 2 trillion trees, mountains, roads, rivers and more.
• Living World – The Earth is vibrant and ever-changing and so is the world of Microsoft Flight Simulator, which includes live traffic, real-time weather, and animals. Earn Your Wings
• Aircraft – Hone your pilot skills in a variety of aircraft from light planes to commercial jets with comprehensive flight models. Every aircraft includes highly detailed and accurate cockpits with realistic instrumentation.
• Checklist System – From pro to beginner, scale your level from full manual to full assist with interactive and highlighted instrument guidance and checklist. Test Your Skill
• Live Weather -The weather engine enables users to switch on the live weather mode to experience real-time weather including accurate wind speed and direction, temperature, humidity, rain and more.
• Day and Night Engine – Experience flight at any time of day or year allowing for night VFR, visual flight rules, navigation.
• Aerodynamic Modeling – A state-of-the-art physics engine with over 1000 control surfaces per plane allows for a truly realistic experience. Microsoft Flight Simulator has fulfilled the aspirations of aviators worldwide for 40 years. Celebrate the award-winning franchise with the 40th Anniversary Edition, loaded with all-new features, aircraft and content that span the history of aviation. The 40th Anniversary Edition update introduces:
• 1 true-to-life Airbus A310 Airliner
• 2 helicopters and 14 heliports
• 2 gliders and 15 glider airports
• 7 famous historical aircraft including the Hughes H-4 Hercules (aka the Spruce Goose)
• 4 classic commercial airports
• 24 classic missions from the franchise’s past
Microsoft Flight Simulator Standard 40th Anniversary Edition
Xbox Game Studios
☆☆☆☆☆140
★★★★★
$59.99$47.99
PC Game Pass
Xbox Game Pass
From light planes to wide body jets to gliders and helicopters, fly highly detailed and accurate aircraft in the Microsoft Flight Simulator 40th Anniversary Edition. The world is at your fingertips. Microsoft Flight Simulator 40th Anniversary Edition features 37 airplanes, gliders, and helicopters with unique flight models, 25 handcrafted airports, 4 classic commercial airports, 14 heliports and 15 glider airports. Explore Your World
• Vivid and Detailed Landscapes – Immerse yourself in the vast and beautiful world that is our planet with over 1.5 billion buildings, 2 trillion trees, mountains, roads, rivers and more.
• Living World – The Earth is vibrant and ever-changing and so is the world of Microsoft Flight Simulator, which includes live traffic, real-time weather, and animals. Earn Your Wings
• Aircraft – Hone your pilot skills in a variety of aircraft from light planes to commercial jets with comprehensive flight models. Every aircraft includes highly detailed and accurate cockpits with realistic instrumentation.
• Checklist System – From pro to beginner, scale your level from full manual to full assist with interactive and highlighted instrument guidance and checklist. Test Your Skill
• Live Weather -The weather engine enables users to switch on the live weather mode to experience real-time weather including accurate wind speed and direction, temperature, humidity, rain and more.
• Day and Night Engine – Experience flight at any time of day or year allowing for night VFR, visual flight rules, navigation.
• Aerodynamic Modeling – A state-of-the-art physics engine with over 1000 control surfaces per plane allows for a truly realistic experience. Microsoft Flight Simulator has fulfilled the aspirations of aviators worldwide for 40 years. Celebrate the award-winning franchise with the 40th Anniversary Edition, loaded with all-new features, aircraft and content that span the history of aviation. The 40th Anniversary Edition update introduces:
• 1 true-to-life Airbus A310 Airliner
• 2 helicopters and 14 heliports
• 2 gliders and 15 glider airports
• 7 famous historical aircraft including the Hughes H-4 Hercules (aka the Spruce Goose)
• 4 classic commercial airports
• 24 classic missions from the franchise’s past
Over the past several years, the cryptocurrency market has considerably expanded, gaining the interest of investors and threat actors. Cryptocurrency itself has been used by cybercriminals for their operations, notably for ransom payment in ransomware attacks, but we have also observed threat actors directly targeting organizations within the cryptocurrency industry for financial gain. Attacks targeting this market have taken many forms, including fraud, vulnerability exploitation, fake applications, and usage of info stealers, as attackers attempt to get their hands on cryptocurrency funds.
We are also seeing more complex attacks wherein the threat actor shows great knowledge and preparation, taking steps to gain their target’s trust before deploying payloads. For example, Microsoft recently investigated an attack where the threat actor, tracked as DEV-0139, took advantage of Telegram chat groups to target cryptocurrency investment companies. DEV-0139 joined Telegram groups used to facilitate communication between VIP clients and cryptocurrency exchange platforms and identified their target from among the members. The threat actor posed as representatives of another cryptocurrency investment company, and in October 2022 invited the target to a different chat group and pretended to ask for feedback on the fee structure used by cryptocurrency exchange platforms. The threat actor had a broader knowledge of this specific part of the industry, indicating that they were well prepared and aware of the current challenge the targeted companies may have.
After gaining the target’s trust, DEV-0139 then sent a weaponized Excel file with the name OKX Binance & Huobi VIP fee comparision.xls which contained several tables about fee structures among cryptocurrency exchange companies. The data in the document was likely accurate to increase their credibility. This weaponized Excel file initiates the following series of activities:
A malicious macro in the weaponized Excel file abuses UserForm of VBA to obfuscate the code and retrieve some data.
The malicious macro drops another Excel sheet embedded in the form and executes it in invisible mode. The said Excel sheet is encoded in base64, and dropped into C:\ProgramData\Microsoft Media\ with the name VSDB688.tmp
The file VSDB688.tmp downloads a PNG file containing three executables: a legitimate Windows file named logagent.exe, a malicious version of the DLL wsock32.dll, and an XOR encoded backdoor.
The file logagent.exe is used to sideload the malicious wsock32.dll, which acts as a DLL proxy to the legitimate wsock32.dll. The malicious DLL file is used to load and decrypt the XOR encoded backdoor that lets the threat actor remotely access the infected system.
Figure 1. Overview of the attack
Further investigation through our telemetry led to the discovery of another file that uses the same DLL proxying technique. But instead of a malicious Excel file, it is delivered in an MSI package for a CryptoDashboardV2 application, dated June 2022. This may suggest other related campaigns are also run by the same threat actor, using the same techniques.
In this blog post, we will present the details uncovered from our investigation of the attack against a cryptocurrency investment company, as well as analysis of related files, to help similar organizations understand this kind of threat, and prepare for possible attacks. Researchers at Volexity recently published their findings on this attack as well.
As with any observed nation state actor activity, Microsoft directly notifies customers that have been targeted or compromised, providing them with the information they need to secure their accounts. Microsoft uses DEV-#### designations as a temporary name given to an unknown, emerging, or a developing cluster of threat activity, allowing Microsoft Threat Intelligence Center (MSTIC) to track it as a unique set of information until we reach a high confidence about the origin or identity of the actor behind the activity. Once it meets the criteria, a DEV is converted to a named actor.
Initial compromise
To identify the targets, the threat actor sought out members of cryptocurrency investment groups on Telegram. In the specific attack, DEV-0139 got in touch with their target on October 19, 2022 by creating a secondary Telegram group with the name <NameOfTheTargetedCompany> <> OKX Fee Adjustment and inviting three employees. The threat actor created fake profiles using details from employees of the company OKX. The screenshot below shows the real accounts and the malicious ones for two of the users present in the group.
Figure 2. Legitimate profiles of cryptocurrency exchange employees (left) and fake profiles created by the threat actor (right)
It’s worth noting that the threat actor appears to have a broad knowledge of the cryptocurrency industry and the challenges the targeted company may face. The threat actor asked questions about fee structures, which are the fees used by crypto exchange platforms for trading. The fees are a big challenge for investment funds as they represent a cost and must be optimized to minimize impact on margin and profits. Like many other companies in this industry, the largest costs come from fees charged by exchanges. This is a very specific topic that demonstrates how the threat actor was advanced and well prepared before contacting their target.
After gaining the trust of the target, the threat actor sent a weaponized Excel document to the target containing further details on the fees to appear legitimate. The threat actor used the fee structure discussion as an opportunity to ask the target to open the weaponized Excel file and fill in their information.
Weaponized Excel file analysis
The weaponized Excel file, which has the file name OKX Binance & Huobi VIP fee comparision.xls (Sha256: abca3253c003af67113f83df2242a7078d5224870b619489015e4fde060acad0), is well crafted and contains legitimate information about the current fees used by some crypto exchanges. The metadata extracted showed that the file was created by the user Wolf:
File name
OKX Binance & Huobi VIP fee comparision.xls
CompObjUserTypeLen
31
CompObjUserType
Microsoft Excel 2003 Worksheet
ModifyDate
2022:10:14 02:34:33
TitleOfParts
Comparison_Oct 2022
SharedDoc
No
Author
Wolf
CodePage
Windows Latin 1 (Western European)
AppVersion
16
LinksUpToDate
No
ScaleCrop
No
LastModifiedBy
Wolf
HeadingPairs
Worksheets, 1
FileType
XLS
FileTypeExtension
xls
HyperlinksChanged
No
Security
None
CreateDate
2022:10:14 02:34:31
Software
Microsoft Excel
MIMEType
application/vnd.ms-excel
Figure 3. The information in the malicious Excel file
The macro is obfuscated and abuses UserForm (a feature used to create windows) to store data and variables. In this case, the name of the UserForm is IFUZYDTTOP, and the macro retrieves the information with the following code IFUZYDTTOP.MgQnQVGb.Caption where MgQnQVGb is the name of the label in the UserForm and .caption allows to retrieve the information stored into the UserForm.
The table below shows the data retrieved from the UserForm:
The macro retrieves some parameters from the UserForm as well as another XLS file stored in base64. The XLS file is dropped into the directory C:\ProgramData\Microsoft Media as VSDB688.tmp and runs in invisible mode.
Figure 4. The deobfuscated code to load the extracted worksheet in invisible mode.
Additionally, the main sheet in the Excel file is protected with the password dragon to encourage the target to enable the macros. The sheet is then unprotected after installing and running the other Excel file stored in Base64. This is likely used to trick the user to enable macros and not raise suspicion.
Extracted worksheet
The second Excel file, VSDB688.tmp (Sha256: a2d3c41e6812044573a939a51a22d659ec32aea00c26c1a2fdf7466f5c7e1ee9), is used to retrieve a PNG file that is parsed later by the macro to extract two executable files and the encrypted backdoor. Below is the metadata for the second worksheet:
File Name
VSDB688.tmp
CompObjUserType
Microsoft Excel 2003 Worksheet
ModifyDate
2022:08:29 08:07:24
TitleOfParts
Sheet1
SharedDoc
No
CodePage
Windows Latin 1 (Western European)
AppVersion
16
LinksUpToDate
No
ScaleCrop
No
CompObjUserTypeLen
31
HeadingPairs
Worksheets, 1
FileType
XLS
FileTypeExtension
xls
HyperlinksChanged
No
Security
None
CreateDate
2006:09:16 00:00:00
Software
Microsoft Excel
MIMEType
application/vnd.ms-excel
Figure 5. The second file is completely empty but contains the same UserForm abuse technique as the first stage.
The table below shows the deobfuscated data retrieved from the UserForm:
The macro retrieves some parameters from the UserForm then downloads a PNG file from hxxps://od.lk/d/d021d412be456a6f78a0052a1f0e3557dcfa14bf25f9d0f1d0d2d7dcdac86c73/Background.png. The file was no longer available at the time of analysis, indicating that the threat actor likely deployed it only for this specific attack.
Figure 6. Deobfuscated code that shows the download of the file Background.png
The PNG is then split into three parts and written in three different files: the legitimate file logagent.exe, a malicious version of wsock32.dll, and the XOR encrypted backdoor with the GUID (56762eb9-411c-4842-9530-9922c46ba2da). The three files are used to load the main payload to the target system.
Figure 7. The three files are written into C:\\ProgramData\SoftwareCache\ and run using the CreateProcess API
Loader analysis
Two of the three files extracted from the PNG file, logagent.exe and wsock32.dll, are used to load the XOR encrypted backdoor. The following sections present our in-depth analysis of both files.
Logagent.exe
Logagent.exe (Hash: 8400f2674892cdfff27b0dfe98a2a77673ce5e76b06438ac6110f0d768459942) is a legitimate system application used to log errors from Windows Media Player and send the information for troubleshooting.
The file contains the following metadata, but it is not signed:
The logagent.exe imports function from the wsock32.dll which is abused by the threat actor to load malicious code into the targeted system. To trigger and run the malicious wsock32.dll, logagent.exe is run with the following arguments previously retrieved by the macro: 56762eb9-411c-4842-9530-9922c46ba2da /shadow. Both arguments are then retrieved by wsock32.dll. The GUID 56762eb9-411c-4842-9530-9922c46ba2da is the filename for the malicious wsock32.dll to load and /shadow is used as an XOR key to decrypt it. Both parameters are needed for the malware to function, potentially hindering isolated analysis.
Figure 8. Command line execution from the running process logagent.exe
Wsock32.dll
The legitimate wsock32.dll is the Windows Socket API used by applications to handle network connections. In this attack, the threat actor used a malicious version of wsock32.dll to evade detection. The malicious wsock32.dll is loaded by logagent.exe through DLL side-loading and uses DLL proxying to call the legitimate functions from the real wsock32.dll and avoid detection. DLL proxying is a hijacking technique where a malicious DLL sits in between the application calling the exported function and a legitimate DLL that implements that exported function. In this attack, the malicious wsock32.dll acts as a proxy between logagent.exe and the legitimate wsock32.dll.
It is possible to notice that the DLL is forwarding the call to the legitimate functions by looking at the import address table:
Figure 9. Import Address Table from wsock32.dllFigure 10. Retrieving data with PeStudio revealed the original file name for the malicious wsock32.dll.
When the malicious wsock32.dll is loaded, it first retrieves the command line, and checks if the file with the GUID as a filename is present in the same directory using the CreateFile API to retrieve a file handle.
Figure 11. Verification of the presence of the file 56762eb9-411c-4842-9530-9922c46ba2da for decryption
The malicious wsock32.dll loads and decodes the final implant into the memory with the GUID name which is used to remote access the infected machine.
Once the file is loaded into the memory, it gives remote access to the threat actor. At the time of the analysis, we could not retrieve the final payload. However, we identified another variant of this attack and retrieved the payload, which is discussed in the next section. Identified implants were connecting back to the same command-and-control (C2) server.
Related attack
We identified another file using a similar mechanism as logagent.exe and delivering the same payload. The loader is packaged as an MSI package and as posed an application called CryptoDashboardV2 (Hash: e5980e18319027f0c28cd2f581e75e755a0dace72f10748852ba5f63a0c99487). After installing the MSI, it uses a legitimate application called tplink.exe to sideload the malicious DLL called DUser.dll and uses DLL proxying as well.
creation datetime
11/12/2009 11:47
author
168 Trading
title
Installation Database
page count
200
word count
2
keywords
Installer, MSI, Database
last saved
11/12/2009 11:47
revision number
{30CD8B94-5D3C-4B55-A5A3-3FC9C7CCE6D5}
last printed
11/12/2009 11:47
application name
Advanced Installer 14.5.2 build 83143
subject
CryptoDashboardV2
template
x64;1033
code page
Latin I
comments
This installer database contains the logic and data required to install CryptoDashboardV2.
Figure 12. Installation details of the MSI file
Once the package is installed, it runs and side-loads the DLL using the following command: C:\Users\user\AppData\Roaming\Dashboard_v2\TPLink.exe” 27E57D84-4310-4825-AB22-743C78B8F3AA /sven, where it noticeably uses a different GUID.
Further analysis of the malicious DUser.dll showed that its original name is also HijackingLib.dll, same as the malicious wsock32.dll. This could indicate the usage of the same tool to create these malicious DLL proxies. Below are the file details of DUser.dll:
Once the DLL is running, it loads and decodes the implant in the memory and starts beaconing the same domain. In that case, the implant is using the GUID name 27E57D84-4310-4825-AB22-743C78B8F3AA and the XOR key /sven.
Implant analysis
The payload decoded in the memory by the malicious DLL is an implant used by the threat actor to remotely access the compromised machine. We were able to get the one from the second variant we uncovered. Below are the details of the payload:
First, the sample retrieves some information from the targeted system. It can connect back to a remote server and receive commands from it.
Figure 13. Details about the connection to the C2.Figure 14. The sample is connecting back to the domain name strainservice[.]com.
Infrastructure
It is interesting to notice that the threat actor abused OpenDrive in one of the variants to deliver the payload. The OpenDrive account has been set up quickly for a one shot, indicating that it was created for only one target.
We identified one domain used as C2 server, strainservice[.]com and connected back to the two implants. This domain was registered on June 26 on Namecheap, just before the distribution of the first variant. At the time of the attack, the server had port 80, 443, and 2083. The implants were communicated on port 443.
Defending against targeted attacks
In this report we analyzed a targeted attack on cryptocurrency investment fund startups. Such companies are relatively new, but manage hundreds of millions of dollars, raising interest by threat actors.
In this attack we identified that the threat actor has broad knowledge of the cryptocurrency industry as well as the challenges their targets may face, increasing the sophistication of the attack and their chance of success. The threat actor used Telegram, an app widely used in the field, to identify the profile of interest, gained the target’s trust by discussing relevant topics, and finally sent a weaponized document that delivered a backdoor through multiple mechanisms. Additionally, the second attack identified was luring a fake crypto dashboard application.
The cryptocurrency market remains a field of interest for threat actors. Targeted users are identified through trusted channels to increase the chance of success. While the biggest companies can be targeted, smaller companies can also be targets of interest. The techniques used by the actor covered in this blog can be mitigated by adopting the security considerations provided below:
Use the included indicators of compromise to investigate whether they exist in your environment and assess for potential intrusion.
Educate end users about protecting personal and business information in social media, filtering unsolicited communication (in this case, Telegram chat groups), identifying lures in spear-phishing email and watering holes, and reporting of reconnaissance attempts and other suspicious activity.
Educate end users about preventing malware infections, such as ignoring or deleting unsolicited and unexpected emails or attachments sent via instant messaging applications or social networks. Encourage end users to practice good credential hygiene and make sure the Microsoft Defender Firewall (which is enabled by default) is always on to prevent malware infection and stifle propagation.
Change Excel macro security settings to control which macros run and under what circumstances when you open a workbook. Customers can also stop malicious XLM or VBA macros by ensuring runtime macro scanning by Antimalware Scan Interface (AMSI) is on. This feature—enabled by default—is on if the Group Policy setting for Macro Run Time Scan Scope is set to “Enable for All Files” or “Enable for Low Trust Files”.
Query that looks for Office apps that create a file within an uncommon directory (less that five occurrences), makes a set of each machine this is seen on, and each user that has executed it to help look for how many users/hosts are compromised:
DeviceFileEvents
| where InitiatingProcessFileName has_any ("word", "excel", "access", "outlook", "powerpnt")
| where ActionType == "FileCreated"
| extend Path = tostring(parse_path(FolderPath).DirectoryPath)
| summarize PathCount=count(), DeviceList=make_set(DeviceName), AccountList=make_set(InitiatingProcessAccountName) by FileName, Path, InitiatingProcessFileName, SHA256
| where PathCount < 5
Query that summarizes child process of Office apps, looking for less than five occurrences:
DeviceProcessEvents
| where InitiatingProcessFileName has_any ("word", "excel", "access", "powerpnt")
| summarize ProcessCount=count(), DeviceList=make_set(DeviceName), AccountList=make_set(InitiatingProcessAccountName) by FileName, FolderPath, SHA256, InitiatingProcessFileName
| where ProcessCount < 5
Query that lists of all executables with Microsoft as ProcessVersionInfoCompanyName, groups them together by path, then looks for uncommon paths, with less than five occurrences:
DeviceProcessEvents
| where ProcessVersionInfoCompanyName has "Microsoft"
| extend Path = tostring(parse_path(FolderPath).DirectoryPath)
| summarize ProcessList=make_set(FileName) by Path
| where array_length( ProcessList ) < 5
Query that searches for connections to malicious domains and IP addresses:
DeviceNetworkEvents
| where (RemoteUrl has_any ("strainservice.com")) or (RemoteIP has_any ("198.54.115.248"))
Query that searches for files downloaded from malicious domains and IP addresses.
DeviceFileEvents
| where (FileOriginUrl has_any ("strainservice.com")) or (FileOriginIP has_any ("198.54.115.248"))
Query that searchers for Office apps downloading files from uncommon domains, groups users, filenames, and devices together:
DeviceFileEvents
| where InitiatingProcessFileName has_any ("word", "excel", "access", "powerpnt")
| where ActionType == "FileCreated"
| where isnotempty( FileOriginUrl ) or isnotempty( FileOriginIP )
| summarize DomainCount=count(), UserList=make_set(InitiatingProcessAccountName), DeviceList=make_set(DeviceName), FileList=make_set(FileName) by FileOriginUrl, FileOriginIP, InitiatingProcessFileName
Looks for downloaded files with uncommon file extensions, groups remote IPs, URLs, filenames, users, and devices:
DeviceFileEvents
| where InitiatingProcessFileName has_any ("word", "excel", "access", "powerpnt", "outlook")
| where ActionType == "FileCreated"
| where isnotempty( FileOriginUrl ) or isnotempty( FileOriginIP )
| extend Extension=tostring(parse_path(FolderPath).Extension)
| extend Path=tostring(parse_path(FolderPath).DirectoryPath)
| summarize ExtensionCount=count(), IpList=make_set(FileOriginIP), UrlList=make_set(FileOriginUrl), FileList=make_set(FileName), UserList=make_set(InitiatingProcessAccountName), DeviceList=make_set(DeviceName) by Extension, InitiatingProcessFileName
Looks for Office apps that have child processes that match the GUID command line, with a check for Microsoft binaries to reduce the results before the regex:
DeviceProcessEvents
| where InitiatingProcessFileName has_any ("word", "excel", "access", "powerpnt")
| where ProcessVersionInfoCompanyName has "Microsoft"
| where ProcessCommandLine matches regex @"[A-Za-z0-9]+\.exe [A-Za-z0-9]{8}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{4}-[A-Za-z0-9]{12} /[A-Za-z0-9]$"
Microsoft Sentinel
Microsoft Sentinel customers can use the TI Mapping analytic to automatically match the malicious IP and domain indicators mentioned in this blog post with data in their workspace. If the TI Map analytics are not currently deployed, customers can install the Threat Intelligence solution from the Microsoft Sentinel Content Hub to have the analytics rule deployed in their Sentinel workspace. More details on the Content Hub can be found here: https://learn.microsoft.com/azure/sentinel/sentinel-solutions-deploy
To supplement this indicator matching customers can use the Advanced Hunting queries listed above against Microsoft 365 Defender data ingested into their workspaces as well as the following Microsoft Sentinel queries:
Computer science (CS) shapes how people live and work. From designing mobile games played by millions to exploring new renewable energy solutions, technology is transforming our world, and to build technology solutions, you need to know computer science. Its prevalence and value make CS an important instructional topic in all K-12 classrooms as well as a potential career opportunity for high school graduates. Research indicates that coding activities result in higher test scores in reading and math, and the number of computer science job openings is expected to grow 15% from 2021 to 2031 according to the U.S. Bureau of Labor Statistics. Realizing the transformative role of computer science begins with K-12 education and increasing student interest at a young age. Microsoft is committed to providing equitable, accessible, and engaging computer science education experiences for all students.
From December 5-11, classrooms around the world will celebrate Computer Science Education Week (CSEdWeek) by participating in an Hour of Code. The goal of this global call-to-action is to inspire K-12 students to explore and learn computer science. Packed with exciting opportunities for students to exercise their creativity, CSEdWeek and Hour of Code are two of the largest education events with millions of participants worldwide.
To celebrate this year’s CSEdWeek and Hour of Code, Microsoft Education is leading the charge with exciting, new learning resources that are guaranteed to energize students and educators. Whether it is building retro-style games in MakeCode’s Code a Carnival or using code to solve mysterious puzzles in Minecraft’s new Hour of Code: Escape Estate, students will have fun, gain valuable skills, and learn through engaging activities. Plus, these resources include embedded training and support so that everyone succeeds. Educators can also develop their own CS skills during collaborative events like Flip’s Creating Equity in Computer Science and this live event with Minecraft gamechangers!
Kick off CSEdWeek and Hour of Code with Microsoft Education!
Use coding to solve puzzles in Minecraft Hour of Code: Escape Estate
Escape from Dr. Breakowski’s mysterious mansion by dawn in an all-new Hour of Code tutorial and free demo lesson from Minecraft: Education Edition. With block-based and Python coding pathways for novice and expert coders alike, Escape Estate invites students to use code to solve puzzles that unlock secret passageways, hidden clues, and trap doors. It’s a fun, easy-to-teach lesson designed to teach anyone the basics of computational thinking in under an hour.
Teach with Hour of Code
Minecraft Hour of Code offers resources for educators including lesson plan and facilitation guides, a free teacher training on Microsoft Learn, solution guide for each coding challenge, and a walkthrough video. You can even download PowerPoint slides to introduce Hour of Code: Escape Estate to your learners and Digital flyers for promoting Hour of Code in your school or organization. Students will receive the Hour of Code completion certificate at the end of the lesson.
Educators already licensed to use Minecraft: Education Edition can access the Escape Estate world though the main menu in the newest version of the application (download here). Select “New & Featured” and then choose “Hour of Code (Escape Estate).”
Download a free demo to join in the experience if you don’t have a license.
Register for Free Hour of Code Student Workshop
If you’re totally new to Minecraft and coding, sign up for a Live Workshop to have a guest teacher facilitate Hour of Code virtually for your class. These engaging 75-minute, live events are run by expert educators who will provide you and your class with all the necessary knowledge to successfully navigate Escape Estate. Register now to reserve a spot so that you and your class aren’t trapped in the mansion forever. The workshops are happening at multiple times each day during CSEdWeek December 6-8, 2022.
Build CS knowledge and connect with experts during Flip live events
Explore issues like equity in computer science and meet the professionals that make Minecraft a playful learning experience on Flip throughout computer science education week. Informative and insightful, Flip events offer a chance to see how coding and CS can meaningfully impact everyone’s lives. Learn about the scheduled events and join the discussion by registering today.
Build a better world with code
Meet Lydia Winters and Cory Scheviak, who spend their days at Mojang Studios in Stockholm, Sweden, working on Minecraft. They’re both passionate about using the power of play to build a better world and the creativity of code to design features for the bestselling game of all time.
Suggested Audience: Educators, parents, and students
Computer Science should be an integral part of all K-12 student experiences. Join us as we discuss the importance of computer science education with industry professionals, educators, and non-profits who are making this happen every day.
Suggested Audience: Educators, clubs, organizations, and professionals
Design exciting games with Code a Carnival and Wakanda Forever from MakeCode
[youtube https://www.youtube.com/watch?v=fEZJCDnuwy8?&wmode=opaque&rel=0&w=640&h=360]Give students the chance to strengthen their coding skills by designing video games with MakeCode Arcade. Built with both novices and experts in mind, MakeCode Arcade introduces computer science concepts like sequences and loops using blocks that snap together to create code or text-based programming. To celebrate this year’s CSEdWeek and Hour of Code, MakeCode is offering two new free engaging and entertaining experiences which are already available for use in the classroom.
Code a Carnival is MakeCode’s new collection of video game projects. Students will be introduced to game design as they create carnival activities like “Whack-the-Mole” and “Bustin’ Balloons.” They can also build alongside millions of other coders as they create multiplayer versions of games to play with their friends. Plus, Code a Carnival comes with teacher-ready resources like lesson plans and introductory PowerPoint slides.
Look for exciting collaborations with Code Ninjas throughout Computer Science Education Week. They will be hosting a Carnival of Code with daily dress themes like “cozy coding in your pajamas” as well as activities from the MakeCode Hour of Code 2022 website. There will even be projects that incorporate Makey Makey so that students can design their own controllers and learn about physical computing with MakeCode.
Microsoft Education has everything necessary to bring Hour of Code 2022 to life during CSEdWeek. From an engaging collection of Hour of Code learning experiences to events that inspire, students will be excited to explore the possibilities that computer science has to offer.
Explore more fun and engaging ways to bring computer science into the classroom in these posts:
Get the inside, first-hand account of Microsoft’s strategy to scaled quantum computing in a new webinar series where you’ll hear directly from Microsoft Azure Quantum scientists and leaders about the path to quantum at scale and how to get involved today.
In this ongoing series, scientists and researchers can hear directly from Microsoft’s quantum scientists and leaders like Krysta Svore, Chetan Nayak, Matthias Troyer, and others about our strategy, progress, and most importantly, how Microsoft aims to empower innovators to make a breakthrough impact with quantum at scale.
The series kicks off with our first event “Have you started developing for practical quantum advantage?” on January 31 from 9:00–9:30 AM PT. Our speaker will be Dr. Krysta Svore, distinguished engineer and VP of Quantum Software, Microsoft. During this webinar, you will:
Learn what’s required for scalable quantum computing and what can be done now to get ready for it.
See the new Azure Quantum Resource Estimator—the first end-to-end toolset that provides estimates for the number of logical and physical qubits as well as runtime required to execute quantum applications on post-NISQ, fault-tolerant quantum computers.
Understand the number of qubits required for a quantum solution and the differences between qubit technologies.
Explore how Microsoft is empowering innovators today by co-designing tools to optimize quantum solutions and to run small instances of algorithms on today’s diverse and maturing quantum systems and prepare for tomorrow’s scaled quantum computers.
Participate in a live Q&A chat with the Azure Quantum team and be one of the first to hear about recent advancements.
Krysta Svore | Distinguished Engineer and VP of Quantum Software, Microsoft
About the Speaker:
Dr. Svore has published over 70 refereed articles and filed over 30 patents. She is a Fellow of the American Association for the Advancement of Science. She won the 2010 Yahoo! Learning to Rank Challenge with a team of colleagues, received an ACM Best of 2013 Notable Article award, and was recognized as one of Business Insider’s Most Powerful Female Engineers of 2018. A Kavli Fellow of the National Academy of Sciences, she also serves as an advisor to the National Quantum Initiative, the Advanced Scientific Computing Advisory Committee of the Department of Energy, and the ISAT Committee of DARPA, in addition to numerous other quantum centers and initiatives globally.
Microsoft Quantum Innovator Series: Why and what is the future of the topological qubit?
On February 28, we will focus on why Microsoft decided to design its quantum machine with topological qubits—an approach that is both more challenging and more promising than others—and what’s next for Microsoft’s hardware ambitions. This episode will share more about Microsoft’s quantum hardware journey, specifically touching on Microsoft’s physics breakthrough outlined in Dr. Nayak’s recent paper, and will also focus on the physics behind the topological qubit. Join our speaker Chetan Nayak, Technical Fellow and and VP of Quantum Hardware and Systems Engineering, Microsoft to:
Learn about topological phases in physics and how they are applied to quantum computing.
Explore how topological properties create a level of protection that can, in principle, help a qubit retain quantum information despite what’s happening in the environment around it.
Understand the role of the topological gap and the recently discovered Majorana zero modes, and how together they impact a topological qubit’s stability, size, and speed.
Learn how to examine the raw data and analysis from Microsoft’s hardware research on Azure Quantum.
Use interactive Jupyter notebooks and explore what’s next in engineering the world’s first topological qubit.
Participate in a live Q&A chat with the Azure Quantum team and be one of the first to hear about recent advancements.
Chetan Nayak | Technical Fellow and VP of Quantum Hardware and Systems Engineering, Microsoft
About the Speaker:
Dr. Nayak is a pioneer of the study of quantum matter, including topological and non-equilibrium phases. He holds a bachelor’s degree from Harvard and a PhD in physics from Princeton. He was an assistant, associate, and full professor at UCLA, a visiting professor at Nihon University in Tokyo, and is a professor of physics at UCSB. Chetan was a trustee of the Aspen Center for Physics and an editor of Annals of Physics. He is a Fellow of the American Physical Society and a recipient of an Alfred P. Sloan Foundation Fellowship and a National Science Foundation CAREER award. He has published more than 150 refereed articles with more than 20,000 citations and has been granted more than 20 patents.
Microsoft Quantum Innovator Series: What kind of problems can we solve today with quantum simulation?
On April 20, we will feature Matthias Troyer, Microsoft Technical Fellow, who will discuss what kind of problems we can solve today with quantum simulation. Learn how years of Microsoft research reveal that the discovery of new chemicals, materials, and drugs that will ultimately help solve the world’s most challenging problems will greatly benefit from quantum computing. Dr. Troyer will explain what is happening today and how chemical and materials science innovators can get started on their quantum journey:
Learn how real progress can be made today by combining high performance computing (HPC), state-of-the-art machine learning, and quantum knowledge to fundamentally transform our ability to model and predict the outcome of chemical processes.
Get real-world insights from co-innovation projects happening right now with leading chemical and materials science companies around the world.
Find out how researchers in chemical and materials fields can get started on their quantum journey today.
Participate in a live Q&A chat with the Azure Quantum team and be one of the first to hear about recent advancements.
Matthias Troyer | Technical Fellow, Microsoft
About the Speaker:
Dr. Troyer is a Fellow of the American Physical Society, Vice President of the Aspen Center for Physics, a recipient of the Rahman Prize for Computational Physics of the American Physical Society “for pioneering numerical work in many seemingly intractable areas of quantum many body physics and for providing efficient sophisticated computer codes to the community” and of the Hamburg Prize for Theoretical Physics.
After receiving his PhD in 1994 from ETH Zurich in Switzerland, he was a postdoc at the University of Tokyo before returning to ETH Zurich where he was a professor of Computational Physics until joining Microsoft’s quantum computing program in early 2017. He works on a variety of topics in quantum computing, from the simulation of materials and quantum devices to quantum software, algorithms and applications of future quantum computers. His broader research interests span from high performance computing and quantum computing to the simulations of quantum devices and island ecosystems.
Apps designed for collaboration can help keep employees in the flow of work by bringing the apps, data, and workflows to the user. With Adobe Acrobat Sign and Adobe Creative Cloud, Adobe has played a vital role in bringing collaborative apps to Teams. Building on this momentum, we’re excited to announce the new integration of Adobe Acrobat into Microsoft Teams. This new experience helps remove the friction of switching between apps for organizations that prefer to work with their PDFs through Adobe Acrobat. This new integration may help result in more efficiency, improved security, and reduce costs.
Managing PDFs in Microsoft Teams with Adobe Acrobat
This deep integration allows Acrobat to be set as the default app for PDFs in Teams. People can stay in the flow of work by securely accessing and collaborating on PDFs directly from within the Acrobat viewer in Teams. This includes the ability to share and review PDFs, collaborate in real time with comments and annotations, get notifications of comments, and easily access PDFs that are stored in Microsoft SharePoint and OneDrive. Here’s what’s now available:
Set Adobe Acrobat as the default PDF experience for Microsoft Teams
To access this new integration, your IT admin must set Acrobat as the default PDF app through the Teams admin center. Once the app is set as default, all PDF files from chat, channels, and files will open directly in the Acrobat app within Teams. Users won’t need an Adobe Acrobat subscription or Adobe ID to view PDF files, but will need an Acrobat Standard or Pro account for premium features listed above. Learn more about getting started with Adobe Acrobat for Microsoft Teams.
Building on a foundation of security and trust
Protecting sensitive information is core to every person and organization. From a digital security standpoint, PDFs collaborated on are sent to Adobe Document Cloud servers in the region in which the user is located for transient processing. They are then deleted within 24 hours. The documents remain encrypted both in transit and at rest during this process. Discover more about security for Acrobat.
Moving forward
This integration is just one of many ways we are working with Adobe to help increase efficiency across your organization. With Adobe tools and services built into Microsoft 365, everyone can transact business and collaborate faster in their favorite Microsoft 365 apps. We look forward to sharing our updates with you on our collaboration with Adobe. Please reach out to filesteamsfeedback@microsoft.com with any questions about the Adobe Acrobat Teams integration.
