Xbox-eigenaar Microsoft heeft naar verluidt een nieuwe versie van de Xbox-controller goedgekeurd. De controller moet zelf een wifiverbinding kunnen maken, wat beter zou zijn bij gebruik van Xbox Cloud Gaming.
Cyber and Physical Risks Targeting the 2026 Winter Olympics
In this post we analyze the multi-vector threat landscape of the 2026 Winter Olympics, examining how the Gamesβ dispersed geographic footprint and high digital complexity create unique potential for cyber sabotage and physical disruptions.
The Milano-Cortina 2026 Winter Olympics represent a historic milestone as the first Games co-hosted by two major cities. However, the eventβs expansive geographic footprintβcovering 22,000 square kilometers across northern Italyβpresents a complex security environment. From the metropolitan centers of Milan to the alpine peaks of Cortina dβAmpezzo, security forces are contending with a multi-vector threat landscape.
Kinetic and Physical Security Challenges
The geographically dispersed nature of the Milano-Cortina 2026 Winter Games also creates unique physical security challenges. Because venues are spread across thousands of square kilometers of the Alps, securing transit corridors and ensuring rapid emergency response across different Italian regionsβincluding Lombardy, Veneto, and Trentinoβis an incredible logistical hurdle. New tunnels, increased train services, and extended bus routes have been welcomed but create new potential targets for physical disruption by threat actors or protestors.
Terrorist and Extremist Threats
Flashpoint has not identified any terrorist or extremist threats to the Winter Olympic Games. However, lone threat actors in support of international terrorist organizations or domestic violence extremists remain a persistent threat due to the large number of attendees expected and the media attention that this event will attract.
Authorities in northern Italy are investigating a series of sabotage attacks on the national railway network that coincided with the opening of the 2026 Winter Olympic Games. The coordinated incidentsβwhich included arson at a track switch, severed electrical cables, and the discovery of a rudimentary explosive deviceβcaused delays of over two hours and temporarily disabled the vital transport hub of Bologna.
Protests
Flashpoint analysts identified several protests targeting the 2026 Winter Olympics:
US Presence and ICE Backlash: Hundreds of demonstrators have participated in protests in central Milan to demand that US ICE agents withdraw from security roles at the upcoming Winter Olympics.
Anti-Olympic and Environmental Activism: The most organized opposition comes from the Unsustainable Olympics Committee. They have already staged marches in Milan and Cortina, with more planned for February.
Pro-Palestinian Groups: Organizations such as BDS Italia are actively campaigning to boycott the games, demanding that Israel not be permitted to participate. Other pro-Palestinian groups have attempted to disrupt the Torch Relay in several cities and are expected to hold flash mob-style demonstrations in Milanβs Piazza del Duomo during the Opening Ceremony.
Labor Strikes: Italy frequently experiences transport strikes, which often fall on Fridays. Because the Opening Ceremony is on Friday, February 6, unions are leveraging this for maximum impact. An International Day of Protest has been coordinated by port and dock workers across the Mediterranean for February 6.
On February 7, a massive protest of approximately 10,000 people near the Olympic Village in Milan descended into violence as a peaceful march against the Winter Games ended in clashes with Italian police. While the majority of demonstrators initially focused on the environmental destruction caused by Olympic infrastructure, a smaller group of masked protestors engaged security forces with flares, stones, and firecrackers.
Cyber Threats Facing the 2026 Winter Olympics
The Milano-Cortina 2026 Winter Olympics will be among the most digitally complex global events, making it a prime target for cyberattacks. The greatest risks stem from familiar tactics such as phishing, spoofed websites, and business email compromise, which exploit human trust rather than technical flaws. With billions of viewers and a vast network of cloud services, vendors, and connected systems, the games create an expansive attack surface under intense operational pressure.
Italy blocked a series of cyberattacks targeting its foreign ministry offices, including one in Washington, as well as Winter Olympics websites and hotels in Cortina dβAmpezzo, with officials attributing the attempts to Russian sources. Foreign Minister Antonio Tajani confirmed the attacks were prevented just days before the Gamesβ official opening, which began with curling matches on February 4.Β
Past Olympic Games show a clear pattern of heightened cyber activity, including phishing campaigns, distributed denial-of-service (DDoS) attacks, ransomware, and online scams targeting both organizers and the public. A mix of cybercriminals, advanced persistent threats, and hacktivists is expected to exploit the event for financial gain, espionage, or publicity. Experts emphasize that improving security awareness, verifying digital interactions, and strengthening supply chain defenses are critical, as the most damaging incidents often arise from ordinary threats amplified by scale and urgency.
Staying Safe at the 2026 Winter Games
The security success of Milano-Cortina 2026 relies on the integration of real-time intelligence, advanced technological safeguards, and public vigilance. As the Games proceed, the intersection of cyber-sabotage and physical protest remains the most likely source of operational disruption.
To stay safe at this yearβs Games, participants should:
Download Official Apps: Install the Milano Cortina 2026 Ground Transportation App and the Atm Milano app for real-time updates on transit, road closures, and βguaranteedβ travel windows during strikes.
Plan Around Friday Strikes: Be aware that transport strikes (Feb 6, 13, and 20) typically guarantee services only between 6:00 AM β 9:00 AM and 6:00 PM β 9:00 PM. Plan your venue transfers accordingly.
Secure Your Digital Footprint: Avoid public Wi-Fi at major venues. Use a VPN and ensure Multi-Factor Authentication (MFA) is active on all your ticketing and banking accounts.
Stay Clear of Protests: While most demonstrations are expected to be peaceful, they can cause sudden police cordons and transit delays.
Respect the Drone Ban: Unauthorized drones are strictly prohibited over Milan and venue clusters. Leave yours at home to avoid heavy fines or interception by security units.
Stay Safe Using Flashpoint
While there are no current indications of imminent threats of extreme violence targeting the Milano-Cortina 2026 Winter Olympics, the eventβs vast geographic footprint and digital complexity demand constant vigilance. Securing an event that spans 22,000 square kilometers requires more than just a physical presence; it necessitates a multi-faceted approach that bridges the gap between digital and kinetic risks.
To effectively navigate the intersection of cyber-sabotage, civil unrest, and logistical challenges, organizations and attendees must adopt a comprehensive strategy that integrates real-time intelligence with proactive security measures. Download Flashpointβs Physical Safety Event Checklist to learn more.
And their toolkit includes a new, Linux kernel rootkit
A state-aligned cyber group in Asia compromised government and critical infrastructure organizations across 37 countries in an ongoing espionage campaign, according to security researchers.β¦
The distributed denial-of-service (DDoS) botnet known as AISURU/Kimwolf has been attributed to a record-setting attack that peaked at 31.4 Terabits per second (Tbps) and lasted only 35 seconds.
Cloudflare, which automatically detected and mitigated the activity, said it's part of a growing number of hyper-volumetric HTTP DDoS attacks mounted by the botnet in the fourth quarter of 2025. The
De Nederlandse gamestudio Guerrilla kondigt de Horizon-spin-off Horizon Hunters Gathering aan, een co-opactiegame. De game moet voor de PlayStation 5 en pc uitkomen en ondersteunt cross-play. Er is nog geen releasedatum bekendgemaakt.
Rome's "La Sapienza" university has been targeted by a cyberattack that impacted its IT systems and caused widespread operational disruptions at the educational institute. [...]
Every conversation I have with information security leaders tends to land in the same place. People understand what matters. They know the frameworks, the controls, and the guidance. They can explain why identity security, patching, and access control are critical. And yet incidents keep happening for the same reasons.
Successful cyberattacks rarely depend on something novel. They succeed when basic controls are missing or inconsistently applied. Stolen credentials still work. Legacy authentication is still enabled. End-of-life systems remain connected and operational, though of course not well patched.
This is not a knowledge problem. It is an execution and follow through problem. We know what weβre supposed to do, but we need to get on with doing it. The gap between knowing what matters and enforcing it completely is where most real-world incidents occur.
If the basics were that easy to implement, everyone would have them in place already.
That gap is where cyberattackers operate most effectively, and it is the gap that Operation Winter SHIELD is designed to address as a collaborative effort across the public and private sector.
Why Operation Winter SHIELD matters
Operation Winter SHIELD is a nine-week cybersecurity initiative led by the FBI Cyber Division beginning February 2, 2026. The focus is not awareness or education for its own sake. The focus is on implementation. Specifically, how organizations operationalize the real security guidance that reduces risk in real environments.
This effort reflects a necessary shift in how we approach security at scale. Most organizations do not fail because they chose the wrong security product or the wrong framework. They fail because controls that look straightforward on paper are difficult to deploy consistently across complex, expanding environments.
Microsoft is providing implementation resources to help organizations focus on what actually changes outcomes. To do this, weβre sharing guidance on controls, like Baseline Security Mode that hold up under real world pressure, from real world threat actors.
What the FBI Cyber Division sees in real incidents
The FBI Cyber Division brings a perspective that is grounded in investigations. Their teams respond to incidents, support victim organizations through recovery, and build cases against the cybercriminal networks we defend against every day. This investigative perspective reveals which missing controls turn manageable events into prolonged incident crises.
That perspective aligns with what we see through Microsoft Threat Intelligence and Microsoft Incident Response. The patterns repeat across industries, geographies, and organization sizes.
Nation-sponsored threat actors exploit end-of-life infrastructure that no longer receives security updates. Ransomware operations move laterally using over privileged accounts and weak authentication. Criminal groups capitalize on misconfigurations that were understood but never fully addressed.
These are not edge cases. They are repeatable failures that cyberattackers rely on because they continue to work.
When incidents arise, it is rarely because defenders lacked guidance. It is because controls were incomplete, inconsistently enforced, or bypassed through legacy paths that remained open.
Defenders are not indifferent to these risks. They are certainly not unaware. They operate in environments defined by complexity, competing priorities, and limited resources. Controls that seem simple in isolation become difficult when they must be deployed across identities, devices, applications, and cloud services that were not designed at the same time.
In parallel, the cyberthreat landscape has matured. Initial access brokers sell credentials at scale. Ransomware operations function like businesses. Attack chains move quickly and often complete before the defenders can meaningfully intervene.
Detection windows shrink. Dwell time is no longer an actionable metric. The margin for error is smaller than it has ever been before.
Operation Winter SHIELD exists to narrow that margin by focusing attention on high impact control areas and showing how they can help defenders succeed when they are enforced.
Each week, weβll focus on a high-impact control area informed by investigative insights drawn from active cases and long-term trends. This is not about introducing yet another security framework or hammering back again on the basics. It is about reinforcing what already works and confronting, honestly, why it is so often not fully implemented.
Moving from guidance to guardrails
Microsoftβs role in Operation Winter SHIELD is to help organizations move from insight to action. That means providing practical guidance, technical resources, and examples of how built-in platform capabilities can reduce the operational friction that slows deployment.
A central theme throughout the initiative is secure by default and by design. The fastest way to close implementation gaps is to reduce the number of decisions defenders must make under pressure. Controls that are enforced by default remove reliance on error-prone configurations and constant human vigilance.
Baseline Security Mode reflects this approach in practice. It enforces protections that harden identity and access across the environment. It blocks legacy authentication paths. It requires phish-resistant multifactor authentication for administrators. It surfaces legacy systems that are no longer supported. And it enforces least-privilege access patterns. These protections apply immediately when enabled and are informed by threat intelligence from Microsoftβs global visibility and lessons learned from thousands of incident response engagements.
The same guardrail model applies to the software supply chain. Build and deployment systems are frequent intrusion points because they are implicitly trusted and rarely governed with the same rigor as production environments. Enforcing identity isolation, signed artifacts, and least-privilege access for build pipelines reduces the risk that a single compromised developer account or token becomes a pathway into production.
These risks are not limited to technical pipelines alone. They are compounded when ownership, accountability, and enforcement mechanisms are unclear or inconsistently applied across the organization.
Governance controls only matter when they translate into enforceable technical outcomes. Requiring centralized ownership of security configuration, explicit exception handling, and continuous validation ensures that risk decisions are deliberate and traceable.
The objective is straightforward. Reduce the distance between guidance and guardrails. We must look to turn recommendations into protections that are consistently applied and continuously maintained.
What you can expect from Operation Winter SHIELD
Starting the week of February 2, 2026, you can expect focused guidance on the controls that have the greatest impact on reducing exposure to cybercrime. The initiative is not about creating new requirements. It is about improving execution of what already works.
Security maturity is not measured by what exists in policy documents or architecture diagrams. It is measured by what is enforced in production. It is measured by whether controls hold under real world conditions and whether they remain effective as environments change.
The cybercrime problem does not improve through awareness. It improves through execution, shared responsibility, and continued focus on closing the gaps threat actors exploit most reliably. You can expect to hear this guidance materialize on the FBIβs Cybercrime Divisionβs podcast, Ahead of the Threat, and a future episode of the Microsoft Threat Intelligence Podcast.
Building real resilience
Operation Winter SHIELD represents a focused effort to help organizations strengthen operational resilience. Microsoftβs contribution reflects a long-standing commitment to making security controls easier to deploy and more resilient over time.
Over the coming weeks and extending beyond this initiative, we will continue to share practical content designed to support organizations at every stage of their security maturity. Security is a process, not a product. The goal is not perfection, the goal is progress that threat actors feel. We will impose cost.
The gap between knowing what matters and doing it consistently is where threat actors have learned to operate. Closing that gap requires coordination, shared learning, and a willingness to prioritize enforcement over intention.
Operation Winter SHIELD offers an opportunity to drive systematic improvement to one control area at a time. Investigative experience explains why each control matters. Secure defaults and automation provide the path to implementation.
This work extends beyond any single awareness effort. The tactics threat actors use change quickly. The controls that reduce risk largely remain stable. What determines outcomes is how quickly and reliably those controls are put in place.
That is the work ahead. Moving from abstract ideas to real world security. Join me in going from knowing to doing.
To learn more about Microsoft Security solutions, visit ourΒ website.Β Bookmark theΒ Security blogΒ to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity)Β for the latest news and updates on cybersecurity.
Breach-tracking site flags dataset following impersonation-based intrusion
Breach-tracking site Have I Been Pwned (HIBP) claims a cyberattack on Betterment affected roughly 1.4 million users β although the investment company has yet to publicly confirm how many customers were affected by January's intrusion.β¦
De Algemene Rekenkamer wil af van de mail- en kantoorsoftware en clouddiensten van Microsoft. Dat komt erop neer dat de Rekenkamer wil stoppen met het afnemen van Microsoft 365. Het is nog niet bekend wanneer dit zou moeten gebeuren of naar welke alternatieve software.
Google zegt dat dit jaar veel meer Android-telefoons Apple AirDrop-compatibel worden. Tot nu toe is de functionaliteit om snel bestanden uit te wisselen met iPhones, iPads en MacBooks voorbehouden aan Pixel 10-telefoons, maar dat gaat veranderen.
OpenAI heeft Frontier uitgebracht, een tool om AI-agents binnen bedrijven te beheren. Daarbij kunnen bedrijven de AI-agents context meegeven en aangeven wat ze wel en niet mogen binnen de systemen van het bedrijf.
Snapchat bereikt nog steeds 90 procent van de Nederlandse jongeren, zo zegt het bedrijf zelf. Het gaat om gebruikers tussen 13 en 24 jaar. Intussen is het aantal maandelijkse gebruikers in Nederland gegroeid naar zes miljoen.
Conpet, Romania's national oil pipeline operator, has disclosed that a cyberattack disrupted its business systems and took down the company's website on Tuesday. [...]
Nintendo kondigt samen met partners verschillende Switch 2-releases aan. Zo is Hollow Knight voor de Switch 2 nu uit, eventueel als gratis upgrade voor eigenaren van de Switch-versie. Daarnaast komen Valheim, Fallout 4 en Final Fantasy VII Rebirth dit jaar voor de console uit.
De ANWB zegt dat de laadpalen in het Limburgse Nederweert het goedkoopst zijn, met een gemiddeld laadtarief van 0,33 euro per kWh. De duurste staan juist in het Zuid-Hollandse Oegstgeest, waar ze gemiddeld 0,70 euro per kWh kosten. Dit kan op jaarbasis honderden euro's extra kosten.
Login
The Register β Security
Microsoft Security Blog
Security.NL maakt Nederland veilig
