Latest Technology News

"May you live in interesting times!" This is one of the expressions that has received a lot of airtime in recent months. Clearly as a society we weren’t prepared for a pandemic and all the collateral impact that has resulted. But spare a thought for the IT and security teams that have recently dealt with perhaps the "most interesting" times. Everything they knew and trusted about their environment changed overnight. Think: remote workers, new insider threats and challenges associated with shadow IT.

To be fair, shadow IT was already a problem before the pandemic; our research shows the typical organization is aware of less than 50 percent of the digital assets that exist in their environment. However, in their race to ensure access to data and systems needed while sheltering in place, many end-users (inadvertently perhaps?) added significantly to the shadow IT problem. All of this is occurring as attacks have escalated with adversaries trying to take advantage of the chaos. So, what’s a security team to do about it?

Continue reading →

When Microsoft updated Windows Subsystem for Linux to version 2, there was a lot for developers to take advantage of.

Among those making good use of the fact that a genuine Linux kernel is now virtualized in WLS 2 is the team behind Kali Linux. They have created a new package called Win-KeX that gives the distro a graphic desktop environment, and it comes alongside the release of Kali Linux 2020.3.

Continue reading →

A new Biannual ICS Risk and Vulnerability Report, released today by Claroty, reveals that more than 70 percent of industrial control system (ICS) vulnerabilities disclosed in the first half of 2020 can be exploited remotely.

Earlier this week we looked at how project files can be used to attack ICS systems even if they're air-gapped, but this report highlights the importance of protecting internet-facing ICS devices and remote access connections.

Continue reading →

In the new normal world where more work is being carried out remotely, corporate communications have increased in importance but they have also come under greater threat.

As the recent Twitter attack shows, communication tools offer hackers an attractive extra method of getting hold of sensitive information like login details.

Continue reading →

Microsoft rolled out an updated Windows 10 Start menu to Windows Insiders a month ago, and that menu is now available to all -- if you follow these instructions. The tweaked design removes the solid color backplates behind the logos and adds a translucent background to tiles.

However, it could be that bigger changes are afoot. In a video showcasing Microsoft’s new icon system the search giant also reveals a stunning new-look Start menu.

Continue reading →

USB-C docking stations are rather common these days. In fact, sites like Amazon are littered with countless makes and models. Of course, not all of them are good, nor are they all the same. Features can vary from dock to dock, such as the number of USB ports or video outputs.

Speaking of video output, most USB-C docks have either one or two such ports. Today, however, Plugable launches a docking station with three HDMI ports, and yes, they can all be used simultaneously for a triple monitor configuration. Despite having so many video outputs, it doesn't skimp on other useful ports.

Continue reading →

Almost half of all actions by attackers are identical to the normal activities of the users and admins, and in most companies even a low-skilled hacker can obtain control of the infrastructure.

These are among the findings of a new study from penetration testing specialist Positive Technologies. Testers, acting as internal attackers, managed to obtain full control of infrastructure at 23 tested companies usually within three days.

Continue reading →

Credential stuffing attacks rely on stolen account credentials from a previous breach and are usually perpetrated by bots in an attempt to gain access to other websites.

This is a major problem for businesses, with threat actors using as many as 65,000 IP addresses for a single attack. Now though identity platform Auth0 is launching a new Bot Detection feature that it claims can reduce the effectiveness of a credential stuffing attack by as much as 85 percent.

Continue reading →

If you're an Edge user who frequently has a large number of tabs open, Microsoft's decision to add the browser tabs to Alt-Tab switching creates something of a navigation nightmare.

When you have not only multiple browser tabs open, but also numerous applications, Alt-Tabbing your way through them can take an age. Thankfully it is possible to hide Edge tabs in Alt-Tab, or limit the number of tabs that are displayed so things don't get too overwhelming.

Continue reading →

With Internet Explorer having shown its age for a very long time, and with Microsoft pushing out the new Chromium-based version of Edge, it is little wonder that the company is ready to kill off its older browsers.

Microsoft has now set out its timetable for sunsetting legacy Edge in Windows 10 and the dropping of support for Internet Explorer. The changes start later this year, and in twelve months' time the process of moving on will be complete -- from Microsoft's point of view, at least.

Continue reading →

Beginning coders often learn quickly that the ability to simply code in a particular language is only half the battle. The ability to write clear and reliable code is a different story -- one that requires knowledge of best practices, attention to detail, and experience with reviewing and editing code to optimize it.

Typically, when code is completed for a certain portion of a project, it gets passed on to another person (or multiple people) for review, revision, and extension. With this being the case, keeping your code clear and logical is essential to allow other team members to work efficiently. So how do you write better code? While certain programming languages have their own unique best practices, there are some general guidelines that you can follow no matter if you write with Python, Ruby, JavaScript, or your own preferred programming language.

Continue reading →

By making Windows 10 Home and Windows 10 Pro, Microsoft gave people a choice of operating system, but also caused some confusion. Just what is the difference between the two, and is it worth upgrading to Pro if your computer came with the Home edition installed?

Well the answer to the second question is a resounding yes! This is definitely a worthwhile upgrade -- and to show you why, we're going to highlight all of the extra features and options Pro includes. If you decide that you do want to upgrade to Windows 10 Professional, we have a special offer that will save you a lot of money. You can buy a genuine Windows 10 Pro license for just $39.99!

Continue reading →

Industrial control systems (ICS) are usually kept separate from internet facing and other business applications. But researchers at Claroty have discovered a way to exploit ICS project files as an attack vector.

The attack was demonstrated at the recent DEF CON conference. We asked Nadav Erez, Claroty's research team lead, to explain more about why these files are particularly attractive to attackers.

Continue reading →

Although reports of data breaches are down 52 percent in the first half of this year, the number of records exposed over the same period has soared to 27 billion.

The latest Data Breach Report from Risk Based Security shows 2,037 publicly reported breaches from January to June, a 52 percent decrease compared to the first six months of 2019 and 19 percent below the same time period for 2018.

Continue reading →

As systems move to the cloud, organizations are faced with the problem of safely managing access for third-parties and vendors.

Specialist in this field SecureLink is launching a new version of its SecureLink for Enterprises platform, introducing features to expand vendor privileged access management (VPAM) capabilities to the cloud and strengthen reporting.

Continue reading →