Purple Team engagements uncover security weaknesses
Our threat researchers at Lares encounter a broad range of security flaws and vulnerabilities when we conduct Purple Team exercises on behalf of our clients. Over time, the same unforced errors seem to come up so often that we warn security teams to develop standardized practices to defend against them.
The Lares Adversarial Collaboration Unit assists clients with defensive collaboration engagements and Purple Team assessments, which combine offensive and defensive techniques to strengthen security protections. Red Teams emulate external or insider attackers, while Blue Teams serve as internal security defenders. Purple Teams assist both sides by aligning the defensive tactics of the Blue Team with the threats attempted by the Red Team.
Google launches Nearby Share for Windows in beta to simplify sharing files between Android and PC
As any owner of an Android device will tell you, while there is a lot to love about Google’s mobile operating system, there remains a lot of room for improvement. A good example is the sharing of files between a smartphone running Android and a PC running Windows -- something that has proved bewilderingly and unnecessarily cumbersome in the past.
To make file sharing easier, Google has launched a beta version of Nearby Sharing for Windows, expanding the availability of what was previously a mobile-only app.
Kick Microsoft Windows 11 out of your life and switch to Linux Lite 6.4 today!
Linux Lite is a popular Linux distribution that is designed to be easy to use for people switching from Windows. The latest version, Linux Lite 6.4, includes a number of new features and improvements, making it a great choice for anyone looking for a reliable and user-friendly Linux distribution.
Linux Lite 6.4 is a lightweight Linux distribution based on Ubuntu 22.04.2 LTS. The distro includes a number of bug fixes and security updates. The operating system is a smart choice for users who are new to Linux or who are looking for a more lightweight alternative to Windows or macOS.
Blender 3.5 unveils new GPU-based compositor backend and improved hair styling tools
The Blender Foundation has unveiled Blender 3.5.0, the latest 3.x point release of its popular and powerful open-source, cross-platform 3D creation suite. The new release boasts several new features, including GPU-powered viewport compositor and vector displacement sculpting.
Blender 3.5’s main highlight, however, is that it builds massively on the curves-based hair system it introduced in version 3.3 with the addition of 'hair assets', 26 pre-built textures users can simply drag and drop on to existing models.
Best Windows apps this week
Five-hundred-and-thirty-six in a series. Welcome to this week's overview of the best apps, games and extensions released for Windows 10 and 11 on the Microsoft Store and elsewhere in the past seven days.
Windows 11 users may soon install free apps or games directly from Windows Search results. The change landed in the latest Windows 11 Canary Insider build.
Backups are for life, not just World Backup Day
Backups have been an essential part of IT since the days of paper tape and punched cards, but nobody ever said they were exciting.
Of all the things that now have a day devoted to them, backups probably deserve one more than most for being the unsung savior of many an information professional's career. On today's World Backup Day we've asked some experts to tell us their views on backups and why they are still vital.
World Backup Day: IT and security teams need to work better together or we are going to fail
It's like in the movie "Groundhog Day". Every 31st March the music plays and on World Backup Day we are reminded of the promise: "I solemnly swear to back up my important documents and applications". A noble goal that every company and every user immediately agrees to.
But in the weeks surrounding World Backup Day, we hear from the media that companies have been hacked and their data hijacked by ransomware. The big promise to restore the data from the backup and thus be resistant to any attempt at blackmail is then broken again.
Microsoft is testing a new way for Windows 11 users to install free apps and games
New Insider builds of Windows 11 are usually about Microsoft testing out new features of the operating system, but sometimes the company tries something a little different. This is something that is true of the latest Canary release, build 25330, and Dev release, build 23424.
In both of these new releases, there are important changes to the Microsoft Store. The latest version of the app gives Insiders a new way to install free apps and games faster than ever.
Beyond the smoke and mirrors of zero trust security [Q&A]
Enterprises are faced with a barrage of new threats and entry points and as a result need to deploy, scale, enforce and maintain zero trust security policies to keep pace.
Access control needs to be at the core of any successful zero trust model but this too presents challenges. We spoke to Denny LeCompte, CEO of Portnox, to discover how organizations can overcome zero trust barriers.
Microsoft fixes Azure BingBang bug that allowed Bing search hijacking and leaked private data
Microsoft has addressed a serious flaw in Azure Active Directory which was dubbed BingBang by the security researchers that discovered it.
The vulnerability not only made it possible to manipulate Bing search results, but also to access private data from Outlook, Office 365 and Teams. The issue stemmed from an Azure misconfiguration; it dates back to January this year, but Microsoft has only just plugged the hole.
Microsoft releases experimental Windows 11 Build 25330 to the Canary Channel
As well as releasing a new Windows 11 build for Insiders in the Dev Channel, Microsoft today also introduces a new flight to its experimental Canary Channel.
Build 25330 won’t be offered to Insiders with Arm64 devices, and it comes with a selection of changes and improvements.
Microsoft releases Windows 11 Build 23424 with evolved widgets board
Last week, Microsoft rolled out a Windows 11 test build to the new Canary Channel, which (among other things) introduced an evolved widget board that sports a larger canvas (up to three columns), with dedicated sections for widgets and feed content.
Testing for this clearly went well, as today as the software giant makes it available to Windows Insiders in the Dev Channel.
Watch 23 years' worth of programs failing to respond in Windows (from Windows 2000 to Windows 11) in just two minutes
In a nostalgic trip down memory lane, YouTube channel Nobel Tech has created a video showcasing the evolution of the infamous "This Program is Not Responding" Windows error message over the years.
The video starts with the prompt in Windows 2000 and takes viewers on a journey through time, ending with the message that shows up in the latest version of Microsoft’s operating system, Windows 11.
71 percent of employees have sensitive work data on personal devices
Allowing people to use their own devices for work comes with risks. A new report from SlashNext shows that 43 percent of employees were found to have been the target of a work-related phishing attack on their personal devices.
When it comes to securing BYOD hardware, 90 percent of security leaders say that protecting employees' personal devices is a top priority, but only 63 percent say they definitely have the tools to do so adequately.
Microsoft is bringing a new Registry Preview utility to PowerToys
This year has seen the addition of a veritable smorgasbord of tools to the PowerToys utility collection -- and the pace shows no sign of slowing. Recent arrivals include Mouse Jump and Paste As Plain Text, and next in line is a handy registry utility.
PowerToys developers are currently working on a new tool called Registry Preview. Designed with power users in mind, this upcoming module will make it possible to preview the effects of importing a .reg file into the registry as well as providing registry editing options.