• Article

Many books discuss the technical underpinnings and complex configurations necessary for cybersecurity -- but they fail to address the everyday steps that boards, managers, and employees can take to prevent attacks. The Cybersecurity Playbook is the step-by-step guide to protecting your organization from unknown threats and integrating good security habits into everyday business situations.

This book provides clear guidance on how to identify weaknesses, assess possible threats, and implement effective policies. Recognizing that an organization’s security is only as strong as its weakest link, this book offers specific strategies for employees at every level.

Continue reading →

With 11,121 vulnerabilities disclosed during the first half of 2020, as the year progresses the total is expected to exceed that of 2019.

Although the number of vulnerabilities disclosed in the first half of 2020 decreased by 8.2 percent compared to the same period in 2019 due to the impact of COVID-19, but the Q2 vulnerability report from Risk Based Security does suggest some signs of a return to 'normal' levels.

Continue reading →

Microsoft has released two new updates to the Windows Terminal app, starting off with version 1.2 for the main release.

But for those looking to try out the very latest features, the newly launched Windows Terminal Preview 1.3 is probably of more interest. A raft of new features and options have been added including a command palette and an advanced tab switcher for easier navigation.

Continue reading →

The Qbot trojan first appeared in 2008 as banking and credential theft malware, evolving over the years to deliver ransomware attacks, making it something of a Swiss Army knife of the malware world.

Researchers at Check Point have now uncovered a further evolution that allows Qbot to hijack legitimate email conversations from an infected user's Outlook email client, and then spam itself out using those hijacked emails to increase its chances of tricking other users into getting infected.

Continue reading →

In light of the Coronavius pandemic, Microsoft has thrown a lifeline to people who are doggedly hanging on to older versions of Windows.

Some people running Windows 10 version 1803 (also called Windows 10 April 2018 Update) have been granted an extra six months of support.  Version 1803 of the operating system will now reach end of service in 2021 rather than this year, but the extension does not apply to everyone.

Continue reading →

I consider myself to be rather privacy conscious, but I am not overly paranoid. Do I want Google having microphones in my home? Not really, but the convenience of being able to summon the Google Assistant with my voice outweighs my concerns. And so, I have a few Google Nest devices in my home -- including a Nest Hub smart display in my bedroom. Ultimately, consumers need to weigh the pros and cons before putting, say, an Amazon Echo or Nest Mini in their homes.

Now, Google is partnering with some hotels to put Nest Hub smart displays in their rooms. In other words, when guests enter their room, they will be confronted by the smart device. While some privacy pundits will decry this partnership, I welcome it. First of all, the functionality does not require the guest to login -- it will work without that. While the Nest Hub smart display has a microphone, it can be totally disabled via a hardware switch. Best of all, Nest Hub has no camera, so there is no risk of it recording video of your... adult activities. The search giant promises no audio recordings are stored either. Seems all good to me!

Continue reading →

It’s not going to be too long until Microsoft starts to roll out Windows 10 20H2 to users -- in fact you can already install the feature update now, should you choose to.

Insiders that prefer to be on the cutting edge today get a new Dev Channel build to play around with, although this one is mostly about fixes and general improvements.

Continue reading →

The latest update to Chrome has rolled out, and Google has done a lot to improve and evolve the browser. The company says that there are massive improvements to page load times as well as improvements to resource usage by open tabs thanks to Tab Throttling.

But this is not the only change to come to tabs. Google has also made tabs touch-friendly, added tab previews, and introduced a new option to collapse grouped tabs to save space. This last option is currently in beta, however, and you'll have to enable hidden setting to enable it.

Continue reading →

Software development today usually involves the use of third-party APIs, libraries or frameworks that are complex, rapidly evolving, and sometimes poorly documented.

Security testing solutions company GrammaTech is launching its new Swap Detector, an open-source checker that detects application programming interface (API) usage errors.

Continue reading →

Personal data management software specialist Dataguise is launching a new system that enables organizations to report the impact of a data breach faster and more accurately than ever before.

GDPR requires reporting of breaches within 72 hours of becoming aware, and notifying affected individuals without delay. Dataguise is able to extrapolate the number of unique data elements in a data set quickly, with greater than 90 percent accuracy, using a patent-pending approach based on neural network technologies.

Continue reading →

IObit has released IObit Uninstaller 10, major new update of its uninstall tool for Windows. IObit Uninstaller aims to clean programs (including Microsoft Store apps) more thoroughly from your PC than the apps' own uninstallers by detecting leftover files and Registry entries.

Version 10 promises vastly improved uninstall speeds and better leftover detection, plus improvements to its Install Monitor component. In addition, Pro users gain better bundleware detection, and newly added support for removing over 40 stubborn programs.

Continue reading →

If you buy a new laptop nowadays, there is a good chance it will only have USB-C ports. If you still have older USB-A devices, what are you to do? Yeah, you can buy a USB-C to USB-A dongle, but with multi-port hubs being so affordable, you are better getting one of those. After all, they often have much more value, by offering things like video output and card readers too.

Today, popular company Plugable launches its latest portable USB-C hub (it can also be used at home too, of course). The 7-in-1 hub provides all the things you would expect, like USB-A ports, 4K HDMI, SD card readers, and pass through charging. While it lacks Ethernet, that won't really matter to those that only use Wi-Fi anyway. Best of all, it is extremely affordable -- you can get it right now for less than $25...

Continue reading →

The cloud is taking over the IT industry. Any organization housing a large amount of data or a large infrastructure has started moving cloud-ward -- and AWS rules the roost when it comes to cloud service providers, with its closest competitor having less than half of its market share. This highlights the importance of security on the cloud, especially on AWS. While a lot has been said (and written) about how cloud environments can be secured, performing external security assessments in the form of pentests on AWS is still seen as a dark art.

Hands-On AWS Penetration Testing with Kali Linux aims to help pentesters as well as seasoned system administrators with a hands-on approach to pentesting the various cloud services provided by Amazon through AWS using Kali Linux. To make things easier for novice pentesters, the book focuses on building a practice lab and refining penetration testing with Kali Linux on the cloud.

Continue reading →

Researchers at cloud security platform Armorblox have uncovered a phishing attack that seeks to steal Office 365 login credentials.

So far, so predictable. The clever twist here though is that the initial page victims are taken to via the email link is hosted on cloud file sharing service Box, followed by a credential phishing page that resembles the Office 365 login portal.

Continue reading →

Phishing is a problem that shows no signs of going away and indeed the COVID-19 pandemic has seen a new raft of malware and fraudulent emails seeking to trick the unwary.

Edison Software is launching a new AI-based email security subscription plan that can be added to the Edison Mail iOS app to help combat the threat.

Continue reading →