• Article

A security researcher has not only discovered a vulnerability in the virtualization tool VirtualBox, but has released details of the exploit and a step-by-step guide to the zero-day vulnerability.

Russian exploit developer Sergey Zelenyuk found a way to break out of VirtualBox's virtual environment and he chose to go public with the vulnerability because of his displeasure at the "contemporary state of infosec, especially of security research and bug bounty". Having told Oracle about the problem, he also tired of the "delusion of grandeur and marketing bullshit" he experienced in the infosec community.

Continue reading →

According to a new study, 78 percent of people would stop engaging with a brand online and 36 percent would stop engaging altogether if the brand had experienced a data breach.

The research by Ping Identity looks at consumer attitudes and behavior in the Post-Breach Era and reveals that people are more willing to make changes to the ways they interact with companies and secure their own personal data following a breach.

Continue reading →

In a move to better protect accounts, banks, retailers and service providers are increasingly looking to methods of authentication beyond the password.

Behavioral analytics specialist BehavioSec is launching an updated version of its platform, allowing it to detect the suspicious use of attack obfuscation techniques, including the use of VPNs and TOR-routed traffic during login attempts and sessions.

Continue reading →

Enterprises identify 870 unique vulnerabilities on their systems every day, on average. Of those, more than 100 are rated as critical on the common vulnerability scoring system (CVSS) according to a new report.

The Vulnerability Intelligence Report from cyber risk company Tenable is based on analysis of anonymized data from 900,000 vulnerability assessments across 2,100 enterprises.

Continue reading →

Google will pay Apple $9 billion this year to remain the default search engine in the iPhone’s Safari browser, according to one Goldman Sachs analyst. That’s a hefty expense for Google, but will Apple end up paying the price when it comes to business messaging?

According to Goldman Sachs analyst Rod Hall, Apple charges Google based on the number of searches iPhone users perform using Safari or Siri.

Continue reading →

I often speak with IT decision makers who want advice on what tool to buy to make their shop more "DevOps." My advice to them is not to buy anything.

DevOps isn’t something you triumphantly stick a flag in or acquire through tooling purchase or corporate acquisition. DevOps is the active intersection of frequent value delivery, frequent team communication, and frequent gap reduction between paying customers and the dev team.

Continue reading →

Spending on security technology continues to soar. Nevertheless, data breaches and cyberattacks continue to make headlines at an incredible rate, with no relief in sight. The Online Trust Alliance reported that attacks in 2017 came from a myriad of vectors, such as phishing and ransomware, and that the number of attacks doubled to nearly 160,000 incidents per year over 2016. What’s worse, estimates for the number of unreported attacks exceed 350,000 annually.

While enterprises typically dominate the headlines, organizations of all sizes are affected by cyber incidents. A recent Ponemon study showed that two-thirds of small and mid-sized businesses reported that threats evaded their intrusion detection systems, and more than half of the companies said they were attacked by ransomware more than twice during the last year. There is no dispute that the number of vulnerable endpoints and the complexity of threats will continue to increase, and limited IT budgets and overstretched staff will remain an industry-wide problem. It’s clear that companies need to adopt new approaches to stay ahead of cyberattacks.

Continue reading →

Today is a very important day in the United States -- Election Day! Yes, across this great nation, citizens will be casting votes for all sorts of things, such as senators, governors, and various initiatives. Make no mistake, however, just like in 2016, the 2018 elections are all about Donald Trump. We will see whether the country approves or disapproves of the president's performance based on tonight's results. In other words, if the fabled "blue wave" comes to fruition -- meaning Democrats win a lot of seats -- it could prove disastrous for Trump's legacy and possible re-election hopes.

In my area of Long Island, the polls opened at 6am, and I was the second person to vote -- only one gentleman was there before me. In other words, I was passionate and eager to make my voice heard, so I got there very early. There are expectations that I am not alone in my excitement -- many are predicting a huge turnout this year. Later tonight, it will be fun to tune into TV to watch the results announced live, but if you will be away from home do not panic -- there will be plenty of live coverage on YouTube.

Continue reading →

Dropbox has just announced a new feature that makes it possible to edit your files online without the need to download them first. Dropbox Extensions give you the ability to edit a number of file types without the need to ever navigate away from Dropbox.

The company has formed partnerships with a number of third parties including Adobe, Pixlr and Vimeo to give Dropbox users the option of editing images online, signing PDFs, annotating videos, and much more. Dropbox says the aim of the new integrations is to improve users' workflows.

Continue reading →

Improving your system productivity is essential for getting work done more swiftly. With this in mind, many of us turn to all-in-one maintenance tools so we can optimise our computer, clean junk and fully remove installed applications. It’s just easier to own one tool to perform all your key tasks.

Parallels recently launched Toolbox for Mac which offered a number of system tools from a handy drop-down menu. Frankly, when the first Toolbox was released, it offered little more than what was already available in macOS. You could quickly take a screengrab, record your screen, create an archive and more.

Continue reading →

Storing files in the cloud means they are easily accessible from anywhere, but if you have private data that you can’t afford to fall into the wrong hands, this might not be the best option for you, especially given the number of data breaches we see on a regular basis.

An alternative option is to carry those files with you on a USB flash drive, protecting them with encryption. While software encryption methods are better than nothing, a hardware encrypted solution, like the Aegis Secure Key 3NX, is a much more advisable choice.

Continue reading →

Fedora is the best desktop Linux distribution for many reasons. Not only is it fast and reliable, but it is constantly kept up to date with fairly bleeding edge packages. Not to mention, it uses the greatest desktop environment, GNOME, by default. Most importantly, it respects and follows open source ideology. It is a pure Linux and FOSS experience that is an absolute joy to use. It's no wonder Linus Torvalds -- the father of Linux -- chooses it.

With all of that said, Fedora didn't get great overnight. It took years of evolution to become the exceptional operating system it is now. In fact, today, we celebrate the Linux distribution's 15th birthday! Yes, it was way back in 2003 when Fedora Core 1 was released to the world, forever changing the course of history for the better.

Continue reading →

Despite almost half of US consumers (49 percent) believing their security habits make them vulnerable to information fraud or identity theft, 51 percent admit to reusing passwords and PINs across multiple accounts.

According to a new fraud awareness survey by information destruction company Shred-it, 39 percent of consumers have been a victim of fraud or identity theft, and 27 percent admit that they don't know how to find out if they've become a victim.

Continue reading →

Microsoft has embraced Linux more and more over the years, and the latest demonstration of this is the company's decision to port the free Sysinternals utilities to work on the platform.

The first tool to make its way to Linux is ProcDump, which can be used to create crash dumps. While not as feature-rich as the Windows version, the Linux port is still a valuable tool. And, importantly, there are more Systinternals tools making their way to Linux.

Continue reading →

Every so often Google starts to feel a little generous and decides to give things away. It's happening again, and you might just find that you've been given a few dollars in free credit to spend in the Play Store.

Seemingly at random, Google is handing out between $1 and $5 to Android users -- so you should check to see if you're one of the lucky ones.

Continue reading →