Search Results for: xp

Google has issued an emergency update for Chrome which should be installed as soon as possible to plug a vulnerability known to be under active exploitation. The update is available for Windows, macOS and Linux.

In releasing Chrome v112.0.5615.121 for desktop to the stable channel, Google addresses the high severity CVE-2023-2033 as well as issuing other fixes. Described as a "type confusion in V8 in Google Chrome", CVE-2023-2033 is being exploited in the wild, hence the need for the emergency patch.

Continue reading →

Arriving just in time for the weekend, the latest Windows 11 flight for Insiders in the Dev Channel comes with a new feature which will be appreciated by a lot of users.

Build 23435 introduces Gallery, a new addition to File Explorer, which is designed to make it easier to browse your photo collection.

Continue reading →

According to Forrester, nearly two-thirds of organizations (63 percent) were breached by ransomware in 2021, up 4 percent from the previous year. Recovery was a long, hard road for many of those enterprises -- while for others, the downstream effects of ransomware were ultimately insurmountable. The alarming rise in ransomware must guide IT leaders' cybersecurity decisions in 2023.

Why is ransomware on the rise? For one, bad actors are becoming far more advanced and prolific. Ransomware gangs continued to make headlines in 2022 for their high-profile attacks and advancements in post-breach encryption. On the other end of the spectrum, the barrier to entry for ransomware is lower than ever before. Ransomware as a service (RaaS) -- which allows bad actors to deploy ransomware for a fee -- has ushered in a new generation of hackers who can target enterprises of all sizes despite their relative inexperience with cybersecurity protocols.

Continue reading →

New research reveals that a small volume of security exposures can put more than 90 percent of an organization's critical assets at risk of compromise.

The analysis of more than 60 million exposures in over 10 million entities from XMCyber, in collaboration with the Cyentia Institute, finds just two percent of security exposures can actually lead to critical assets and most exposures (75 percent) along attack paths lead to 'dead ends'.

Continue reading →

A breach of the Kodi user forum has exposed the personal data of over 400,000 users. The web-based MyBB admin console was accessed -- on February 16 and February 21 2023 -- and the team says it first became aware of this when a dump of the forum's database was found for sale on an internet forum.

The database dump contains a wide range of user data, including names, email addresses, IP addresses, and passwords. The data was accessed using the account of a trusted but currently inactive member of the forum admin team.

Continue reading →

Windows Insiders have been made to wait all week for a new Windows 11 build, but arriving in time for the weekend comes a new flight on the experimental Canary Channel.

Build 25336, which is also available for Insiders with Arm64 devices, comes with a couple of changes and improvements.

Continue reading →

For the past few months, the tech -- and tech-adjacent -- world has been fascinated by ChatGPT. A generative artificial intelligence (AI) tool that has been open for public use since late 2022, it’s designed to interact with humans to answer questions or develop content based on a prompt written in simple, conversational English rather than a complex data query.

ChatGPT has been used to write Valentine’s Day poems, plan a Thanksgiving menu and write other humorous outputs. It also has quickly become a research hub, programming tutor and source for writing inspiration. Famously, a leading tech news site used ChatGPT to write some of its articles, to varying degrees of success.

Continue reading →

As well as releasing a new Windows 11 build for Insiders in the Dev Channel, Microsoft today also introduces a new flight to its experimental Canary Channel.

Build 25330 won’t be offered to Insiders with Arm64 devices, and it comes with a selection of changes and improvements.

Continue reading →

It is no secret that the web browser is becoming an increasingly popular target for cybercriminals looking to compromise an endpoint to gain entry to a network. The increased business use of the browser (remote work) on networks that lack the perimeter security infrastructure of traditional campus networks has made them easier to exploit. In recent months, we have seen an increase in cyberattacks and data leaks caused by browser-related security incidents, including a data breach caused by a phishing attack on Dropbox that gained the hacker access to over 100 of the company’s code repositories in November, and December’s CircleCi breach resulting from an infection of information-stealing malware.

Highly Evasive Adaptive Threats, or HEAT attacks, are a new spin on existing browser exploit techniques that make them much more dangerous. These attacks exploit browsers by leveraging features and tools to bypass traditional security controls and then attack from within, including compromising credentials or deploying ransomware. Comprised of known tactics such as phishing messages, HTML smuggling and dynamic drive-by downloads, these attacks frequently target SaaS applications and other web-based tools that are critical to productivity.

Continue reading →

Microsoft Snipping Tool utility has been found to have a vulnerability that means that screenshots that have been cropped can be very easily uncropped, potentially exposing sensitive information.

The Snipping Tool is one of the most useful tools to be found in Windows 11, making it easy to take a variety of screenshots -- and, more recently, record screen activity -- without the need for third-party software. But the way in which the app crops images means that edited images are really just the original screengrab; 'cropped' parts are simply hidden and easily restored.

Continue reading →

Microsoft today took the wraps off Microsoft 365 Copilot, a new tool that combines the power of large language models (LLMs) with business data and Microsoft 365 apps.

Currently in testing with select commercial customers, Microsoft says that Copilot isn’t just a better way of doing the same things, it’s "an entirely new way of working".

Continue reading →

A new study reveals that 61 percent of mid-sized businesses don't have dedicated cybersecurity experts in their organization.

The research from managed security platform Huntress also shows 24 percent of mid-sized businesses have suffered a cyber attack or are unsure if they have suffered a cyber attack in the past year.

Continue reading →

A new survey of 100 chief data officers (CDOs) and chief data analytics officers (CDAOs) at companies with $1B+ in revenue shows that 95 percent say their company leadership expects investments in AI and ML applications will result in a revenue increase.

The study for Domino Data Lab, carried out by Wakefield Research, shows 67 percent are adopting a more offensive data policy seeking to drive new business value with analytics, ML and AI applications.

Continue reading →

The latest Identity Exposure Report from SpyCloud shows that last year its researchers recaptured 721.5 million exposed credentials from the criminal underground, and found over 22 million unique devices infected by malware.

Of the exposed credentials recovered by SpyCloud, roughly 50 percent came from botnets, tools commonly used to deploy highly accurate information-stealing malware. These infostealers enable cybercriminals to work at scale, stealing valid credentials, cookies, auto-fill data, and other valuable information to use in targeted attacks or sell on the darknet.

Continue reading →

When Twitter announced that it was ending free access to its API, it said nothing about what the new pricing structure would look like. But now the company has finally revealed the price tags for different tiers of access -- and it is worse than anyone predicted.

In all, there are now three tiers to choose from, each allowing for different numbers of tweets and giving varying levels of access. The cheapest, the Small Package tier, costs a staggering $42,000 per month (or just over $0.5 million per year), while the Large Package costs an eye-watering $210,000 per month (or a shade over $2.5 million per year).

Continue reading →