Latest Technology News

The latest report from JFrog looks at the most prevalent vulnerabilities in 2022 with an in-depth analysis of open source security vulnerabilities that have most impact for DevOps and DevSecOps teams.

The report shows that the severity of six of the top 10 CVEs was overrated, meaning they scored higher in the NVD rating than in JFrog's own analysis. In addition the CVEs appearing within enterprises most frequently are low-severity issues that were simply never fixed.

Continue reading →

Traditionally used by intelligence agencies and the military, the OSINT technique is used to gather information about people, organisations or companies from freely accessible sources, then analyse the data obtained and draw useful conclusions and information from it.

But IT security experts can also benefit from the technique to discover potential vulnerabilities and remediate them before they're exploited by attackers.

Continue reading →

Tomorrow, February 14, is Valentine's Day and this is the day Microsoft has chosen to finally break up with Internet Explorer 11.

As we reported towards the end of last year, Microsoft is releasing a software update that will permanently disable Internet Explorer 11 in Windows 10. Rather than being an update for Windows itself, Microsoft is instead pushing out an irreversible update to Microsoft Edge.

Continue reading →

Security failures happen. Unfortunately, in today’s always-on, highly digitized world, it is inevitable and a question of not if but when. We only need look at the news during the first few of weeks of 2023 to see several high-profile breaches reported, including T-Mobile and Mailchimp. The companies, its customers and its employees must remain on high alert in the coming months for increased phishing attempts from threat actors using credentials from the attack.

So many of these breaches get blamed on employees being socially engineered, highlighting the importance for employees to be more aware of their role in cybersecurity and for companies to have effective, thoughtful security training and intuitive security systems in place. Users are an organization’s biggest vulnerability; a well-known attack vector for data exfiltration that unfortunately cannot be completely closed. Today, organizations have a wide variety of users and any one employee, partner or supplier from any level within the company can present a vector through which a hacker can infiltrate the organization.

Continue reading →

Microsoft only recently updated its Linux-style package manager for Windows, WinGet, adding support for zip files. But at the moment, fans of the tool are reporting that it is not working, with many seeing "InternetOpenUrl() failed" errors.

The problem stems from something of an embarrassing SNAFU for Microsoft. The company appears to have forgotten to renew the SSL certificate for WinGet.

Continue reading →

There is something of a boom in PC peripherals and accessories brightened with RGB lighting. If you're a fan of such adornments, you'll be aware that the software used to control such lighting is very varied. But Microsoft is working on a solution.

Soon, Windows 11 users will be able to use in-OS settings to control RGB lighting, eliminating the need for third-party software. The feature is currently undergoing development and, while it is hidden away in Windows 11 build 25295 on the dev channel, there is a way to enable it right now.

Continue reading →

It isn't easy to stand out in the desktop PC market nowadays. I mean, we have seen it all already, right? What can possibly be done at this point? Well, Minisforum was able to surprise the world last year when it announced the AMD Ryzen 5 5625U-powered MC560. You see, this mini desktop PC has an integrated webcam. Yes, folks, a 2.5k camera is built into the desktop itself. Is that a smart design choice? Absolutely not. But hey, it is different!

Why wouldn't you want a webcam integrated into the desktop? Because now you have to keep the PC in front of your monitor to properly use the webcam. In other words, you can't hide the PC behind the monitor or under your desk, as that would block the webcam. Having a webcam on a cable that sits atop your monitor is obviously superior. You also can't easily unplug this webcam for added security/privacy. And no, it doesn't have a privacy cover.

Continue reading →

We’ve already had the first major API-related cybersecurity incident for 2023, and the year has barely started. The T-Mobile API breach exposed the personally identifiable information (PII) of 37 million customers. The API attack had been going on since November but was not discovered and disclosed until January 19, illustrating the threat of the "low and slow" approach of API attacks, which are increasing at a steady pace. Following research by Sam Curry that uncovered hundreds of API vulnerabilities in the automotive industry -- from Mercedes-Benz to Nissan to Kia to Ferrari and more -- it’s not surprising that 2023 has been dubbed "The Year of API Security."

Unfortunately, threats do not stop at API security. Today’s organizations -- and the world -- face inordinate security risks. What other threats and trends can we expect to see in the coming year?

Continue reading →

Microsoft has issued a warning to Windows 10 and Windows 11 users with system Intel GPUs. The company says that people who have installed November's cumulative update for Windows (the KB5019980 update) may experience issues if they also have certain versions of the Intel graphics driver installed.

The problems affect apps and games that make use DirectX or Direct3D to render content, and can cause apphelp.dll errors to appear.

Continue reading →

Microsoft has announced a big shakeup to the support and troubleshooting options that are currently available in Windows 11. The company says that over the course of the next three years, it will be gradually retiring the Microsoft Support Diagnostic Tool (MSDT) and MSDT Troubleshooters currently used by many people to diagnose and fix problems with the operating system.

The ultimate plan is to remove all existing troubleshooters and kill off the MSDT platform using an update for Windows 11. The changes are something that we've heard hints and rumors about previously, but now it has been confirmed. So, what does it mean for Windows users?

Continue reading →

Five-hundred-and-twenty-nine in a series. Welcome to this week's overview of the best apps, games and extensions released for Windows 10 and 11 on the Microsoft Store and elsewhere in the past seven days.

Windows users who think that Windows 11 is using too many resources may check out tiny11, a custom third-party build of Windows 11 that is said to run on only 8 gigabytes of disk space and 2 gigabytes of RAM.

Continue reading →

Developers need access to many devices and internal services in order to build software. But many of these devices and services are exposed to the public web, creating gaps in security.

Add in the challenges of securing remote working and it's clear that there's a tricky balancing act needed to enable development while keeping the organization secure. We spoke to Avery Pennarun, CEO and co-founder of VPN service Tailscale, to find out how this can be achieved.

Continue reading →

Reddit has fallen victim to a security incident that has been described as a "sophisticated and highly-targeted phishing attack". Hackers targeted employees of the site a few days ago, and were able to gain access to "some internal documents, code, and some internal business systems".

The unknown attackers sent Reddit employees "plausible-sounding prompts" leading to a website that cloned the behavior of the company's intranet gateway. While able to use an employee's credentials to steal data and code, user accounts are not affected.

Continue reading →

With Microsoft having changed its approach to releasing major updates to Windows 11, users are still familiarizing themselves with the idea of Moments. Moment 1 has already been released, adding tabs to Explorer and more.

We are still waiting for Moment 2 which is due to launch soon, but a new leak shows that Microsoft is already working away on Moment 4. For now, little is known about Moment 4, other than the fact that it is also known as Windows 11 23H2, and is being referred to internally as Sun Valley 3 or SV3.

Continue reading →

Windows 11 Insiders in the Dev Channel today get a new Windows 11 build to play around with. Build 25295 comes with a decent selection of fixes and improvements, but that’s not all.

There’s also a new commercial policy which makes it possible to enable features introduced via servicing that are off by default.

Continue reading →