Security News
Security, an Israel-based company that has been developing an authorization policy management platform, emerged from stealth mode on Wednesday with $6 million in seed funding. Security's platform, which the company expects to become generally available in the second or third quarter of 2021, is described as an authorization policy management platform powered by the open source authorization engine Open Policy Agent, and it aims to help developers address the challenges associated with implementing role-based access controls and attribute-based access controls in enterprise applications.
The Register has read it and can report that while it reveals that Coil seeks permission to share users' details with service providers, partners, and "Related entities". We cannot find a clause that resembles: "We reserve the right to expose your email address to countless other Coil users in the 'To:' field of an email."
Microsoft has added a new group policy in Windows 10 20H2 that allows you to disable a new feature that customizes the taskbar based on what accounts or devices you have. In the Windows 10 Insider Build 20161, Microsoft introduced a new feature called "Programmable Taskbar" that customizes the Windows 10 taskbar when logging into an account for the first time.
To be fair, Microsoft did revise and upgrade the default password policy and introduced additional, granular fine-tuning options over the years, but for some enterprise environments that's still not enough, so Specops Password Policy to the rescue! For the purpose of this review, the installation was done on a server containing all necessary services: Specops Sentinel - a password filter that is installed on all domain controllers, and Specops Password Policy admin tools.
One policy expert says cybersecurity measures should be an expected item that comes with every purchase, like the safety measures in your car. TechRepublic's Karen Roby talked with Fred Cate of Indiana University about cybersecurity and the importance of cybersecurity policy in government.
Professor and cybersecurity policy expert says it should be something that is already in place with each purchase or subscription.
The Iran-linked state-sponsored threat group known as Charming Kitten was observed targeting potential attendees of two major international conferences, Microsoft reports. Recently observed attacks, Microsoft says, targeted over 100 high-profile individuals, potential attendees of two upcoming global policy conferences, namely the Munich Security Conference and the Think 20 Summit, which is held in Saudi Arabia.
The NSA has long sought agreements with technology companies under which they would build special access for the spy agency into their products, according to disclosures by former NSA contractor Edward Snowden and reporting by Reuters and others. These so-called back doors enable the NSA and other agencies to scan large amounts of traffic without a warrant.
Facebook has implemented a fresh security vulnerability disclosure policy this week - in an effort to explain how it decides when and how to roll out details on various bugs that its team finds in third-party software and open-source projects. If Facebook determines that disclosing a security vulnerability sooner "Serves to benefit the public or the potentially impacted people," it may pull the rip cord on disclosure: For instance, if a bug is being actively exploited in the wild.