Security News
Over three-quarters of employees want the option to work from home at least part-time. The ability to support a remote work program can help an organization retain employees and is a crucial component of a business continuity plan.
Remote Help relies on Azure Active Directory for that, showing the profile photo, company details, job title, email address and other information from Azure AD, so users know they can trust the person helping them, and IT staff know more about who they're helping, which may be useful for solving their problem. Remote Help uses Endpoint Manager's role-based access controls, so admins can manage permissions to choose who can help which users and what they can do.
Security researchers are warning that hackers can abuse online programming learning platforms to remotely launch cyberattacks, steal data, and scan for vulnerable devices, simply by using a web browser. DataCamp provides integrated development environments to close to 10 million users that want to learn data science using various programming languages and technologies.
Malicious individuals are using stolen personally identifiable information and voice and video deepfakes to try to land remote IT, programming, database and software-related jobs, the FBI has warned last week. Deepfakes are synthetic media - images, audio recordings, videos - that make it look like a person has been doing and saying things they haven't done or said.
Qualcomm knows that if it wants developers to build and optimize AI applications across its portfolio of silicon, the Snapdragon giant needs to make the experience simpler and, ideally, better than what its rivals have been cooking up in the software stack department. That's why on Wednesday the fabless chip designer introduced what it's calling the Qualcomm AI Stack, which aims to, among other things, let developers take AI models they've developed for one device type, let's say smartphones, and easily adapt them for another, like PCs. This stack is only for devices powered by Qualcomm's system-on-chips, be they in laptops, cellphones, car entertainment, or something else.
The Federal Bureau of Investigation warns of increasing complaints that cybercriminals are using Americans' stolen Personally Identifiable Information and deepfakes to apply for remote work positions. The public service announcement, published on the FBI's Internet Crime Complaint Center today, adds that the deepfakes used to apply for positions in online interviews include convincingly altered videos or images.
The latest version of the OpenSSL library has been discovered as susceptible to a remote memory-corruption vulnerability on select systems. OpenSSL 1.1.1 as well as OpenSSL forks BoringSSL and LibreSSL are not affected.
QNAP, Taiwanese maker of network-attached storage devices, on Wednesday said it's in the process of fixing a critical three-year-old PHP vulnerability that could be abused to achieve remote code execution. "A vulnerability has been reported to affect PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24, and 7.3.x below 7.3.11 with improper nginx config," the hardware vendor said in an advisory.
These attacks should be seen as a lesson that can inform future security strategies to mitigate ransomware risk. With organizations continuing to support remote and hybrid work, they no longer have the visibility and control they once had inside their perimeter.
Martin Herfurt, a security researcher in Austria, quickly noticed something odd about the new feature: Not only did it allow the car to automatically start within 130 seconds of being unlocked with the NFC card, but it also put the car in a state to accept entirely new keyswith no authentication required and zero indication given by the in-car display. "The authorization given in the 130-second interval is too general [it's] not only for drive," Herfurt said in an online interview.