Security News
YouTube is currently running what it describes as a "Small experiment globally," warning users to toggle off their ad blockers and avoid being limited to only three video views. As first spotted by a Reddit user on Wednesday, YouTube now displays a pop-up that notifies ad blocker users targeted by this test that "Video player will be blocked after 3 videos."
YouTube is running an experiment asking some users to disable their ad blockers or pay for a premium subscription, or they will not be allowed to watch videos. Upon receiving this notification, users will have two options: either disable their ad blocker to allow YouTube ads or consider subscribing to YouTube Premium to get rid of all advertisements.
Microsoft is testing new ads in the Windows Start menu, or what it describes as "New treatments," for users logged into local accounts as part of a "Badging" expansion. "We are continuing the exploration of badging on the Start menu with several new treatments for users logging in with local user accounts to highlight the benefits of signing in with a Microsoft account," said Microsoft's Amanda Langowski and Brandon LeBlanc.
Microsoft will start testing Bing Chat tones, enabling users to switch between receiving answers that are either more creative or more focused on their queries. We are "Going to begin testing an additional option that lets you choose the tone of the Chat from more Precise - which will focus on shorter, more search focused answers - to Balanced, to more Creative - which gives you longer and more chatty answers," the Bing Team said.
Microsoft is testing a new diagnostic tool in Windows 11 that lets you create live kernel memory dumps without disrupting the operation of Windows. A live kernel dump is a snapshot of the kernel's memory at the time of the dump, which is then saved to a file.
CI Fuzz CLI, the open-source Command-Line Interface tool from Code Intelligence, now allows Java developers to easily incorporate fuzz testing into their existing JUnit setup to find functional bugs and security vulnerabilities at scale. CI Fuzz CLI, available on GitHub, leverages genetic and evolutionary algorithms and automated instrumentation to dynamically generate millions of unusual inputs to test Java applications for unexpected behaviors that may lead to crashes, DoS or zero-day exploits.
So how do you go about getting an external penetration test? Scheduling an external pentest should be as simple as asking your managed service provider or IT consultancy, and pointing them at your perimeter systems. An external pen test is normally run on a "Black Box" basis, which means no privileged information is provided to the testers.
Google has announced more details regarding turning off support for the Google Chrome Manifest V2 extension as the company pushes more developers to transition to Manifest V3. An update from the Chrome team says that they will proceed in careful, experimental steps, ensuring a smooth end-user experience during the phase-out of Manifest V2 in June 2023. In January 2022, the Chrome Web Store stopped accepting new extensions built on Manifest V2. According to the original roll-out timeline released by Google a year ago, starting from January 2023, all extensions built on Manifest V2 would stop working on the Chrome browser.
Google's open source security team says OSS-Fuzz, its community fuzzing service, has helped fix more than 8,000 security vulnerabilities and 26,000 other bugs in open source projects since its 2016 debut. The group would like to see open source developers do more fuzzing to make the world a better place, or at least make software a bit more secure.
Offensive Security has released Kali Linux 2022.3, the latest version of its popular penetration testing and digital forensics platform. The Kali Team knows the importance of practicing instead of relying on theory, and for infosecurity professionals, test labs are a way to test tools and hone their own skills in a legal environment.