Security News

The Commerce Department's Bureau of Industry and Security today announced new controls that would ban U.S. companies from exporting and reselling software and hardware tools that could be used to fuel authoritarian practices through malicious hacking activities and human rights abuse.The rule will become effective in 90 days and will effectively ban the export of "Cybersecurity items" for National Security and Anti-terrorism reasons.

Microsoft is updating Microsoft 365 to allow admins to better manage insider security threats in their environments with improvements to risky activity detection and visibility. Insider Risk Management enables Microsoft 365 cloud services platform customers to detect, investigate, and remediate insider security threats within their organizations across Office, Windows, Azure, and third-party apps like HR systems.

79% of database professionals are now using either paid-for or in-house monitoring tools, a survey from Redgate Software has shown. This is an increase of 10 percentage points from the same survey last year and, at the same time, the 86% satisfaction rate with paid-for monitoring tools is also an all-time high, up 18 percentage points on the previous year.

77% of Americans believe their company has gaps in its current security tools, according to Lynx Software survey findings. The results found that 89% are concerned about external security threats to their company, and nearly the same amount, 86%, are concerned about threats from inside.

Kali Linux 2021.3 was released yesterday by Offensive Security and includes a new set of tools, improved virtualization support, and a new OpenSSL configuration that increases the attack surface. Kali Linux is a Linux distribution designed for cybersecurity professionals and ethical hackers to perform penetration testing and security audits.

Offensive Security has released Kali Linux 2021.3, the latest version of its popular open source penetration testing platform. OpenSSL has been configured for wider compatibility, allowing the use of legacy protocols, meaning that Kali can now talk to older, legacy systems that use them.

The TeamTNT malware pushers have a slew of new toys with which to wreak havoc - multiple shell/batch scripts, open-source tools, a cryptocurrency miner, an IRC and more - that have inflicted more than 5,000 infections globally as antivirus tools struggle to catch up with the newest malware. TeamTNT typically uses open-source tools for its dirty work.

According to the research, almost all of the IT and security leaders surveyed reported that their organizations are likely to start taking the steps needed to overcome these issues by enhancing their machine identity management approach, but these leaders also expect to face challenges. According to Gartner, "Digital transformation has led to an explosion in the number of machines - such as workloads, code, applications and containers - that need to identify themselves and communicate with each other. As a result, several technology providers have built tools that can help clients discover and manage machine identities across hybrid and multicloud environments. Managing machine identities has become critical, as nonhuman entities are now at the leading edge of digital transformation."

You need to analyze many potential entry points, attack paths, and data exfiltration tactics to reveal the scope of what took place-all while the culprits are potentially taking steps to cover their tracks. The attacker might then use stolen user credentials to move laterally throughout the network, finally launching a DCShadow attack that uses replication permissions to imitate a domain controller and make changes to Active Directory.

Windows 10 comes with built-in personalization settings to help you customize the desktop and it provides plenty of options by default. Unlike Windows Search, Fluent Search offers accurate results and it lets you jump easily between running apps and browser tabs.