Security News

With Windows, you've got an almost limitless number of free, open-source and paid apps to customize the appearance of desktop. In this article, we're going to share a list of open-source and free tools to change the desktop wallpaper animation when you move your cursor, add support for widgets, and more.

Password Auditor does what its namesake implies by scanning all user accounts within your environment to detect leaked passwords. Specops maintains a dictionary of compromised passwords; should any user passwords match, Password Auditor highlights them within the tool.

Offensive Security has released Kali Linux 2021.1, the latest version of its popular open source penetration testing platform. A few of the terminals have also been tweaked to - as the developers noted - "Kalify" them.

Kroger became the latest major company to announce a data breach, acknowledging in a statement that information from some current and former employees as well as customers of Kroger Health and Money Services were impacted by an attack on a third-party file transfer tool from Accellion. The company said it is in the process of contacting victims but confirmed that none of its IT systems or any grocery store systems or data were affected by the breach.

"If you want to build a new BI product, the first feature you build is export to Excel," jokes Arun Ulag, CVP of Microsoft Power BI. "People want to be able to work with data in the tools that they use." he adds. So Power BI will now use sensitivity labels from Microsoft Information Protection to protect information in Power BI Desktop, in the Power BI service and when reports are exported to Excel, PowerPoint or PDF. This will allow you to use the same data security policy, compliance and auditing tools for Power BI as for Office.

Security analysts are becoming less productive due to widespread "Alert fatigue" resulting in ignored alerts, increased stress, and fear of missing incidents, according to an IDC survey of 350 internal and MSSP security analysts and managers. "To solve these challenges, analysts are asking for advanced automation tools, like Extended Detection and Response, which can help reduce the fear of missing incidents while strengthening their SOC's cybersecurity posture."

How it gets onto servers is unclear though systems infected by Kobalos have their SSH client tampered with to steal usernames and passwords, and presumably server addresses, that are typed into it. These details could be used by the malware's masterminds to log into those systems to propagate their malware.

Learn how to use the Homebrew package manager to install post-exploit security tools on macOS to further assess compromised system vulnerabilities found in your Apple equipment. The collection of tools listed here may be used as standalone tools or in conjunction with other tools and kits to provide a broad or granular landscape of a particular system or the entire network of hosts.

Two major browsers -Microsoft Edge and Google Chrome - are rolling out default features, which they say will better help notify users if their password has been compromised as part of a breach or database exposure. Microsoft on Thursday said that its next version of Edge will generate alerts if a user password is found in an online leak.

Just because an admin needs access to one system setting, database or network doesn't mean they need access to all of them; applying role-based security permissions to your IT team makes as much sense as not giving receptionists access to the build tree for your internal applications. While having privileged admin access is convenient, if there's a data leak, a database admin would much rather be able to say that the contents of the database are encrypted so they can't have seen anything than to try and prove they didn't copy data they didn't need to have access to in the first place.