Children can access sexual material and experience online grooming on the metaverse, according to an investigation by BBC News
Monthly Archives: February 2022
NCSC Issues First-Ever Cybersecurity Guidance for the Construction Industry
The document offers practical advice for construction firms on protecting their businesses and building projects
Microsoft updates security applications for multicloud environments
In an effort to update its security applications for CSOs that are increasingly responsible for securing multicloud environments, Microsoft is releasing new visibility and control features for software, workloads, devices, and digital identities accessing or running on hybrid computing infrastructure.
The updates, announced Wednesday, include the extension of Microsoft Defender for Cloud to support the Google Cloud Platform (GCP); a new version of the permissions management platform acquired from CloudKnox in July 2021; enhanced data analysis and archiving features for Microsoft’s Sentinel SIEM (system information and event management) application; as well as new identity management, compliance and payment capabilities for Azure and Azure Active Directory (AAD).
Bypassing Apple’s AirTag Security
A Berlin-based company has developed an AirTag clone that bypasses Apple’s anti-stalker security systems. Source code for these AirTag clones is available online.
So now we have several problems with the system. Apple’s anti-stalker security only works with iPhones. (Apple wrote an Android app that can detect AirTags, but how many people are going to download it?) And now non-AirTags can piggyback on Apple’s system without triggering the alarms.
Apple didn’t think this through nearly as well as it claims to have. I think the general problem is one that I have written about before: designers just don’t have intimate threats in mind when building these systems.
cyrus-sasl-2.1.27-9.fc34
FEDORA-2022-8cc64f73d0
Packages in this update:
cyrus-sasl-2.1.27-9.fc34
Update description:
Security fix CVE-2022-24407 (#2057334)
cyrus-sasl-2.1.27-14.fc35
FEDORA-2022-f9642fab70
Packages in this update:
cyrus-sasl-2.1.27-14.fc35
Update description:
Security fix for CVE-2022-24407 (#2057334)
cyrus-sasl-2.1.27-18.fc36
FEDORA-2022-e33e824d37
Packages in this update:
cyrus-sasl-2.1.27-18.fc36
Update description:
Security fix CVE-2022-24407 (#2057334)
EU Deploys Cyber Response Unit to Ukraine
Microsoft changes default settings to improve network security
Microsoft changes default settings for a variety of reasons, but some recent key changes will keep us safer from attacks, specifically ransomware. This includes blocking macros by default, limiting native tools used by attackers, and activating Credential Guard by default.
Blocking Office 365 macros
The first major change in an Office 365 default blocks internet macros by default. Launching malicious macros is a common way that attackers can gain access to computer systems and launch lateral attacks. Specially, Visual Basic Application obtained from the internet will be blocked by default. Setting this as the default will mean that you’ll be better protected. If you’ve downloaded macro-based templates from websites, mark these files as trusted and remove the “mark of the web” from the files to ensure that they continue to work.