Hackers crack business Chromebooks with SH1MMER tool
Hackers from The Mercury Group have developed the exploit SH1MMER that can "liberate" Chromebooks from business management functionality and limitations. Google is working with its hardware partners on a solution to fix it.
Specifically, SH1MMER is a modified Return Merchandise Authorization (RM... Read more
Horizon3 discovers new exploit VMware vRealize Log Insight
Security researchers from security testing organization Horizon3 have discovered a new exploit for VMware vRealize Log Insight appliances. This exploit combines a number of previously found and patched vulnerabilities into a new exploit that can remotely execute code as root.
Security specialist... Read more
Canonical officially introduces extra secure Ubuntu Pro
Canonical recently introduced Ubunto Pro. A version of the Linux distribution that can only be purchased in a paid subscription form. In exchange for that subscription, users get a more secure version of the Ubuntu operating system.
According to the Linux distributor, the now general availabili... Read more
Ransomware fatal for SMBs: security increasingly taken seriously
A successful ransomware attack is a nightmare for many businesses. For SMEs, it is even so dangerous that it can be fatal, according to many IT professionals. As a result, companies feel it is time to put security higher on the agenda and increase budgets, according to research by Datto. We dive a ... Read more
EU presents final text of NIS2 directive
The European Union recently published the final text of the updated Network and Information Security (NIS2) Directive. The directive, which will enter into force in three weeks, requires companies belonging to critical infrastructure to implement certain security measures.
The improved NIS direc... Read more
Cybercriminals sell data of 400 million Twitter users
Cybercriminals are selling the public and private data of 400 million Twitter users on a hackers forum. They are asking 188,000 euros ($200,000).
According to the security news website, cybercriminals, under the name Ryushi, have put the Twitter data up for sale on the hacking forum Breached. T... Read more
Google launches end-to-end encryption for Gmail web
Google recently announced end-to-end encryption for the web version of Gmail. The feature allows users to send and receive encrypted emails inside and outside their domains.
The update involves client-side encryption or E2EE. When enabled, the security feature ensures that sensitive data from an... Read more
GitHub introduces free secret scanning for all repositories
The new service allows developers to find exposed secrets and credentials.
In a move to secure the global software supply chain, GitHub plans to allow developers to scan their repositories for exposed secrets and credentials for free. The new service was announced in a Tweet this week.
Mariam... Read more
GitHub will require two-factor authentication from all users in 2023
The new policy applies to anyone who contributes code to the platform.
GitHub announced this week that it will require all users to enable two-factor authorization (2FA) by the end of 2023. To be clear, the policy will apply not just to developers who contribute code to the GitHub website, but t... Read more
Microsoft bans crypto mining from its online services
Microsoft quietly banned crypto mining activities in Azure, Office 365, Dynamics 365 and Power Platform.
Microsoft argues that preventing crypto mining preserves the performance of services for other customers and protects users from potential malicious activity associated with crypto mining.
... Read more