Microsoft blocks Windows Defender ability following major security concerns

Microsoft has blocked the ability to download files using Windows Defender after it was shown how easily it could be used by attackers to install malware onto a computer.  Earlier this year, for reasons yet unclear, Microsoft discreetly added the ability to download files using Windows Defender. When this was publicly recognized, there was grave concern from […]

Windows 10 themes can be abused to steal passwords

Security researcher Jimmy Bayne (@bohops) has revealed that specially crafted Windows themes can be used to perform Pass-the-Hash attacks and steal passwords. Pass-the-Hash attacks are used to steal Windows login names and password hashes by tricking the user into accessing a remote SMB share that requires authentication. A theme’s settings are saved under the %AppData%\Microsoft\Windows\Themes folder as a […]

Web security is improving, but so much more to be done

A much-anticipated report from Rapid7, a cybersecurity company based in Boston USA, revealed “frankly shocking” news concerning the current global state of security on the Internet in the wake of the Covid-19 pandemic.  According to the massive cross-industry study, completed in the summer of 2020, the findings revealed that despite enormous security problems from the […]

Google’s Android Lockbox spying competitor apps

Revelations have emerged from reported sources that Google is spying on how people interact with rival Android apps. The report mentions how Google is monitoring users interactions with non-Google apps via an internal program and utilizing the data to improve its own products. According to a startling report in The Information, a program called Android Lockbox gives […]

Developers ignoring software testing automation

A tough, agile system strategy is critical to all organizations but, according to a new survey, less than 80% of developers are automating fewer than half their tests. Proper software testing ensures the launch of a new software system can implement smoothly and is an essential tool for project managers. The operation of any software […]

28 Antivirus products affected by symlink race bugs

According to a report published this week by security researchers from RACK911, “symlink race” vulnerabilities were found in 28 of today’s most popular antivirus software. RACK911 Labs reports how they came up with a simple method of using directory junctions (Windows) and symlinks (macOS & Linux) to exploit the most popular antivirus programs. A symlink […]

EU approves bug bounty programs for 15 open source projects

The European Union will be funding bug bounty programs for 15 open source projects starting January 2019, announced EU Parliament Member Julia Reda. The initiative is part of the third edition of the Free and Open Source Software Audit (FOSSA) project, and targeting some major Open Source projects in the market. The FOSSA project came […]