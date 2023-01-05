Read full article on original website
New GitHub code scanning tech should make it easier to spot security flaws
GitHub now allows developers to scan their code for the “default setup” repository, hopefully helping them to spot any security issues before they escalate. With this new feature, Github says developers (opens in new tab) will be able to configure the repository automatically, and with as little effort as possible.
What is a corporate VPN?
Maintaining a high level of security in today’s connected world is something that concerns us all. Even more so if you’re running a business or corporation, with the needs of employees and IT departments to consider in equal measure. Thankfully, the advent of the VPN (opens in new...
What is cloud VPN and why is its popularity on the rise?
A VPN (opens in new tab), or Virtual Private Network, is a method of maintaining privacy and increasing security while you’re online by routing traffic through an encrypted tunnel to a server. This is infinitely better than connecting directly to an Internet Service Provider and there are plenty of best VPN (opens in new tab) options when you’re looking too.
Is my VPN working?
There are several reasons to use a VPN (opens in new tab) while online. They range from a higher level of security particularly on public Wi-Fi, to bypassing a geo-restriction to stream video, or attempting to be more anonymous online. The overall theme is for better online privacy, hardly surprising given that it is part of the VPN’s name, as in a virtual privacy network.
Amazon S3 will now encrypt data by default
Amazon’s cloud storage Simple Storage Service (S3) now encrypts all new objects added on buckets server-side at no extra cost. In an announcement (opens in new tab) on the Amazon Web Services (AWS) blog, the company claimed that while encryption had always been easy to enable, administrators always had to be mindful of the feature, whereas now the encryption process is “zero click”, with no impact on performance.
JsonWebToken open source library has a significant security flaw
High-severity flaw was fixed in late December last year, but users still need to beware. The popular open source (opens in new tab) project JsonWebToken was carrying a high-severity vulnerability that allowed threat actors to execute malicious code on affected endpoints, remotely. A report from Palo Alto Networks’ cybersecurity arm,...
Identity thieves crack major Experian security flaw, access customer credit reports
The website of consumer credit reporting giant Experian carried a major privacy vulnerability that allowed hackers to obtain customer credit reports, and all it took was a little identity data (opens in new tab), and a little tweak to the address displayed in the URL bar, experts have revealed. Cybersecurity...
Malware campaign targets Kubernetes clusters
Microsoft’s cybersecurity researchers have revealed it spotted an uptick in the deployment of the Kinsing malware (opens in new tab) on Linux servers. As per the company’s report (opens in new tab), the attackers are leveraging Log4Shell and Atlassian Confluence RCE weaknesses in container images and misconfigured, exposed PostgreSQL containers to install cryptominers on vulnerable endpoints.
What are the pros and cons of cloud storage?
Cloud storage is pretty ubiquitous these days - in our personal and business lives. Since cloud computing started to enter the mainstream in the early 2000s, it has increasingly come to play a fundamental role in the digital landscape. Of course, cloud storage is just one aspect of cloud computing...
Unlimited cloud storage: 5 things you need to know
Cloud storage is now firmly entrenched in the business world. Particularly with hybrid working now hugely popular, the flexibility offered by the cloud - being able to retrieve, modify, and save documents from any device as long as you have an internet connection - is a significant benefit. Of course,...
PyPl has been found hosting AWS keys and malware once again
The popular Python package repository PyPI was found hosting AWS keys and malware (opens in new tab), putting countless Python developers at risk of serious supply chain attacks. The results come courtesy of software developer Tom Forbes, who built a tool using Rust which scanned all new packages on PyPI...
Microsoft snaps up Fungible for Azure cloud and data center boost
Microsoft has confirmed the acquisition of Fungible in the latest high-powered deal to boost its Azure cloud computing platform. Following December 2022 reports of a potential deal, and earlier suggestions of a failed Meta takeover, Microsoft has now confirmed (opens in new tab) its acquisition of the company in a move that will see it obtain the company’s high-efficiency, low-power data processing units (DPUs).
Microsoft has a new text-to-speech AI tool to wow and annoy us
Microsoft VALL-E What this means in simple forms is that the tool can now break down what makes a person sound the way they do, including phoneme and acoustic code prompts, thanks to Meta’s EnCodec, and generate a sound that mimics more closely what they person may sound like beyond the three seconds of sample voice recording. The early stages of VALL-E have been made possible by analyzing over 60,000 hours’ worth of English language voice recordings.
Google One hits a billion downloads
Google One, the tech giant's service expansion to its cloud storage platform, has passed one billion downloads on Android devices, the company has revealed. The storage app began life as a paid subscription service, expanding the storage capacity of Google Drive, but also provides users with more storage to use in Gmail and Google Photos.
Adobe is almost definitely using your content to train AI
Art and AI have been hitting the headlines again - but this time, it’s not about robot-generated masterpieces. Instead, it’s Adobe’s content analysis policy in the firing line. Social media users highlighted how the Photoshop developer uses content saved on its servers: it appears Adobe may be using it to train AI.
Russia hacker group hijacks USB attacks by other criminals
Turla, a known Russian threat actor allegedly tied to the Kremlin, was observed recycling a decade-old and defunct malware to gain access to endpoints in Ukraine and spy on its targets. A report by cybersecurity experts Mandiant found that in mid-2022, Turla was re-registering expired domains of Andromeda, a common...
