Sofia Elizabella Wyciślik-Wilson

In a recently published transparency report, Twitter has revealed figures that show a disappointing adoption of 2FA (two-factor authentication) by users.

While the number of users choosing to secure their account with 2FA is on the increase, it "remains relatively low", says Twitter. And we are talking low numbers here -- a mere 2.3 percent of the Twitter userbase is concerned enough about security to enable two-factor authentication.

Continue reading →

The development team behind Audacity learned the hard way that people do not take kindly to the introduction of telemetry, particularly when communication is poor.

Over the last few months, there has been a very public debacle involving Audacity's proposed changes to its privacy policy. It resulted in the software being branded "possible spyware" and led to explanations, apologies and backtracking. Now the team behind the open source audio editor has published its updated privacy policy along with a lengthy explanation about various elements of it and an apology for the "significant lapse in communication".

Continue reading →

In many regards, the move from Windows 10 to Windows 11 is not a massive one. While there are undeniably a lot of changes and additions -- both visible and under the hood -- the operating system still looks, feels and functions much as it has done for years.

But while it may seem that there's not much to learn, there are still elements of friction that gripe in Windows 11. The redesigned context menu is a good case in point, dividing users into those who love it and those who hate it. And then there is the Start menu. Of course, there is a new look here, but that's not the problem.

Continue reading →

It is now almost three weeks since the gigantic ransomware attack that exploited a vulnerability in Kaseya VSA remote management software. The attack affected millions of devices and the group behind it, REvil, had been demanding a $70 million ransom.

There had been great concern about the fall out from the attack due to the apparent disappearance of REvil which made it impossible for anyone willing to pay the ransom to do so. Now a universal decryption key has been obtained from a "trusted third party", giving victims the chance to regain access to their data without the need to part with any money.

Continue reading →

Backing up Android data is getting a whole lot easier as Google starts the roll out of Backup by Google One. The service makes it easy to backup everything from SMS, MMS and call logs, to Wi-Fi passwords and photos.

The company has not made a great deal about the rollout, making no announcement about it. This is perhaps understandable as it is essentially a consolidation and rebranding of a previously disparate selection of settings and tools.

Continue reading →

Twitter is experimenting with tweaking the Like button on tweets. In a test the company is running at the moment, some users are seeing Upvote and Downvote options in place of the more familiar heart icon for liking a tweet.

Different styles of button are currently being tested, but it seems that the experiment is more for the benefit of Twitter than Twitter users. The experimental feature is not the tweet editing option so many people have been begging for for so long, and nor is it -- Twitter is at pains to emphasize -- a "dislike" button.

Continue reading →

Security researchers from SentinelOne have uncovered an ancient vulnerability in the drivers used by printers from three big manufacturers.

The high-severity security vulnerability -- which is being tracked as CVE-2021-3438 -- affects drivers for HP, Samsung and Xerox printers and has evaded detected for 16 years. In all, around 400 printer models are at risk, leaving millions of printers exposed to the danger of the serious privilege escalation vulnerability.

Continue reading →

A vulnerability has been discovered in the Linux kernel that makes it possible to gain root access on a number of popular distributions, including Ubuntu, Debian and Fedora. The flaw has been named Sequoia, and it exists in the filesystem layer.

The security issue is thought to affect all versions of the Linux kernel released since 2014, meaning that a large number of distros are vulnerable. Specifically, the flaw is a size_t-to-int type conversion vulnerability that can be exploited to elevate privileges.

Continue reading →

A local privilege escalation vulnerability has been discovered in Windows 10 that can used to gain access to otherwise inaccessible areas of the registry. In turn, this access makes it possible to discover passwords, obtain DPAPI decryption keys and more. The problem also affects Windows 11.

Dubbed HiveNightmare (because of the access it allows to registry hives), the zero-day vulnerability comes hot on the heels of the PrintNightmare security flaw. While no patch is currently available, Microsoft has provided details of a workaround in the meantime.

Continue reading →

While there are a large number of changes and additions in Windows 11, it is the visual revamp that is what most people will notice first. But Microsoft's redesign of the operating system is about much more than just looks, as the company reveals in an exploration of the updated context menu and share dialog.

Right-click on a file or folder in Windows 11, and you will immediately be struck by the new context menu that appears. In a post on the Windows Developer Blog, Microsoft explains the thinking behind the restyling in terms of aesthetics, user-friendliness and modernization.

Continue reading →

Highlighting its readiness for Red Dead Redemption 2 and Chernobylite, NVIDIA has released its first Windows 11-compatible GeForce driver. The release sees NVIDIA Following in the footsteps of Intel which released its first Windows 11 driver very recently.

The latest driver from NVIDIA -- the GeForce Game Ready 471.41 WHQL driver -- also adds support for two new G-SYNC Compatible gaming monitors and 13 new GeForce Experience Optimal Playable Setting profiles.

Continue reading →

Microsoft has eliminated one of the reasons for people to upgrade to Windows 11 later in the year. The company has revealed that DirectStorage -- the storage technology behind Xbox’s Velocity Architecture -- will also be available in Windows 10.

The launch of Windows 11 has already been mired in poor communication in relation to hardware requirements, and it's not clear if the apparent change of heart with DirectStorage in Windows 10 is down to continued weak messaging, or if the company has performed a U-turn based on feedback from disgruntled gamers. Either way, anyone choosing to stick with Windows 10 will benefit from DirectStorage, although it will be a lesser experience than in Windows 11.

Continue reading →

It is far from uncommon for software companies to be a little vague when it comes to releases dates. By keeping their cards close to their chest, any delays in launches can be overlooked on the basis that if no release date has been announced, it can't be missed.

And so with Windows 11. When Microsoft announced the upcoming operating system we were simply told that it would be ready in time for the holiday season. However, there have been hints, rumors and suggestions that Windows 11 will launch in October, and this has been further hinted at by documentation from Intel.

Continue reading →

Security researchers have shown that it is possible to bypass the biometric security of Windows Hello. Using a fake web, the CyberArk Labs research team was able to fool the facial recognition component of Windows Hello to send infrared images.

Windows Hello requires a camera with RGB and IR sensors, but the security tool actually only uses IR imagery. Using a custom USB device, hackers can manipulate the stream of data that is sent, injecting IR imagery of an authorized user.

Continue reading →

The US, UK and other allied nations have accused the Chinese Ministry of State Security of engaging in a global hacking campaign. Included in this was an attack on Microsoft Exchange servers earlier in the year, and other activity that has been described as "irresponsible and destabilizing behavior in cyberspace".

China has been called on to "end this systematic cyber sabotage", and a statement issued by the White House said that "an unprecedented group of allies and partners are joining the United States in exposing and criticizing the PRC’s malicious cyber activities".

Continue reading →