Recently Browsing 0 members
No registered users viewing this page.
by Razvan Serea
WinLock ensures that only authorized people can access sensitive information on your computer. With WinLock you can control how long others can use your computer. It runs from the system tray and requires a password to gain access to the available settings. It loads automatically with Windows and allows you to add an optional startup message, provide audio notification, and set the time limit. Once that limit is reached, Windows is summarily shut down. You can toggle the timer on and off from the tray. When enabled, there is no way around it without the proper password.
WinLock also allows to disable Windows hot keys (such as Alt-Ctrl-Del, Alt-Tab, Ctrl-Esc, etc.), lock Windows desktop, customize Start menu, hide Start button and Switch bar, and much more...
Block Windows and Lock Files features allow to block virtually any application or any part of it (window, popup message, dialog box), Explorer Windows (My Computer, Recycle Bin etc.), and lock selected files. Restricted sites feature filters Internet content and prohibits access to questionable websites.
WinLock is available in two editions: Standard and Professional. WinLock Professional offers all features of the WinLock, plus several advanced security capabilities of interest to the professional users. The advanced features of the Professional edition are:
Support for multi-user environment Internet Explorer restrictions Google Chrome restrictions Search through website for prohibited keywords Guest password USB key authentication Webcam snapshots Flexible removable drive restrictions WinLock 8.43 changelog:
Disable pinned apps.
Disable F10 key.
Apply settings option.
Desktop screenshot in e-mail reports.
Support for Windows 10 1903.
Support for Firefox 81, Edge 80, Opera 71, Opera GX, and Chrome 83.
Improved support for high-DPI and text scaling.
Bug fixed: Apply Settings command doesn't work under some x64 systems.
Download: WinLock 8.43 | WinLock Pro 8.43 | ~10.0 MB (Shareware)
Links: WinLock Home Page | WinLock Pro Screenshot
Get alerted to all of our Software updates on Twitter at @NeowinSoftware
By Usama Jawad96
Microsoft hampers cyberattack on Munich Security Conference attendees
by Usama Jawad
Early last month, Microsoft cautioned that it has noticed increased activity from foreign hacker groups targeting U.S. elections. One of these groups was "Phosphorus" from Iran, which was primarily targeting POTUS' presidential staff accounts.
Today, the company announced that the same group has also been attacking attendees of the upcoming Munich Security Conference. The tech giant has hampered these malicious activities after they were picked up by Microsoft’s Threat Intelligence Information Center (MSTIC).
Microsoft has stated that Phosphorus targeted over 100 high-profile individuals attending the Munich Security Conference as well as the Think 20 (T20) event in Saudi Arabia. For those unaware, the former is an annual gathering that has been taking place for the past 60 years in which heads of state discuss security whereas the latter is critical in shaping policy ideas for G20 nations.
The company says that Phosphorus sent out spoofed invitations containing almost perfect English to attendees of these events via email, offering remote sessions in light of the pandemic. It managed to compromise the accounts of several individuals including policy experts, academics, and former government officials.
This threat was first detected by MSTIC, which is responsible for tracking cybercrime groups. Microsoft went on to say that:
The Redmond tech giant has also shared the email addresses, domains, and subdomains used in this attack, and urged IT teams to have security perimeters in place in order to protect against similar malicious activities in the future. Microsoft believes that the purpose of this cyberattack was intelligence collection, and its investigations so far has indicated that it has no relation to the upcoming U.S. elections.
SpaceX's Starlink internet beta expands to more customers, and it's expensive
by João Carrasqueira
SpaceX, the space exploration company owned by Elon Musk, has been working on its satellite-based internet service, Starlink, for a few years now, but it's taken some time for it to come to fruition. Today, the company is inviting customers to test the service in what it calls the "Better Than Nothing Beta", as reported by CNBC.
The name of the test program doesn't lie, and SpaceX is fairly upfront about what users are signing up for, telling users that it's "trying to lower" their initial expectations. The company says users can expect to see speeds varying from 50Mb/s to 150Mb/s, and latency ranging from 20ms to 40ms over the next few months, as it continues to improve the system. At times, it's possible that service won't be available at all.
On top of the spotty internet service, the initial Starlink price is not for the faint of heart. Customers need to buy the Starlink kit to get set up, which includes a terminal to connect to the satellite network, a Wi-Fi router, and a mounting tripod. That costs $499, and on top of that, the service itself costs $99 per month. To help users get set up, a Starlink app is now available for Android and iOS, meant to help users find the best place to install the terminal, check for obstructions, and more.
Naturally, this isn't something that's meant for everyone to subscribe to just yet, and it remains to be seen how things will look when the service is fully available. On that note, the description for the app mentioned above says that this beta program will enable service in the United States and Canada this year, with near global coverage being attainable in 2021. Of course, that too is yet to be seen.
By Usama Jawad96
Microsoft develops new machine learning model to detect password spray attacks
by Usama Jawad
Over the past few weeks, Microsoft has been promoting digital security efforts as a part of its observance of the National Cyber Security Awareness Month (NCSAM) in October. It has announced new initiatives to promote cybersecurity awareness, unveiled Zero Trust Deployment Center, released an Adversarial ML Threat Matrix, and launched a fairly successful offensive against the malicious Trickbot botnet.
Now the company has stated that it has developed a new machine learning-based algorithm that detects password spray attacks with considerably improved performance than its previous mechanism.
Image via Abine For those unaware, a password spray is a relatively crude and common form of cyberattack in which a malicious actor attacks tenants via thousands of IPs - using botnets in most cases - with a few commonly used passwords rather than trying numerous passwords against a single user. While this indicates that the success rate per account is quite nominal, it also means that the attack is very difficult to detect since it is spread out with such uneven consistency that a tenant may dismiss a couple of unsuccessful login attempts per account as part of the regular login pattern. So, this attack can only be detected across multiple tenants if you notice a single hash failing across numerous accounts.
To counter password spray attacks, Microsoft previously built a heuristic mechanism in which the company observed "the core failure in the system in... worldwide traffic" and notified organizations at risk. Now, the company has improved this mechanism by training a new supervised machine learning algorithm that uses features such as IP reputation, unfamiliar login properties, and other account deviations to detect when a tenant is under attack from password spray.
Microsoft claims that its new model has a 100% increase in recall compared to the heuristic algorithm. This means that it detects twice the number of compromised accounts. Furthermore, it also has a 98% precision, which means that if the model claims that an account has fallen victim to password spray, then this is almost certainly true across all such cases.
The new model will be available soon to Azure AD Identity Protection customers, who will be able to utilize it in the portal and APIs for Identity Protection.
By Usama Jawad96
Microsoft partners with Nvidia, IBM, and more to release Adversarial ML Threat Matrix
by Usama Jawad
Microsoft is observing National Cyber Security Awareness Month (NCSAM) currently, and cybersecurity seems to be at the forefront for the firm. Over the past few weeks, the company has announced new initiatives to promote cybersecurity awareness, Zero Trust Deployment Center, and an offensive against the malicious Trickbot botnet.
Now, it has released the Adversarial ML Threat Matrix framework in collaboration with various organizations such as IBM, Nvidia, MITRE, and more.
Microsoft says that many security analysts believe that attacks against machine learning (ML) systems should be a concern for the future rather than right now, even though the Redmond tech giant's data suggest that this is not the case. Cyberattacks against commercial ML programs are becoming increasingly common because firms do not have the right tooling in place to protect these systems.
To combat this growing threat, Microsoft has collaborated with MITRE and 11 other companies such as Nvidia, Bosch, IBM, and more to develop an open framework that organizes techniques that are used by malicious actors.
Microsoft has clearly stated that the framework is aimed at security analysts and is similar in structure to the ATT&CK framework that the intended audience is already familiar with. Furthermore, it has also been seeded with known vulnerabilities that Microsoft and MITRE have noticed in real-world systems.
The firm says that since this topic is popular in academic research, it is opening the industry-focused framework to the wider community. It is gaining insights from researchers at various universities, as well as its own tooling. Microsoft believes that its efforts will allow everyone to develop and deploy ML solutions securely. You can head over to the Adversarial ML Threat Matrix GitHub repository here to find out more about the initiative.