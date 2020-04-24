Security Leftovers
How to Child-Proof Your Devices and Apps During Lockdown
The plethora of gadgetry around the modern home makes family life more convenient and connected, but you don't want your kids to stumble on unsuitable content, ordering hundreds of dollars of goods from Amazon, or spending more time on screens than they should—especially in this lockdown era.
To help, you'll find a host of options and tools built into your devices, as well as inside the apps that you use most often. Here we'll guide you through the key settings you need to know, and how they can keep your kids safe.
Just mentioning the built-in options on these devices and in these apps gives us plenty of room to cover, so we're not going to mention the various third-party tools that are available. Just be aware that you can get more comprehensive parental controls—from the likes of Qustodio, Eset, Norton and many others—if you're prepared to pay extra.
“Asnarok” Trojan targets firewalls
As we described last week in this KBA, Sophos and its customers were the victims of a coordinated attack by an unknown adversary. This attack revealed a previously unknown SQL injection vulnerability that led to remote code execution on some of our firewall products. As described in the KBA, the vulnerability has since been remediated.
This post is the result of many hours of research and reverse-engineering by SophosLabs and Sophos internal security teams, working in conjunction with product management to coordinate a hotfix and global response within two days of discovering this attack. In the spirit of transparency, we want to describe the nature of the attack and a detailed analysis of the malware based on our investigation and current understanding.
There was significant orchestration involved in the execution of the attack, using a chain of Linux shell scripts that eventually downloaded ELF binary executable malware compiled for a firewall operating system. This attack targeted Sophos products and apparently was intended to steal sensitive information from the firewall.
Your Whole Company’s Microsoft Teams Data Could’ve Been Stolen With An ‘Evil GIF’
Tech giants are fighting to become the de facto videoconferencing tool for remote workers in the time of COVID-19. Zoom rose to the top fast, but thanks to various security and privacy issues, was pegged back by competitors. But rivals have their flaws too, as evidenced by a weakness discovered in Microsoft’s collaboration and videoconferencing tool Teams, as revealed on Monday.
Understanding the basics of API security
Researching the wide range of API security alternatives can be confusing – even to seasoned experts. This article series is written with the goal of helping all types of readers better understand the pros and cons of the various modern approaches to protecting APIs from cyber security risks. The material is intended to help enterprise security and software development teams develop and maintain a consistent protection philosophy.
Android Leftovers
Today in Techrights
Interview with Joshua Grier
I heard about it through some artists I follow. Sinix and Sycra have Youtube videos showcasing the software from a while back. I found the brush engine stood out to me over competing programs. It felt and still feels far more intuitive and more well designed for art and design than other packages I’ve tried to use. I love that Krita is accessible to all of the creative community, I love how versatile/customizable it is and how high quality it is and continues to be as it’s improved over the years!
Lubuntu 20.04 Review: Lightweight, Minimalistic, Polished
I have been using Lubuntu 20.04 from a few days before the release. I usually dwell in Arch world with Manjaro and Cinnamon desktop so using Lubuntu was a pleasant change for me. Here’s what I have noticed and felt about Lubuntu 20.04. For a long time, Lubuntu relied on LXDE to provide a lightweight Linux experience. It now uses LXQt desktop environment. LXDE is based on GTK (the libraries used by GNOME) and more specifically on GTK+ 2 which is dated in 2020. Dissatisfied with GTK+ 3, LXDE developer Hong Jen Yee decided to port the entire desktop to Qt (the libraries used by KDE). LXDE, the Qt port of it, and the Razor-qt project were combined to form LXQt. Although today, LXDE and LXQt coexist as separate projects.
