Microsoft: PowerShell’s new ‘secrets’ tool preview is out

Windows Insiders: How its feedback shaped Windows 10
The program has over 16.5 million participants.

Microsoft has released the second preview of the Secrets Management Module, a PowerShell module for managing secrets and credentials. 

Microsoft unveiled the PowerShell Secrets at Ignite 2019 as a new way to securely manage secrets in cloud environments that rely on components from multiple vendors, such as many secrets providers. 

The module provides a set of cdmlets that let users store secrets locally using a vault provider and access secrets from remote vaults. Users can register and unregister local and remote vaults on the local machine to manage and retrieve secrets. Microsoft released the first preview in February and now has issued the second preview. 

Microsoft created Secrets Management to address some of the challenges PowerShell developers face when advanced scripts require multiple secrets for coordinating across different clouds. The Secrets Management Module supports several

Read More

Coronavirus prompts Treasury to delay start date to April 2021

HM Treasury has confirmed that the introduction of the IR35 tax avoidance reforms to the private sector will be deferred until 2021 as part of a package of measures to support businesses through the Covid-19 coronavirus outbreak.

Chief secretary to the treasury Steve Barclay confirmed the move in an address to the House of Commons last night (Tuesday 17 March), several hours after chancellor Rishi Sunak announced a separate £350bn package of measures to support businesses through the economic turmoil caused by coronavirus.

Barclay said the start date for the private sector roll-out of the IR35 reforms will be postponed for 12 months until 6 April 2021.

“This is a deferral, not a cancellation, and the government remains committed to reintroducing this policy to ensure that people working like employees but through their own limited company pay broadly the same tax as those employed directly,” he said.


Read More

DDoS botnets have abused three zero-days in LILIN video recorders for months

At least three botnet operators have secretly exploited three zero-day vulnerabilities in LILIN digital video recorders (DVRs) for more than six months before the vendor finally patched the bugs last month, in February 2020.

Digital video recorders are devices installed on company networks that aggregate video feeds from local CCTV or IP camera systems and record it on various types of storage systems, like HDDs, SSDs, USB flash drives, or SD memory cards.

Today, DVRs are just as ubiquitous in today’s IoT landscape as the security cameras they serve.

Ever since the early 2010s, as CCTV solutions started to become popular all over the world, malware botnets have also begun targeting DVR systems.

DVR devices running with factory-default credentials or with old and outdated firmware have been hacked and have had their resources and bandwidth abused to launch DDoS attacks. Various DVR brands have been the cannon fodder of hundreds

Read More

Sans Institute issues cyber security advice for parents

With schools now shut down across the UK because of the Covid-19 coronavirus crisis, the Sans Institute, a cyber security awareness and training body, has published guidance and advice for parents who are suddenly faced with weeks, possibly months, of having their children at home.

Crucially, although physical school may have ceased for the time being, learning has not, and as education moves out of the classroom and into the home, parents must take further responsibility for keeping their offspring safe online and teaching them about online harms.

“Learning from home is a new experience both for kids and their parents,” said Lance Spitzner, director of security awareness at the Sans Institute. “With this technology, and boundless access to information and people, comes potential risks.

Secure your kids online was created to enable families to safely and securely make the most of learning from home by arming

Read More