Zerologon attack lets hackers take over enterprise networks

Unbeknownst to many, Microsoft patched last month in August one of the most severe bugs ever reported to the company, an issue that could be abused to easily take over Windows Servers running as domain controllers in enterprise networks.

The bug was patched in the August 2020 Patch Tuesday under the identifier of CVE-2020-1472. It was described as an elevation of privilege in Netlogon, the protocol that authenticates users against domain controllers.

The vulnerability received the maximum severity rating of 10, but details were never made public, meaning users and IT administrators never knew how dangerous the issue really was.

Take over a domain controller with a bunch of zeros

But in a blog post today, the team at Secura B.V., a Dutch security firm, has finally lifted the veil over this mysterious bug and published a technical report describing CVE-2020-1472 in greater depth.

And per the

Read More

Doogee S88 Pro: Rugged Android 10 smartphone with a massive battery

If you’re into “thin and light” smartphones, the Doogee S88 Pro is not of you. But if you are looking for a rugged Android 10 smartphone that has a huge screen, powerful processor, lots of RAM and storage, and a massive battery, this could be the handset for you.

Look outside of the iPhones and makers like Samsung and Motorola, and you find some really interesting and very practical handsets. One such maker is Doogee.

I’ve covered a few Doogee handsets over the months, from the formidable S68 Pro, to the cheap X95 and N20 Pro.

Each and every one was a great handset in its own way, and the S88 Pro is no different.

Must read: This $35 accessory can save MacBook buyers hundreds of dollars

The Doogee S88 Pro is big and chunky and rugged and overbuilt. It’s big for urban use compared to modern handsets,

Read More

Security concerns remain a major barrier to IoT adoption

Research from Internet of Things World in partnership with Omdia, covering both providers and enterprise users, has found that despite benefits from internet of things (IoT) technology, an overwhelming majority of businesses harbour fears of IoT-related breaches to their infrastructures.

As many as 85% of the survey of 170 IoT industry leaders believe that security concerns remain a major barrier to IoT adoption. Almost two-thirds (64%) of respondents stated that end-to-end IoT security is their top short-term priority, surpassing edge compute (55%), artificial intelligence (AI)/machine learning (50%) and 5G deployments (28%).

Underlining the complexity they face in protecting their IoT deployments and data, as well as their existing communications networks, end users reported using three to four different IoT security methods on average.

The three most common methods offered by providers and employed by enterprises to ensure security included end-to-end data encryption (60%), regular firmware and software update policies

Read More

Facebook introduces Watch Together for Messenger, letting up to eight people in a mobile chat or 50 people in a Room watch videos together (Sarah Perez/TechCrunch)

Sarah Perez / TechCrunch:

Facebook introduces Watch Together for Messenger, letting up to eight people in a mobile chat or 50 people in a Room watch videos together  —  Facebook today is rolling out a new feature that will allow friends and family to watch videos together over Messenger.… Read More