Microsoft’s GitHub: CLI 1.0 is out, so you can now do GitHub tasks from the terminal

GitHub has released GitHub CLI 1.0, a command-line tool that lets developers create and check on pull requests and issues from the terminal. 

GitHub released CLI in beta this February for GitHub Team and Enterprise Cloud customers, but back then not for its self-hosted product for private repositories, GitHub Enterprise Server. 

Now that GitHub CLI has exited beta, it is available to use on repositories hosted on GitHub Enterprise Server 2.2 and above. Apparently, it was the most-requested feature during the beta phase.

SEE: 10 ways to prevent developer burnout (free PDF) (TechRepublic)

The Microsoft-owned code-hosting site says users can run their GitHub workflow from the terminal, from issues through to releases. 

Users can also call the GitHub API to script many actions, set a custom alias for any command, and connect to GitHub Enterprise Server and GitHub.com. 

GitHub notes on its page for GitHub CLI that many

Read More

Windows 10: This new dark theme for search comes with latest preview, says Microsoft

Microsoft has rolled out a new Windows 10 Insider preview with a handful of bug fixes and a server-side change that enables dark-theme search results. 

The new preview delivers build number 20215, but since it’s for the Dev Channel, the bug fixes and features aren’t aligned with a specific Windows 10 release, as Microsoft announced in June when it renamed Windows Insider testing rings.   

The new dark theme for search results is intended to make switching between the Start menu and search results easier on the eyes. The search dark theme isn’t actually part of the new build given it is a server-side change but it is rolling out to Windows Insiders in the Dev Channel now.  

SEE: Windows 10 Start menu hacks (TechRepublic Premium)

This build follows last week’s preview for the Dev Channel that allowed Windows 10 users to attach and mount a physical disk inside

Read More

New MrbMiner malware has infected thousands of MSSQL databases


Image: Caroline Grondin, Microsoft, ZDNet

A new malware gang has made a name for itself over the past few months by hacking into Microsoft SQL Servers (MSSQL) and installing a crypto-miner.

Thousands of MSSQL databases have been infected so far, according to the cybersecurity arm of Chinese tech giant Tencent.

In a report published earlier this month, Tencent Security has named this new malware gang MrbMiner, after one of the domains used by the group to host their malware.

The Chinese company says the botnet has exclusively spread by scanning the internet for MSSQL servers and then performing brute-force attacks by repeatedly trying the admin account with various weak passwords.

Once the attackers gained a foothold on a system, they downloaded an initial assm.exe file, which they used to establish a (re)boot persistence mechanism and to add a backdoor account for future access. Tencent says this account uses the

Read More

TypeScript creator: How the programming language beat Microsoft’s open-source fears

Microsoft’s open-source programming language TypeScript – the alter ego of JavaScript but with a type system – turns 10 years old this December. 

It’s grown to become a go-to language for building apps that run in the browser but back in 2010 it had to pick its way through a Microsoft company culture that was still fearful of open source. 

TypeScript co-creator Anders Hejlsberg, a Danish software engineer and technical fellow at Microsoft, describes to ZDNet the moment in 2010 when, under the then Microsoft chief Steve Ballmer, his team decided that an open-source strategy was the only way to win over JavaScript developers. 

SEE: Hiring Kit: Python developer (TechRepublic Premium)

Ballmer in 2001 called Linux a “cancer” that threatened all Microsoft’s intellectual property, and in 2010 open source at Microsoft was still a prickly issue for top management. 

“Linux was [seen as] a threat to Windows, and it turns

Read More

Zerologon attack lets hackers take over enterprise networks

Unbeknownst to many, Microsoft patched last month in August one of the most severe bugs ever reported to the company, an issue that could be abused to easily take over Windows Servers running as domain controllers in enterprise networks.

The bug was patched in the August 2020 Patch Tuesday under the identifier of CVE-2020-1472. It was described as an elevation of privilege in Netlogon, the protocol that authenticates users against domain controllers.

The vulnerability received the maximum severity rating of 10, but details were never made public, meaning users and IT administrators never knew how dangerous the issue really was.

Take over a domain controller with a bunch of zeros

But in a blog post today, the team at Secura B.V., a Dutch security firm, has finally lifted the veil over this mysterious bug and published a technical report describing CVE-2020-1472 in greater depth.

And per the

Read More

Buying a Windows laptop? Five must-have features for my next notebook

We’re about to enter peak PC buying season. The final quarter of the year is when businesses have to spend their remaining capital budget (“use it or lose it!”) and when families are likely to consider buying a new PC for the holidays.

When most people offer advice about choosing a new PC, they turn to the standard “speeds and feeds” items. Yes, you should insist on a modern CPU, enough RAM and solid-state storage to handle your expected workloads, and the right graphics processor, especially if you’re into gaming.

But the current crop of business-class notebook PCs includes a handful of important options that aren’t part of the standard spec sheet. These are features you can’t typically measure using a performance benchmark, but their impact on productivity is undeniable.

See also: My seven favorite Windows 10 features  

For my next notebook, these are the five features I plan

Read More