Latest Security News

Strong and stable: The iOS security guide

Computer World Security - Fri, 11/17/2017 - 11:36

Apple’s smartphones are highly secure, but if your private or enterprise data matters to you, it’s essential to ensure your iPhone (or iPad) is as secure as possible.

Why security matters

Just because almost all mobile malware targets Android doesn’t mean iPhone users can be complacent.

Quite the reverse:

We need to be even more alert in case attackers use complacency against us. What follows are a few simple tips to help you secure your iPhone (and iPad).

There’s no way to deny that iPhones are in the ascendant, particularly in enterprise IT. Beyond business, you’ll see them used by educators, doctors, police and politicians and in each one of those cases the information on those smartphones is confidential and must not be abused.

To read this article in full, please click here

Categories: Latest Security News

Patch alert: Microsoft acknowledges printer bug; forced 1709 upgrades continue

Computer World Security - Fri, 11/17/2017 - 09:06

The patches have been out for only a few days, but as best I as can tell at this early juncture, November’s Patch Tuesday bugs aren’t as bad as they were in October. Thank Redmond.

If you use an Epson dot matrix printer, if you’re seeing an error that CDPUserSvc has stopped working, or if you were forcibly upgraded from Win10 Creators Update, version 1703, to Fall Creators Update, version 1709, I have some good news and some bad news.

Dot matrix dissed

Microsoft has acknowledged a bug in its Patch Tuesday updates that causes “some Epson SIDM and Dot Matrix printers” to fail. The bug appears in this month’s patches for every version of Windows:

To read this article in full, please click here

Categories: Latest Security News

Microsoft forces Win10 1703 customers onto 1709, and other Patch Tuesday shenanigans

Computer World Security - Wed, 11/15/2017 - 13:52

Another massive outpouring of Microsoft patches yesterday — more than 1,100 separate patches — brought a few surprises and shouts of indignation from a forced but unannounced upgrade. Some bugs are already evident, and there’s a storm brewing over one Office patch. But by and large, if you don’t use Internet Explorer or Edge, it’s a non-event.

Every version of Windows got patched yesterday (Win10 1709, Win10 1703, Win10 1607, Win10 1511 Enterprise, Win10 1507 LTSC, Win 8.1, Win RT 8.1, Win 7, plus Server 2016, 2012 R2, 2012, 2008 R2, 2008). Almost every version of Office (2016, 2013, 2010, 2007, plus 2013 and 2010 Click-to-Run). Plenty of miscellaneous, too: IE 11, 10, 9 and Edge, Flash for all, SharePoint Server, the ChakraCore package, and various .Nets including ASP.NET. The good news? Unless you use IE or Edge, there’s nothing pressing — you can sit back and watch the bugs crawling out of the woodwork.

To read this article in full, please click here

Categories: Latest Security News

11% off August Smart Lock Pro With Connect Bundle - Deal Alert

Computer World Security - Wed, 11/15/2017 - 09:46

With August Smart Lock Pro, you can lock and unlock your door, control keyless access, and keep track of who comes and goes, all from your phone. The 24/7 activity log means you’re always in the know. With your phone in your pocket, simply open the door and you’re in your home. Heading out? August Smart Lock Pro will also automatically lock the door behind you after you leave. The smart lock currently averages 4 out of 5 stars on Amazon, where the list price on the Lock and Connect Bundle has been reduced 11% to $249.99. See this deal on Amazon.

To read this article in full, please click here

Categories: Latest Security News

Lock it down: The macOS security guide

Computer World Security - Wed, 11/15/2017 - 09:11

Apple’s systems are highly secure, but if your private or enterprise data matters to you it’s essential to ensure your Mac is as highly secured as possible. This quick guide should help you do just that.

Keep it zippy

Malware is everywhere and Macs are not immune. You can ignore the potential threat if you choose, but if you are an enterprise user holding confidential data, an educator in possession of private data, or even a Bitcoin collector who maybe clicked a few too many links on one of those dodgy faucet websites, you should know to get your Mac secured.

Common sense first

Before we get into some of the security technology inside your Mac (including a wide range of security improvements in High Sierra) it is also important to point out that the biggest threat your computer faces is the person using it. Cyberattackers are highly sophisticated and can piece together lots of information about you, or companies associated with you by simply getting a little more data a little at a time. Make it hard for those people by following simple tips, including:

To read this article in full, please click here

Categories: Latest Security News

‘Hey Siri, buy $100 Bitcoin for the burglar guy’

Computer World Security - Tue, 11/14/2017 - 09:08

Apple will apparently bring FaceID to its long-awaited HomePod smart speaker systems next year, but voice assistant tech may be a weak link in domestic and enterprise security, fresh research claims.

The imitation game

Researchers at the University of Eastern Finland claim that voice impersonators can fool smart speaker systems into thinking they are an authorized user of those systems.

It’s known that you can undermine voice authorization systems using speech synthesis, voice conversion or even dubbing recordings of a target voice.

To read this article in full, please click here

Categories: Latest Security News

Ransomware marketplaces and the future of malware | Salted Hash Ep 6

Computer World Security - Mon, 11/13/2017 - 07:00
Would you give up a customer's data or credentials if that was the demand in a ransomware attack? That's just one of the nightmare scenarios that Steve Ragan and Rick McElroy talk about on this week's episode.
Categories: Latest Security News

The top 5 problems with blockchain

Computer World Security - Fri, 11/10/2017 - 06:11

While blockchain appears ready to upend business processes and trust models across a myriad of industries, it's still in its early days and the various iterations of the distributed ledger already in use are far from vetted.

To read this article in full, please click here

(Insider Story)
Categories: Latest Security News

Mingis on Tech: The iPhone X – best phone for business, or best phone ever?

Computer World Security - Thu, 11/09/2017 - 17:15

When it comes to mobile devices, companies tend to like three things: solid security, ease-of-management and low cost.

With Apple's iPhone X, it looks like you can check off two of those three items. The phone's cutting-edge Face ID authentication system really does work. iOS 11 is easy to manage and inherently secure. But that last one – price – is a big one. The iPhone X  starts at $999 for the 64GB model and goes to $1,149 for the 256GB version.

To read this article in full, please click here

Categories: Latest Security News

Android security audit: An 11-step checklist

Computer World Security - Thu, 11/09/2017 - 12:36

Android security is always a hot topic on these here Nets of Inter — and almost always for the wrong reason.

As we've discussed ad nauseam over the years, most of the missives you read about this-or-that super-scary malware/virus/brain-eating-boogie-monster are overly sensationalized accounts tied to theoretical threats with practically zero chance of actually affecting you in the real world. If you look closely, in fact, you'll start to notice that the vast majority of those stories stem from companies that — gasp! — make their money selling malware protection programs for Android phones. (Pure coincidence, right?)

To read this article in full or to leave a comment, please click here

Categories: Latest Security News

15% off APC 11-Outlet Surge Protector with USB Charging Ports and SurgeArrest - Deal Alert

Computer World Security - Wed, 11/08/2017 - 08:35

Be it a lightning strike that destroys a home entertainment center or consistently fluctuating power that degrades the performance and shortens the life of your electronics – surges, lightning, and other power disturbances can have a devastating impact on the valuable electronics you rely on every day. The P11U2 from APC offers guaranteed surge protection. Connect and protect up to 11 electronics, and conveniently charge your mobile devices via 2 additional USB ports. Installation is convenient and easy with a 180-degree rotating power cord and right-angle plug. Lastly, three LED indicators inform you if there is any overload, unit, or wall wiring issues. The P11U2 averages 4.5 out of 5 stars from over 1,800 people on Amazon (read reviews), where its typical list price of $34.25 is discounted 15% to $28.99. See this deal on Amazon.

To read this article in full or to leave a comment, please click here

Categories: Latest Security News

What is blockchain? The most disruptive tech in decades

Computer World Security - Tue, 11/07/2017 - 20:06

Blockchain is poised to change IT in much the same way open-source software did a quarter of a century ago. And in the same way that Linux took more than a decade to become a cornerstone in modern application development, Blockchain will take years to become a lower cost, more efficient way to share information between open and private networks.

But the hype around this seemingly new, secure electronic ledger is real. In essence, blockchain represents a new paradigm for the way information is shared and tech vendors and companies are rushing to figure out how they can use the distributed ledger technology to save time and admin costs. Numerous companies this year have been rolling out pilot programs and real-world projects across a variety of industries - everything from financial services to healthcare to mobile payments.

To read this article in full, please click here

Categories: Latest Security News

What is blockchain? The most disruptive tech in decades

Computer World Security - Tue, 11/07/2017 - 20:06

Blockchain is poised to change IT in much the same way open-source software did a quarter of a century ago. And in the same way that Linux took more than a decade to become a cornerstone in modern application development, Blockchain will take years to become a lower cost, more efficient way to share information between open and private networks.

But the hype around this seemingly new, secure electronic ledger is real. In essence, blockchain represents a new paradigm for the way information is shared and tech vendors and companies are rushing to figure out how they can use the distributed ledger technology to save time and admin costs. Numerous companies this year have been rolling out pilot programs and real-world projects across a variety of industries - everything from financial services to healthcare to mobile payments.

To read this article in full or to leave a comment, please click here

Categories: Latest Security News

When Google Play Protect fails

Computer World Security - Tue, 11/07/2017 - 11:34

I've written a lot about Android security over the years — and more often than not, it's the same ol' story time and time again:

A company that sells mobile security software finds some theoretical threat — something that (a) hasn't affected any actual users in the real world and (b) couldn't affect any actual users in the real world, outside of a highly improbable scenario in which all native security measures are disabled and the user goes out of his way to download a questionable-looking app from some shady porn forum.

To read this article in full or to leave a comment, please click here

Categories: Latest Security News

Temporarily turn off Windows Automatic Update

Computer World Security - Tue, 11/07/2017 - 06:35

Last month we had no end of problems with Microsoft’s Windows and Office patches. If your machine was attached to a corporate Windows Update server, and your admin approved Windows patches for immediate distribution, your PC may have joined a sea of blue screens. There were lots and lots of additional gotchas.

To read this article in full or to leave a comment, please click here

Categories: Latest Security News

Microsoft yanks buggy Windows patches KB 4052233, 4052234, 4052235

Computer World Security - Mon, 11/06/2017 - 09:39

As I reported last week, Microsoft released a handful of buggy patches designed to fix the “Unexpected error from external database driver” bug introduced by all of the October Windows security patches. As noted then, the bug fixes have bugs themselves, and the cure is worse than the disease.

Now comes word that Microsoft has not only yanked the bad patches; it’s also deleted the KB articles associated with the patches.

Specifically, all of these KB articles report that the page does not exist:

To read this article in full or to leave a comment, please click here

Categories: Latest Security News

Windows 10 Insider: What's in it for us?

Computer World Security - Mon, 11/06/2017 - 06:09

Microsoft's motivation for pushing customers to run Windows 10 previews is obvious: It gains a huge pool of testers and millions of amateur quality control workers who help shake out software bugs before the code reaches the wild.

But is there anything in it for the customer?

"Absolutely," said Wes Miller, an analyst with Directions on Microsoft, in a recent interview when asked whether customers benefit from participating in the Insider program. "You're testing the quality of those bits vis-a-vis your infrastructure."

Windows Insider, which Microsoft launched in the fall of 2014 as its first-ever ongoing beta program, delivers pre-release versions of the next Windows 10 feature upgrade. As Microsoft creates an upgrade, it periodically releases builds to the Insider audience. Just before the upgrade's actual ship date, Microsoft freezes the code, then begins work on the next version, with betas of that build reaching participants soon thereafter.

To read this article in full or to leave a comment, please click here

Categories: Latest Security News

Critics are wrong to slam iPhone X’s new face tech

Computer World Security - Sat, 11/04/2017 - 06:00

Apple’s new iPhone X reads faces. And privacy pundits are gnashing their teeth over it.

The phone’s complex TrueDepth image system includes an infrared projector, which casts 30,000 invisible dots, and an infrared camera, which checks where in three-dimensional space those dots land. With a face in view, artificial intelligence on the phone figures out what’s going on with that face by processing locations of the dots.

Biometrics in general and face recognition in particular are touchy subjects among privacy campaigners. Unlike a password, you can’t change your fingerprints — or face.

[ Further reading: What is Face ID? Apple’s facial recognition tech explained ]

Out of the box, the iPhone X’s face-reading system does three jobs: Face ID (security access), Animoji (avatars that mimic users’ facial expressions), and also something you might call “eye contact,” to figure out if the user is looking at the phone (to prevent sleep mode during active use).

To read this article in full or to leave a comment, please click here

Categories: Latest Security News

MS fixes 'external database' bug with patches that have even more bugs

Computer World Security - Fri, 11/03/2017 - 08:58

Yesterday, Thursday, a date which will live in infamy, Microsoft unleashed patches for five versions of Windows. They were supposed to fix the widely reported bug in all of the mainstream October Windows security patches that gave rise to a bogus “Unexpected error from external database driver” message.

It’s too early to assess all of the damage, but reports from many corners say installing these new patches brings back old, unpatched versions of many files. If you installed one of the patches from yesterday, best to uninstall it. Now.

To read this article in full or to leave a comment, please click here

Categories: Latest Security News

Word to the wise

Computer World Security - Fri, 11/03/2017 - 06:00

IT pilot fish gets an email from a person who's a member of a club they both belong to -- and while it's not work-related, it was clearly sent from work.

"The email had been written as a Word document and, since I wasn't using a Windows-based computer, I opened it as a text document," says fish.

"This allowed me to see not only the note intended for me, but also the document history for all the other recent documents opened in Word by that user that day.

"The person who sent me the email was an attorney. Talk about unintentionally breaching client confidentiality!

"I contacted her privately and discreetly, and handed her a printout showing some of the things contained in that document history.

To read this article in full or to leave a comment, please click here

Categories: Latest Security News

Pages

Subscribe to SecurityFeeds aggregator - Latest Security News