Latest Security News
In addition to all of the oft-discussed privacy and security enhancements, y'see, Pie has an out-of-sight and semi-advanced option. It's not something you'd use every day — or often at all, really — but if the right sort of occasion ever comes along, you'll be glad you have it enabled.
July 2018 patches for both Windows and Office brought bugs and bugs of bugs — many of which haven’t been solved, even now. We have even reached the unprecedented stage where the .NET team openly warned people against installing buggy updates, and the Monthly Rollup previews got shoved down the Automatic Update chute to fix bugs in the primary Monthly Rollup.
July was more galling than most months because the patches caused widespread problems for many, while plugging security holes for exactly zero widespread infections.
On July 9, I recommended that you disable Windows Automatic Update and wait to see if the July Microsoft patches brought more mayhem than relief. With the August patches just a few days away, it’s time to put a nail in the July coffin. I strongly recommend that you not install any of the July patches, and pray that Microsoft treats us better in August.
It’s been a tumultuous month.
The time has come for the sales team at this financial services company to get new top-of-the-line laptops -- and they're being upgraded 80 at a time, reports an IT pilot fish there.
"Late one night, the guy in charge of the upgrade got a call from Security saying that a break-in had occurred," fish says. "They told him that on the security cameras they saw the thieves making off with a lot of laptops.
"The upgrade project manager arrived at the scene to meet the police -- who were very puzzled when he started laughing.
"Turns out the thieves stole 80 decommissioned laptops with no hard drives, while ignoring the 80 new laptops sitting in boxes beside the decommissioned ones."
Apple chipmaker TSMC suffered a serious WannaCry-related ransomware infection that closed down production at some of its factories. The incident should be a wake-up call for manufacturers across every industry.Manufacturing is under attack
TSMC has said the incident was not the result of a direct attack. Instead it says its systems were exposed to the malware “when a supplier installed tainted software without a virus scan.”
The malware spread fast and impacted some of the company’s most advanced facilities used to build Apple’s A-series chips.
Once upon a time, Microsoft symbolized all that was wrong with the tech world: greedy, monopolistic, single-mindedly focused on profits while caring little about the public good. In the heyday of Bill Gates and Steve Ballmer, the company ran roughshod over competitors in its attempt to corral the worldwide market for both operating systems and application software.
But today, Microsoft has embraced the role of the tech world’s better angel. And as events show in recent weeks, that’s not hype. The company has, to some extent, tried to act as the industry’s conscience as well as taking actions for the greater good.
One case in point: Microsoft’s recent revelation that it had uncovered evidence that the Russian government had targeted three congressional campaigns in the upcoming midterm elections — and that it had helped thwart the plot. Microsoft discovered the attempts as part of its long-running battle against the Russian government–backed hacking cyber-espionage group called Fancy Bear. Microsoft, which has been playing whack-a-mole with the group for well over a year, targets the command-and-control servers that control malware that Fancy Bear plants on victims’ computers, as well as associated websites that install malware on targets’ computers when the victims visit them as a result of a spearphishing attack.
No doubt you recall patching guru Susan Bradley’s open letter to Microsoft brass, summarizing the results of her Windows update survey. The results were quite damning in many ways, with complaints about the quality and frequency of patches topping the list.[ Related: The best places to find Windows 10 ISOs]
Microsoft has responded to the open letter in a rather roundabout way. Two days after Computerworld posted the open letter, Bradley received an email that says:
Whether you’re a veteran Cloud professional with numerous IT certifications, or you’ve just started your career after earning an A+, it’s always in your best interest to stay up-to-date with the fundamentals. The Complete 2018 CompTIA Certification Training Bundle includes 12 courses covering several CompTIA exams, so you can stay sharp and potentially add another notch to your belt of IT certifications. It's available on sale today for $59.
Apple’s platforms may be the most secure, but this is driving cybercriminals to more devious ways to undermine iOS and Mac security — partly because hacked Apple user credentials are among the most valuable properties you’ll find on the so-called dark web.A complex crime
There is no doubt at all that Apple is growing in the enterprise, which is why every iOS or macOS user needs to understand that the new cyber threats aren’t confined to annoying viruses, trojans, or malware attacks.
Enterprise security chiefs are becoming increasingly aware that network, device, location-based, and user security must also be seen as part of the mix. Platform security is only one element to an overall security picture.
Apple’s platforms may be the most secure, but this is driving cybercriminals to more devious ways to undermine iOS and Mac security – partly because hacked Apple user credentials are among the most valuable properties you’ll find on the so-called ‘Dark Web’.A complex crime
There is no doubt at all that Apple is growing in the enterprise, which is why every iOS or macOS user needs to understand that the new cyberthreats aren’t confined to annoying viruses, trojans or malware attacks.
Enterprise security chiefs are becoming increasingly aware that network, device, location-based and user security must also be seen as part of the mix. Platform security is only one element to an overall security picture.
July will go down in the Microsoft Patching Halls of Infamy as one of the worst months ever. Every version of Win10 got three big cumulative updates, and a fourth should be hot on their heels. Let that sink in for a second: Windows patches used to come out once a month, then twice, and now we’re up to three or four a month, sprinkled on random days of the month. And they’re big bunches of fixes.
From: Susan Bradley
To: Mr. Satya Nadella, Mr. Carlos Picoto and Mr. Scott Guthrie
Today, as Windows 10 turns three years old, I am writing to you to ensure that you are aware of the dissatisfaction your customers have with the updates released for Windows desktops and servers in recent months. The quality of updates released in the month of July, in particular, has placed customers in a quandary: install updates and face issues with applications, or don't install updates and leave machines subject to attack.
Earlier this month, Apple unveiled its newest generation of MacBook Pros; all feature a significant bump in performance, a redesigned butterfly keyboard, the arrival of "Hey Siri" commands and a second generation of Apple's T-series chips. The T2 chip works to improve performance and includes a Secure Enclave for encryption operations to secure the laptops and power Apple's TouchID as well as the Touch Bar. (The T2 chip is already in Apple's iMac Pro.)