Latest Security News

A hidden Android Pie security setting everyone should enable

Computer World Security - 8 hours 26 min ago

Google's new Android 9 Pie release has plenty of fresh features and interface changes, but one of the software's most significant security improvements has managed to stay mostly off the radar.

In addition to all of the oft-discussed privacy and security enhancements, y'see, Pie has an out-of-sight and semi-advanced option. It's not something you'd use every day — or often at all, really — but if the right sort of occasion ever comes along, you'll be glad you have it enabled.

To read this article in full, please click here

Categories: Latest Security News

Patch Tuesday’s coming: Block Windows Update and pray we don’t get fooled again

Computer World Security - Mon, 08/13/2018 - 07:37

July 2018 patches for both Windows and Office brought bugs and bugs of bugs — many of which haven’t been solved, even now. We have even reached the unprecedented stage where the .NET team openly warned people against installing buggy updates, and the Monthly Rollup previews got shoved down the Automatic Update chute to fix bugs in the primary Monthly Rollup.

July was more galling than most months because the patches caused widespread problems for many, while plugging security holes for exactly zero widespread infections.

To read this article in full, please click here

Categories: Latest Security News

Blue Team Village, DEF CON 2018 | Salted Hash Ep 43

Computer World Security - Fri, 08/10/2018 - 18:16
Host Steve Ragan talks to Munin, a staffer at the DEF CON Blue Team Village about what's happening and what you can expect.
Categories: Latest Security News

Blue Team village, Deffcon 2018 | Salted Hash Ep. 43

Computer World Security - Fri, 08/10/2018 - 18:16
Host Steve Ragan talks to Munin, a staffer at the DEF CON Blue Team Village about what's happening and what you can expect.
Categories: Latest Security News

A word to the wise: Skip Microsoft’s July patches

Computer World Security - Fri, 08/10/2018 - 06:22

On July 9, I recommended that you disable Windows Automatic Update and wait to see if the July Microsoft patches brought more mayhem than relief. With the August patches just a few days away, it’s time to put a nail in the July coffin. I strongly recommend that you not install any of the July patches, and pray that Microsoft treats us better in August.

It’s been a tumultuous month.

To read this article in full, please click here

Categories: Latest Security News

An inside look at hybrid Office 365 phishing attacks | Salted Hash Ep 41

Computer World Security - Wed, 08/08/2018 - 03:54
In this episode, Steve Ragan shows what a hybrid phishing attack looks like as it starts off on one service, and quickly moves to another.
Categories: Latest Security News

Grand Theft IT? Not quite

Computer World Security - Tue, 08/07/2018 - 04:00

The time has come for the sales team at this financial services company to get new top-of-the-line laptops -- and they're being upgraded 80 at a time, reports an IT pilot fish there.

"Late one night, the guy in charge of the upgrade got a call from Security saying that a break-in had occurred," fish says. "They told him that on the security cameras they saw the thieves making off with a lot of laptops.

"The upgrade project manager arrived at the scene to meet the police -- who were very puzzled when he started laughing.

"Turns out the thieves stole 80 decommissioned laptops with no hard drives, while ignoring the 80 new laptops sitting in boxes beside the decommissioned ones."

To read this article in full, please click here

Categories: Latest Security News

What is a phishing kit? Watch this in-depth explainer | Salted Hash Ep 39

Computer World Security - Tue, 08/07/2018 - 03:54
What is a phishing kit? In this video, Steve Ragan offers an answer and a look at some of the kits Salted Hash has collected.
Categories: Latest Security News

TSMC's iPhone chip attack is a wake-up call for enterprise security

Computer World Security - Mon, 08/06/2018 - 06:21

Apple chipmaker TSMC suffered a serious WannaCry-related ransomware infection that closed down production at some of its factories. The incident should be a wake-up call for manufacturers across every industry.

Manufacturing is under attack

TSMC has said the incident was not the result of a direct attack. Instead it says its systems were exposed to the malware “when a supplier installed tainted software without a virus scan.”

The malware spread fast and impacted some of the company’s most advanced facilities used to build Apple’s A-series chips.

To read this article in full, please click here

Categories: Latest Security News

How Microsoft became tech’s good guy

Computer World Security - Mon, 08/06/2018 - 04:00

Once upon a time, Microsoft symbolized all that was wrong with the tech world: greedy, monopolistic, single-mindedly focused on profits while caring little about the public good. In the heyday of Bill Gates and Steve Ballmer, the company ran roughshod over competitors in its attempt to corral the worldwide market for both operating systems and application software.

But today, Microsoft has embraced the role of the tech world’s better angel. And as events show in recent weeks, that’s not hype. The company has, to some extent, tried to act as the industry’s conscience as well as taking actions for the greater good.

One case in point: Microsoft’s recent revelation that it had uncovered evidence that the Russian government had targeted three congressional campaigns in the upcoming midterm elections — and that it had helped thwart the plot. Microsoft discovered the attempts as part of its long-running battle against the Russian government–backed hacking cyber-espionage group called Fancy Bear. Microsoft, which has been playing whack-a-mole with the group for well over a year, targets the command-and-control servers that control malware that Fancy Bear plants on victims’ computers, as well as associated websites that install malware on targets’ computers when the victims visit them as a result of a spearphishing attack.

To read this article in full, please click here

Categories: Latest Security News

An introduction to Kit Hunter, a phishing kit detector | Salted Hash Ep 40

Computer World Security - Mon, 08/06/2018 - 03:54
Kit Hunter, a basic Python script written by host Steve Ragan, searches on common tag elements to find hidden phishing kits on a web server.
Categories: Latest Security News

Windows updaters express frustrations. Microsoft responds.

Computer World Security - Fri, 08/03/2018 - 09:56

No doubt you recall patching guru Susan Bradley’s open letter to Microsoft brass, summarizing the results of her Windows update survey. The results were quite damning in many ways, with complaints about the quality and frequency of patches topping the list.

[ Related: The best places to find Windows 10 ISOs]

Microsoft has responded to the open letter in a rather roundabout way. Two days after Computerworld posted the open letter, Bradley received an email that says:

To read this article in full, please click here

Categories: Latest Security News

Brush up on your IT skills with this comprehensive CompTIA training bundle

Computer World Security - Wed, 08/01/2018 - 11:27

Whether you’re a veteran Cloud professional with numerous IT certifications, or you’ve just started your career after earning an A+, it’s always in your best interest to stay up-to-date with the fundamentals. The Complete 2018 CompTIA Certification Training Bundle includes 12 courses covering several CompTIA exams, so you can stay sharp and potentially add another notch to your belt of IT certifications. It's available on sale today for $59.

To read this article in full, please click here

Categories: Latest Security News

Apple users ‘most appealing’ to cybercriminals' online scams

Computer World Security - Wed, 08/01/2018 - 07:17

Apple’s platforms may be the most secure, but this is driving cybercriminals to more devious ways to undermine iOS and Mac security — partly because hacked Apple user credentials are among the most valuable properties you’ll find on the so-called dark web.

A complex crime

There is no doubt at all that Apple is growing in the enterprise, which is why every iOS or macOS user needs to understand that the new cyber threats aren’t confined to annoying viruses, trojans, or malware attacks.

Enterprise security chiefs are becoming increasingly aware that network, device, location-based, and user security must also be seen as part of the mix. Platform security is only one element to an overall security picture.

To read this article in full, please click here

Categories: Latest Security News

Apple users ‘most appealing’ online scam targets -- report

Computer World Security - Wed, 08/01/2018 - 07:17

Apple’s platforms may be the most secure, but this is driving cybercriminals to more devious ways to undermine iOS and Mac security – partly because hacked Apple user credentials are among the most valuable properties you’ll find on the so-called ‘Dark Web’.

A complex crime

There is no doubt at all that Apple is growing in the enterprise, which is why every iOS or macOS user needs to understand that the new cyberthreats aren’t confined to annoying viruses, trojans or malware attacks.

Enterprise security chiefs are becoming increasingly aware that network, device, location-based and user security must also be seen as part of the mix. Platform security is only one element to an overall security picture.

To read this article in full, please click here

Categories: Latest Security News

Conversation hijacking attacks | Salted Hash Ep 38

Computer World Security - Wed, 08/01/2018 - 04:00
Troy Gill, manager of security research at AppRiver, explains conversation hijacking attacks, or CHAs, with host Steve Ragan, including who is typically targeted and how to prevent them.
Categories: Latest Security News

If at first you don’t succeed, .Net, .Net, .Net again

Computer World Security - Tue, 07/31/2018 - 06:49

July will go down in the Microsoft Patching Halls of Infamy as one of the worst months ever. Every version of Win10 got three big cumulative updates, and a fourth should be hot on their heels. Let that sink in for a second: Windows patches used to come out once a month, then twice, and now we’re up to three or four a month, sprinkled on random days of the month. And they’re big bunches of fixes.

To read this article in full, please click here

Categories: Latest Security News

An open letter to Microsoft management re: Windows updating

Computer World Security - Mon, 07/30/2018 - 07:34

From: Susan Bradley

To: Mr. Satya Nadella, Mr. Carlos Picoto and Mr. Scott Guthrie

Dear Sirs:

Today, as Windows 10 turns three years old, I am writing to you to ensure that you are aware of the dissatisfaction your customers have with the updates released for Windows desktops and servers in recent months. The quality of updates released in the month of July, in particular, has placed customers in a quandary: install updates and face issues with applications, or don't install updates and leave machines subject to attack.

To read this article in full, please click here

Categories: Latest Security News

Phishing problems: 3.2M emails blocked in a month | Salted Hash Ep 37

Computer World Security - Mon, 07/30/2018 - 04:00
Asaf Cidon, vice president of email security at Barracuda Networks, talks with host Steve Ragan about a recent uptick in phishing attacks, including a spike in business email compromise (BEC) attacks.
Categories: Latest Security News

New MacBook Pros at work? Here's how to manage them right

Computer World Security - Mon, 07/30/2018 - 03:59

Earlier this month, Apple unveiled its newest generation of MacBook Pros; all feature a significant bump in performance, a redesigned butterfly keyboard, the arrival of "Hey Siri" commands and a second generation of Apple's T-series chips. The T2 chip works to improve performance and includes a Secure Enclave for encryption operations to secure the laptops and power Apple's TouchID as well as the Touch Bar. (The T2 chip is already in Apple's iMac Pro.)

To read this article in full, please click here

(Insider Story)
Categories: Latest Security News

Pages

Subscribe to SecurityFeeds aggregator - Latest Security News