Latest Security News

All about Android upgrades (and why they're late) | TECH(talk)

Computer World Security - Thu, 02/14/2019 - 04:00

It's not exactly news that Android upgrades almost always take a lo-o-o-o-o-ng time to roll out to most users. As in months. Often, many months. Sometimes more than a year.

Sometimes never.

(There is an exception: Google delivers new versions of Android to its Pixel line right away, and did just that with the release of Android 9.0 (Pie) last fall.)

It's now been six months since Pie arrived, which means it's time for Computerworld blogger JR Raphael's comprehensive look at how device-makers are doing when it comes to upgrades. 

To read this article in full, please click here

Categories: Latest Security News

All about Android upgrades (and why they're late) | TECH(talk)

Computer World Security - Thu, 02/14/2019 - 04:00

It's not exactly news that Android upgrades almost always take a lo-o-o-o-o-ng time to roll out to most users. As in months. Often, many months. Sometimes more than a year.

Sometimes never.

(There is an exception: Google delivers new versions of Android to its Pixel line right away, and did just that with the release of Android 9.0 (Pie) last fall.)

It's now been six months since Pie arrived, which means it's time for Computerworld blogger JR Raphael's comprehensive look at how device-makers are doing when it comes to upgrades. 

To read this article in full, please click here

Categories: Latest Security News

With latest mobile security hole, could we at least focus on the right things?

Computer World Security - Wed, 02/13/2019 - 04:00

A bunch of apps from some major players — including Expedia, Hollister, Air Canada, Abercrombie & Fitch, Hotels.com and Singapore Airlines — recently came to grief because of a security/privacy hole in a third-party analytics app they all used, according to a report from TechCrunch. In the case of Air Canada, the incident exposed extremely sensitive customer information including payment card and password data shared in clear text. That sort of thing shouldn't be happening — and yet everyone seems focused on the wrong lesson.

To read this article in full, please click here

Categories: Latest Security News

With latest mobile security hole, could we at least focus on the right things?

Computer World Security - Wed, 02/13/2019 - 04:00

A bunch of apps from some major players — including Expedia, Hollister, Air Canada, Abercrombie & Fitch, Hotels.com and Singapore Airlines — recently came to grief because of a security/privacy hole in a third-party analytics app they all used, according to a report from TechCrunch. The incident exposed extremely sensitive customer information including payment card and password data shared in clear text. That sort of thing shouldn't be happening — and yet everyone seems focused on the wrong lesson.

The analytics app, called Glassbox, captures all information from a user's interaction with the app, including keystrokes entered and spots on the touchscreen the user touched or clicked. It also may include some screen captures. In every case, the apps give insufficient privacy disclosures to app users, or none at all. And, as already mentioned, it shares sensitive data in clear text.

To read this article in full, please click here

Categories: Latest Security News

Does Workplace have a Facebook problem?

Computer World Security - Tue, 02/12/2019 - 06:24

Facebook emerged from 2018 bruised from a series of revelations that undermined trust in the popular social media platform and raised questions about its commitment to privacy.

There were the Cambridge Analytica revelations last March, security bugs later in the year that compromised data for millions of users, and a host of smaller privacy concerns. Perceptions of the company – and its stock price – took a beating.

[ Related: 10 ways to get the most from Facebook’s Workplace ]

At the same time, the company continued to push its Workplace by Facebook enterprise software, touting ease of use and familiarity as selling points for companies looking to get their employees better connected.

To read this article in full, please click here

(Insider Story)
Categories: Latest Security News

It's time to block Windows Automatic Updating

Computer World Security - Mon, 02/11/2019 - 06:15

Those of you who feel it’s important to install Windows and Office patches the moment they come out – I salute you. The Windows world needs more cannon fodder. When the bugs come out, as they inevitably will, I hope you’ll drop by AskWoody.com and tell us all about them.

For those who feel that, given Microsoft’s track record of pernicious patches, a bit of reticence is in order, I have some good news. Microsoft’s Security Response Center says that only a tiny percentage of patched security holes get exploited within 30 days of the patch becoming available.

To read this article in full, please click here

Categories: Latest Security News

It's time to block Windows Automatic Updating

Computer World Security - Mon, 02/11/2019 - 06:15

Those of you who feel it’s important to install Windows and Office patches the moment they come out – I salute you. The Windows world needs more cannon fodder. When the bugs come out, as they inevitably will, I hope you’ll drop by AskWoody.com and tell us all about them.

For those who feel that, given Microsoft’s track record of pernicious patches, a bit of reticence is in order, I have some good news. Microsoft’s Security Response Center says that only a tiny percentage of patched security holes get exploited within 30 days of the patch becoming available.

To read this article in full, please click here

Categories: Latest Security News

Does Workplace have a Facebook problem?

Computer World Security - Mon, 02/11/2019 - 04:00

Facebook emerged from 2018 bruised from a series of revelations that undermined trust in the popular social media platform and raised questions about its commitment to privacy.

To read this article in full, please click here

(Insider Story)
Categories: Latest Security News

How to stay as private as possible on Apple's iPad and iPhone

Computer World Security - Fri, 02/08/2019 - 10:39

Apple believes in your right to privacy. Here is some advice on how to use the tools it has given you to protect your privacy on an iOS device.

Use a better passcode

You probably already use a 4-digit passcode, but you can improve that with a 6-digit or alphanumeric code.

You change this in Settings>Touch ID/Face ID & Passcode, select Change Passcode and then tap the small Passcode Options dialog. Alphanumeric codes are harder to decipher, just make sure you remember the code.

To read this article in full, please click here

Categories: Latest Security News

How to stay as private as possible on Apple's iPad and iPhone

Computer World Security - Fri, 02/08/2019 - 10:39

Apple believes in your right to privacy. Here is some advice on how to use the tools it has given you to protect your privacy on an iOS device.

Use a better passcode

You probably already use a 4-digit passcode, but you can improve that with a 6-digit or alphanumeric code.

You change this in Settings>Touch ID/Face ID & Passcode, select Change Passcode and then tap the small Passcode Options dialog. Alphanumeric codes are harder to decipher, just make sure you remember the code.

To read this article in full, please click here

Categories: Latest Security News

Microsoft: Watch out for zero days; deferred patches, not so much

Computer World Security - Fri, 02/08/2019 - 09:32

Matt Miller’s presentation at Blue Hat yesterday included some startling statistics, based on data gathered by Microsoft’s Security Response Center. The numbers starkly confirm what we’ve been saying for years: The chances of getting hit with malware by delaying Windows and Office patches for up to 30 days is tiny compared to all the other ways of getting clobbered.

To read this article in full, please click here

Categories: Latest Security News

Microsoft: Watch out for zero days; deferred patches, not so much

Computer World Security - Fri, 02/08/2019 - 09:32

Matt Miller’s presentation at Blue Hat yesterday included some startling statistics, based on data gathered by Microsoft’s Security Response Center. The numbers starkly confirm what we’ve been saying for years: The chances of getting hit with malware by delaying Windows and Office patches for up to 30 days is tiny compared to all the other ways of getting clobbered.

To read this article in full, please click here

Categories: Latest Security News

Get TotalAV Essential AntiVirus for $19.99 (80% off)

Computer World Security - Thu, 02/07/2019 - 12:11

The term “computer virus” calls to mind imagery of pathogenic creepy-crawlies bringing down a device’s operating system, their flagella wriggling as they multiply into hordes that infiltrate its chips and wires. And while it’s true that our computers can be infected with literal biological bacteria like staphylococci, per Science Illustrated, the threat of malicious codes and programs intent on corrupting data and files looms far larger: According to a recent study from the University of Maryland’s Clark School of Engineering, attacks on computers with internet access is virtually ceaseless, with an incident occurring every 39 seconds on average, affecting a third of Americans every year.

To read this article in full, please click here

Categories: Latest Security News

Get TotalAV Essential AntiVirus for $19.99 (80% off)

Computer World Security - Thu, 02/07/2019 - 12:11

The term “computer virus” calls to mind imagery of pathogenic creepy-crawlies bringing down a device’s operating system, their flagella wriggling as they multiply into hordes that infiltrate its chips and wires. And while it’s true that our computers can be infected with literal biological bacteria like staphylococci, per Science Illustrated, the threat of malicious codes and programs intent on corrupting data and files looms far larger: According to a recent study from the University of Maryland’s Clark School of Engineering, attacks on computers with internet access is virtually ceaseless, with an incident occurring every 39 seconds on average, affecting a third of Americans every year.

To read this article in full, please click here

Categories: Latest Security News

Why Apple is disabling Safari’s Do Not Track feature

Computer World Security - Thu, 02/07/2019 - 04:34

Apple takes privacy very seriously. It takes its leadership in that care seriously, and getting rid of the voluntary "Do Not Track" setting in its Safari browser is the right decision.

Why disabling Safari’s Do Not Track feature is the right thing to do

Apple introduced support for Do Not Track (DNT) in iOS 7 but removed the feature in Safari 12.1.

The problem with DNT is that the signal it sends to websites, analytics firms, plug-in makers, and ad networks is a voluntary request and can be ignored.

To read this article in full, please click here

Categories: Latest Security News

Why Apple is disabling Safari’s Do Not Track feature

Computer World Security - Thu, 02/07/2019 - 04:34

Apple takes privacy very seriously. It takes its leadership in that care seriously, and getting rid of the voluntary ‘Do Not Track’ setting in its Safari browser is the right decision.

Why disabling Safari’s Do Not Track feature is the right thing to do

Apple introduced support for Do Not Track (DNT) in iOS 7, but removed the feature in Safari 12.1.

The problem with DNT is that the signal it sends to websites, analytics firms, plug-in makers and ad networks is a voluntary request, and can be ignored.

To read this article in full, please click here

Categories: Latest Security News

Throwback Thursday: Pick a card, any card ...

Computer World Security - Thu, 02/07/2019 - 04:00

This conglomerate is structured as several smaller companies, with a big central IT organization plus individual IT groups in some of the companies, reports an IT pilot fish there.

“An IT staffer from one of the companies loaded a password cracker and proceeded to crack the Windows NT servers,” fish says. “He sent out emails bragging about how insecure NT was and giving the NT team a hard time.”

Fish isn’t on the NT team, but he and his security co-workers decide to strike back on behalf of their colleagues — and they do it through the central IT audit group, to make sure it’s all above board.

First, they supply the audit people with a list of more than 100 Unix servers, and get them to pick a server at random. Amazingly, the audit group picks the only server on the list that belongs to the company where the NT attack originated.

To read this article in full, please click here

Categories: Latest Security News

Throwback Thursday: Pick a card, any card ...

Computer World Security - Thu, 02/07/2019 - 04:00

This conglomerate is structured as several smaller companies, with a big central IT organization plus individual IT groups in some of the companies, reports an IT pilot fish there.

“An IT staffer from one of the companies loaded a password cracker and proceeded to crack the Windows NT servers,” fish says. “He sent out emails bragging about how insecure NT was and giving the NT team a hard time.”

Fish isn’t on the NT team, but he and his security co-workers decide to strike back on behalf of their colleagues — and they do it through the central IT audit group, to make sure it’s all above board.

First, they supply the audit people with a list of more than 100 Unix servers, and get them to pick a server at random. Amazingly, the audit group picks the only server on the list that belongs to the company where the NT attack originated.

To read this article in full, please click here

Categories: Latest Security News

The January Windows and Office patches are good to go

Computer World Security - Fri, 02/01/2019 - 10:15

Compared to some months last year, January has been a Microsoft patching cakewalk. We had several rounds of close calls and missed calls, as I posted earlier this week, but almost everything is cleared up.

We’ve seen a few more problems raise their ugly heads in the past few days:

  • Microsoft has confirmed that the latest version of Office Click-to-Run (which you’re likely using if you have Office 365) makes the conversation window disappear in Skype for Business 2016.
  • The Windows 8.1 Monthly Rollup, KB 4480963, breaks the Live Migration feature on older AMD Opteron machines. We’re still waiting for confirmation on that one.
  • Citrix confirms (but Microsoft hasn’t acknowledged) that the latest Win10 1803 cumulative update, KB 4480976, causes page file problems when the page file isn’t sitting on C:. More details on Tenforums.

Those are typical Microsoft edge-use bugs: They don’t affect many people, but if you’re one of the stuckees, you’re up the ol’ creek.

To read this article in full, please click here

Categories: Latest Security News

The January Windows and Office patches are good to go

Computer World Security - Fri, 02/01/2019 - 10:15

Compared to some months last year, January has been a Microsoft patching cakewalk. We had several rounds of close calls and missed calls, as I posted earlier this week, but almost everything is cleared up.

We’ve seen a few more problems raise their ugly heads in the past few days:

  • Microsoft has confirmed that the latest version of Office Click-to-Run (which you’re likely using if you have Office 365) makes the conversation window disappear in Skype for Business 2016.
  • The Windows 8.1 Monthly Rollup, KB 4480963, breaks the Live Migration feature on older AMD Opteron machines. We’re still waiting for confirmation on that one.
  • Citrix confirms (but Microsoft hasn’t acknowledged) that the latest Win10 1803 cumulative update, KB 4480976, causes page file problems when the page file isn’t sitting on C:. More details on Tenforums.

Those are typical Microsoft edge-use bugs: They don’t affect many people, but if you’re one of the stuckees, you’re up the ol’ creek.

To read this article in full, please click here

Categories: Latest Security News

Pages

Subscribe to SecurityFeeds aggregator - Latest Security News