Apple is learning why shortcut security is a bad idea

Credit to Author: Evan Schuman| Date: Wed, 20 Feb 2019 11:00:00 -0800

When Apple launched its enterprise developer certificate program — which helps enterprises make their homegrown apps for employee use-only available through iTunes — it had to make a difficult convenience-vs.-security decision: how much hassle to put IT managers through to get their internal apps posted. It chose convenience and, well, you can guess what happened.

Media reports say pirate developers used the enterprise program to improperly distribute tweaked versions of popular apps — including Spotify, Angry Birds, Pokemon Go and Minecraft — while others used the platform to distribute porn apps along with real-money gambling apps. And all the bad guys had to do was lie to Apple reps about being associated with legitimate businesses. Apple didn’t bother to investigate or otherwise verify the answers.

To read this article in full, please click here

Read more

Sophisticated phishing: a roundup of noteworthy campaigns

Credit to Author: Malwarebytes Labs| Date: Wed, 20 Feb 2019 19:21:40 +0000

A phishing page that hides behind a translation service. A kit that uses fake font files. A hyper-realistic campaign that could likely fool even the pros. We look at these noteworthy phishing attempts and more to show how far phishers have evolved, and remind users to remain vigilant against this threat.

Categories:

Tags:

(Read more…)

The post Sophisticated phishing: a roundup of noteworthy campaigns appeared first on Malwarebytes Labs.

Read more

Connecting to peace of mind: residential EV charging

Credit to Author: Manish Pant| Date: Tue, 19 Feb 2019 20:04:43 +0000

Things are revving up for the electric vehicle industry with the help EV charging. According to Inside EVs, sales of new electric cars worldwide surpassed two million units for the… Read more »

The post Connecting to peace of mind: residential EV charging appeared first on Schneider Electric Blog.

Read more

Good bots, bad bots: friend or foe?

Credit to Author: Christopher Boyd| Date: Wed, 20 Feb 2019 16:00:00 +0000

Bots are an endless source of debate online, but all we ever hear about are the bad ones. In this post, we look at some examples you’ve probably already run into, and explain why one person’s good bot is another organization’s bad one.

Categories:

Tags:

(Read more…)

The post Good bots, bad bots: friend or foe? appeared first on Malwarebytes Labs.

Read more

A Game of Risk with Broadcasters, Cyber Felons and Dragons

Credit to Author: Trend Micro| Date: Wed, 20 Feb 2019 15:21:50 +0000

Submitted by Steve Ng, Lead, Digital Platform Operations, Mediacorp Where there’s money, there has always been crime. But what if money came in the form of intangible digital assets and crime in the form of cyber adversaries? In fantasy role-playing game Dungeons & Dragons, dragons are intelligent, mythical foes defined by their fiery prowess – boasting…

The post A Game of Risk with Broadcasters, Cyber Felons and Dragons appeared first on .

Read more

Microsoft delays Windows 7's update-signing deadline to July

Credit to Author: Gregg Keizer| Date: Tue, 19 Feb 2019 13:03:00 -0800

Microsoft has revised its schedule to dump support for an outdated cryptographic hash standard by postponing the deadline for Windows 7.

Microsoft, like other software vendors, digitally “signs” updates before they are distributed via the Internet. SHA-1 (Secure Hash Algorithm 1), which debuted in 1995, was declared insecure a decade later, but it was retained for backward-compatibility reasons, primarily for Windows 7. Microsoft wants to ditch SHA-1 and rely only on the more-secure SHA-2 (Secure Hash Algorithm 2).

Late last year, Microsoft said that it would update Windows 7 and Windows Server 2008 R2 SP1 (Service Pack 1) this month with support for SHA-2. Systems running those operating systems would not receive the usual monthly security updates after April’s collection, slated for release April 9, Microsoft promised at the time.

To read this article in full, please click here

Read more

On a meaningful mission in Cambodia

Credit to Author: Employee Voices| Date: Tue, 19 Feb 2019 14:00:51 +0000

Joan is Global VP for Executive Recruitment at Schneider Electric, partnering with business and HR leaders to deliver end to end exec recruiting talent solutions. In below blog article she… Read more »

The post On a meaningful mission in Cambodia appeared first on Schneider Electric Blog.

Read more

Sophos CTO Joe Levy elected onto Cyber Threat Alliance Board of Directors

Credit to Author: Editor| Date: Tue, 19 Feb 2019 16:24:54 +0000

We&#8217;re really pleased to announce that our CTO Joe Levy has been elected onto the Cyber Threat Alliance (CTA) Board of Directors. We caught up with Joe to discuss what the CTA does, and what the appointment means to him and Sophos. Congratulations, Joe! First of all, can you talk us through what the CTA [&#8230;]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/zhk9LrBmGQg” height=”1″ width=”1″ alt=””/>

Read more