Big Win10 1709 patch reinforces twice-a-month patching pace but, oddly, nothing new for 1803

Credit to Author: Woody Leonhard| Date: Fri, 22 Jun 2018 05:36:00 -0700

Microsoft’s Windows 10 patching pace is so fast at this point that one Patch Tuesday doesn’t cover all the bases. Instead, we’re seeing one massive Cumulative Update on Patch Tuesday, and a second — typically large — grab bag of patches later in the month.

You have to wonder what’s happening, though, when Microsoft can deliver its second bundle of patches for 1709, 1703 and 1607 before the second patch for the latest version, 1803, sees light of day.

The Win10 patches

KB 4284822 for Win10 1709

To read this article in full, please click here

Read more

Apple pushes privacy theme in Safari for iOS 12, 'Mojave'

Credit to Author: Gregg Keizer| Date: Fri, 22 Jun 2018 03:23:00 -0700

Apple upgrades its Safari browser on macOS and iOS just once a year, making the refresh more strategic than most of its rivals, notably Google, which last year had eight separate opportunities to add features or functionality to Chrome.

The next Safari, which will be bundled with macOS 10.14 ‘Mojave’ and iOS 12, and offered as a separate download for those who stick with macOS High Sierra (10.13) and Sierra (10.12), thus must make its enhancements count.

On the security and privacy side, Safari tries its hardest to build a case. Here are the important ways Apple’s browser – which shed user share on both the desktop and on mobile over the past year – has staked its reputation for the next 12 months.

To read this article in full, please click here

Read more

Throwback Thursday: Get the picture?

Credit to Author: Sharky| Date: Thu, 21 Jun 2018 03:00:00 -0700

IT director pilot fish at a daily newspaper is reworking the company’s entire network. Why? “There is no security,” sighs fish. “None, with about 90 users in a peer-to-peer Mac and PC environment.”

One night he gets a call from an editor: One of the applications isn’t working. It’s the one that lets a reporter find a photo on a wire service’s website and save it to a folder. The app then moves the folder to a holding folder on another machine, where yet another machine can grab it and put it into the newspaper’s production process.

It takes a couple hours of troubleshooting, but fish tracks down the problem. That holding folder? The one that’s actually named “Do not touch, do not delete”?

To read this article in full, please click here

Read more

Apple wins praise for adding 'USB Restricted Mode' to secure iPhones

Credit to Author: Lucas Mearian| Date: Thu, 14 Jun 2018 12:43:00 -0700

Apple confirmed today it will close a security hole that has allowed law enforcement officials, working with forensic companies, to break into iPhones to retrieve data related to criminal investigations.

In the upcoming release of iOS 12, Apple will change default settings on iPhones to shutter access to the USB port when the phone has not been unlocked for one hour. In its beta release of iOS 11.3, Apple introduced the feature – known as USB Restricted Mode – but cut it from iOS 11.3 before that version was released publicly.

To read this article in full, please click here

Read more

Which Android phones get regular security updates? Here's a hint

Credit to Author: JR Raphael| Date: Thu, 14 Jun 2018 08:48:00 -0700

Read more

Is your company part of the GDPR 'mobile loophole'?

Credit to Author: Jack Gold| Date: Thu, 14 Jun 2018 08:13:00 -0700

Mobile tech, and especially mobile brought into companies through BYOD, has unique challenges for companies that need to comply with General Data Protection Regulations (GDPR) — and that’s virtually all companies, not just the ones in Europe. The regulations compel companies to manage personal data and protect privacy, and they provide individuals to have a say in what and how data about them is used.

GDPR has several disclosure and control requirements, such as providing notice of any personally identifiable data collection, notifying of any data breaches, obtaining consent of any person for whom data is being collected, recording what and how data is being used, and providing a right for people whose data is being collected to see, modify, and/or delete any information about them from corporate systems.

To read this article in full, please click here

Read more

Apple bans cryptocurrency mining apps on iOS to protect mobile users

Credit to Author: Lucas Mearian| Date: Tue, 12 Jun 2018 12:36:00 -0700

Using an iPad or iPhone to mine bitcoin or other cryptocurrencies would be hard to do, as the CPU power available to complete the task would be a drop in the bucket compared to what’s needed.

But using a portion of the CPU power from thousands of iPads or iPhones to mine cryptocurrency makes more sense – and that’s exactly what some malware has been doing.

Apple is now moving to stop the practice.

[ Further reading: The way blockchain-based cryptocurrencies are governed could soon change ]

To read this article in full, please click here

Read more

Make sure Windows auto update is temporarily turned off, and watch out for SMBv1 fixes

Credit to Author: Woody Leonhard| Date: Mon, 11 Jun 2018 13:12:00 -0700

In May, we saw a host of bugs introduced by the Patch Tuesday “security” patches. By the end of the month, patches for those patches killed almost all of the bugs – even the inability of Win10 version 1803 to run on certain kinds of solid-state drives, including the one in some Surface Pros.

We also saw Microsoft push Win10 version 1803 onto machines that were specifically set to avoid it. I haven’t seen any official response to Microsoft’s inquiry into the reports, but we now have a sighting of a Win7 machine being pushed onto Win10, in spite of its settings.

To read this article in full, please click here

Read more

Apple's Health Record API released to third-party developers; is it safe?

Credit to Author: Lucas Mearian| Date: Thu, 07 Jun 2018 03:11:00 -0700

Apple at its Worldwide Developers Conference this week released an API that allows  developers and researchers to create applications that connect to Health Records, a feature released with iOS 11.3 that allows patients to port their electronic health info to mobile devices and share data between care providers.

While the move promises to streamline the sharing of healthcare data, it also could open the door to that highly sensitive data falling into the wrong hands.

To read this article in full, please click here

Read more