8 reasons why you should strengthen your iOS passcode today

Credit to Author: Jonny Evans| Date: Fri, 23 Jun 2017 06:57:00 -0700

Every enterprise IT manager knows the ghastly truth: the biggest security weaknesses in any system are the humans using it. So, if you are one of the nearly one-in-ten iOS users (or even the one-in-three Android users) who don’t use a passcode, if you happen to be one of the many who use the same passcode for everything, or even one of the 15 percent of users who still insist on using any of these ten passcodes, then this article is for you. It’s time to toughen up. Here’s why:

To read this article in full or to leave a comment, please click here

Read more

How IT should prep for Apple's public OS betas

Credit to Author: Ryan Faas| Date: Thu, 22 Jun 2017 09:22:00 -0700

As has become Apple’s standard practice in recent years, the company will soon roll out public betas of iOS 11 and macOS High Sierra. Both are expected to arrive by the end of June.

Public betas can be useful for Apple and other tech companies. They accelerate feedback and can ensure that bugs — including ones that internal testing might not spot — get fixed before the final version of an operating system ships. And because public betas are exciting for early adopters who want to play with new features of an upcoming upgrade before everyone else, they tend to generate useful buzz.

To read this article in full or to leave a comment, please click here

Read more

Not the disaster recovery we were expecting

Credit to Author: Sharky| Date: Thu, 22 Jun 2017 03:00:00 -0700

IT pilot fish working for a city government keeps getting complaints from people in the Public Works department that something’s seriously wrong with their documents.

“The Public Works director, his assistant and another part-time employee told me that every time they make changes to a document, they have to keep re-saving their work,” says fish. “They also have to combine all of their work into yet another saved and current complete document.

“I asked the Public Works director to start at the beginning. Are you sharing this file off the server? ‘Yes,’ came his curt and snarky reply.

“OK, which file or folder is your document in? ‘It’s right here.’

To read this article in full or to leave a comment, please click here

Read more

Q&A: AppDynamics CIO sees SaaS as the future of mobile management

Credit to Author: Lucas Mearian| Date: Wed, 21 Jun 2017 03:11:00 -0700

Application performance management (APM) software provider AppDynamics knows the value of a good SaaS platform, both in terms of offering workers the tools they need while keeping control over access to corporate apps and data.

To read this article in full or to leave a comment, please click here

(Insider Story)

Read more

Free and cheap ways to learn about IT security

Credit to Author: Eric Geier| Date: Fri, 02 Jun 2017 03:00:00 -0700

Whether you’re an IT student or have been in the field for many years, the learning never stops, especially in regards to security. Hackers are discovering vulnerabilities in our software and systems 24/7. They’ll always find new ways to steal data, infect computers and wreak havoc in the digital world.

To read this article in full or to leave a comment, please click here

(Insider Story)

Read more

2 handy yet hidden Chromebook security features

Credit to Author: JR Raphael| Date: Tue, 20 Jun 2017 09:04:00 -0700

Google’s Chrome OS is far more powerful and versatile than most folks realize — and one of the platform’s greatest strengths over traditional desktop OSes is its deceptively simple approach to security.

Chromebooks, you see, make security almost entirely automatic and thought-free from a user’s perspective. The devices receive regular behind-the-scenes updates with no action required on your behalf; they utilize sandboxing to keep every page and application in its own isolated environment; and their software relies on a special hardware-connected setup that ensures every computer is always running tamper-free and official Google software every time it powers up.

To read this article in full or to leave a comment, please click here

Read more

The Microsoft security hole at the heart of Russian election hacking

Credit to Author: Preston Gralla| Date: Tue, 20 Jun 2017 08:29:00 -0700

Russian hacking of the 2016 election went deeper than breaking into the Democratic National Committee and the Clinton campaign — the Russians also hacked their way into getting information about election-related hardware and software shortly before voting began.

The Intercept published a top-secret National Security Agency document that shows exactly how the Russians did their dirty work in targeting election hardware and software. At the heart of the hack is a giant Microsoft security hole that has been around since before 2000 and still hasn’t been closed. And likely never will.

To read this article in full or to leave a comment, please click here

Read more

The price of security is eternal phone calls

Credit to Author: Sharky| Date: Fri, 16 Jun 2017 03:00:00 -0700

This city government is going through an extended validation process with one of its IT security providers, according to a pilot fish in the loop.

“I got an email that said to call them, since they couldn’t reach me at the number they had,” fish says. “That’s no surprise, because the number isn’t mine — it’s our Human Resources main line.

“I’ve told them in the past to call me at my actual number for this, but they always insist that they need a ‘published’ number.”

After yet another round of this for the new security certification, fish calls customer support for the security outfit and suggests they replace the HR number with the number for the city’s IT department. That’s on the city’s official website, so it should qualify as “published.”

To read this article in full or to leave a comment, please click here

Read more

Rogue cell phone surveillance gives rise to mobile threat defense

Credit to Author: Lucas Mearian| Date: Thu, 15 Jun 2017 03:01:00 -0700

Researchers have created a device using off-the-shelf components that can sniff out controversial cell phone surveillance devices, known as IMSI-catchers or StingRays, used by federal and state law enforcement as well as hackers.

The International Mobile Subscriber Identity-catchers have not only been used to locate mobile devices but also to sometimes eavesdrop on users, send spam or upload malware, according to University of Washington (UW) security researchers.

“The threats remain the same when looking at enterprises: tracking and, under certain circumstances, eavesdropping are possible through this attack,” said Dionisio Zumerle, a Gartner research director for Mobile Security. “The attack requires technical expertise and equipment that was once hard to find; today it is easier and that is the main source of concern.”

To read this article in full or to leave a comment, please click here

Read more

Microsoft resurrects Windows XP patches for second month straight

Credit to Author: Gregg Keizer| Date: Tue, 13 Jun 2017 15:22:00 -0700

Microsoft today followed May’s unprecedented release of security updates for expired operating systems, including Windows XP, by issuing another dozen patches for the aged OS.

The Redmond, Wash. company cited fears of possible attacks by “nation-states,” a label for government-sponsored hackers or foreign intelligence services, for the updates’ release. “In reviewing the updates for this month, some vulnerabilities were identified that pose elevated risk of cyberattacks by government organizations, sometimes referred to as nation-state actors, or other copycat organizations,” said Adrianne Hall, general manager, issues and crisis management, for Microsoft.

To read this article in full or to leave a comment, please click here

Read more

What Microsoft owes customers, and answers to other 'WannaCry' questions

Credit to Author: Gregg Keizer| Date: Mon, 12 Jun 2017 12:57:00 -0700

A month ago, Microsoft took the unprecedented step of issuing security patches for Windows XP, an edition supposedly interred in Support Cemetery more than three years ago.

The decision to help aged personal computers running Windows XP — as well as also-retired Windows 8 and Windows Server 2003 — was intended to slow the spread of the “WannaCry” ransomware, which encrypted files on hundreds of thousands of PCs worldwide. The cyber criminals than tried to extort payments from the machines’ owners in return for unlocking the files.

To read this article in full or to leave a comment, please click here

Read more