ComputerWorld – Page 31 – Computer Security Articles

Credit to Author: Susan Bradley| Date: Tue, 06 Sep 2022 04:08:00 -0700

Every month, Windows users and administrators receive updates from Microsoft on Patch Tuesday (or Wednesday, depending on where you’re located). And each month, most users all apply the same updates.

But should we?

Case in point: KB5012170, a patch released on Aug. 9 that either causes no issues — or triggers Bitlocker recover key requests or won’t install at all, demanding that you go find a firmware update. This patch, called the Security update for Secure Boot DBX, applies to nearly all supported Windows releases. Specifically, it affects Windows Server 2012; Windows 8.1 and Windows Server 2012 R2; Windows 10, version 1507; Windows 10, version 1607 and Windows Server 2016; Windows 10, version 1809 and Windows Server 2019; Windows 10, versions 20H2, 21H1, and 21H2; Windows Server 2022; Windows 11, version 21H2 (original release), and Azure Stack HCI, version 1809, all the way to Azure Stack Data Box, version 1809 (ASDB).

To read this article in full, please click here

ComputerWorld Independent

September 2, 2022 admin

Apple wasn’t fooling when it said it wanted to make Macs more secure

Credit to Author: Jonny Evans| Date: Fri, 02 Sep 2022 04:55:00 -0700

When Craig Federighi, Apple’s senior vice president of software engineering last year said, “We have a level of malware on the Mac that we don’t find acceptable,” he apparently really meant it. And Apple seems to be doing about something about it.

Apple is giant taking steps to secure the Mac

Federighi characterized Apple as being in an enduring battle against malware on the Mac. He also explained that between May 2020 and May 2021 the company identified 130 types of Mac malware that infected 300,000 systems.

Given the Mac’s reputation for security, that may seem counter intuitive, but maintaining a secure platform requires constant watchfulness.

To read this article in full, please click here

ComputerWorld Independent

September 1, 2022 admin

Apple pushes out emergency updates to address zero-day exploits

Credit to Author: Lucas Mearian| Date: Thu, 01 Sep 2022 16:46:00 -0700

Apple this week released urgent security updates to address zero-day vulnerabilities on older model iPhones, iPads, and iPods.

The patches, pushed out on Wednesday, address an out-of-bounds write issue that could be exploited by an attacker enabling them to take control of the affected device. The US Cybersecurity and Infrastructure Agency (CISA) today encouraged users and IT admins to review Apple’s advisory HT213428 and apply the necessary updates.

To read this article in full, please click here

ComputerWorld Independent

August 29, 2022 admin

Facebook agrees to settle class action lawsuit related to Cambridge Analytica data breach

Credit to Author: Varun Aggarwal| Date: Mon, 29 Aug 2022 04:19:00 -0700

The four-year-old lawsuit claimed Facebook allowed the British political consulting firm access to private data of over 80 million users.

ComputerWorld Independent

August 26, 2022 admin

What is Managed Device Attestation on Apple platforms?

Credit to Author: Jonny Evans| Date: Fri, 26 Aug 2022 09:43:00 -0700

Announced at WWDC 2022, Managed Device Attestation protection shows that Apple is adjusting device security protections to adapt to an increasingly distributed age.

Secure the endpoints, not the end times

This adjustment reflects a reality shift. Work doesn’t happen on specific servers or behind defined firewalls today. VPN access can differ across teams. And yet, in a workplace defined by multiple remote devices (endpoints), the security threat is greater than ever.

Managed Device Attestation works to create a second boundary of trust around which device management solutions can work to protect against attack.

To read this article in full, please click here

ComputerWorld Independent

August 26, 2022 admin

Planned ‘fixes’ for credit-card interchange fees will actually make fraud easier

Credit to Author: Evan Schuman| Date: Fri, 26 Aug 2022 03:00:00 -0700

I love it when organizations try and do something good, but don’t think things through and end up delivering unintended negative consequences.

Today’s case in point: the US Senate and the Federal Reserve, both of whom are looking to reduce high interchange costs, but are unintentionally increasing costs for merchants and sharply boosting the undiscovered fraud rate. Not bad for government work.

Let’s start with the Senate, where Sens. Dick Durbin (D-IL) and Roger Marshall (R-KS) have crafted The Credit Card Competition Act of 2022. Its stated goal: reduce the interchange fee that financial institutions and card brands (Visa, MasterCard, Amex, etc.) charge retailers.

To read this article in full, please click here

ComputerWorld Independent

August 15, 2022 admin

What is USB Restricted Mode in macOS Ventura, and why do you want it?

Credit to Author: Jonny Evans| Date: Mon, 15 Aug 2022 06:35:00 -0700

Once upon a time, one attack vector for industrial sabotage consisted of exfiltrating data from Macs using a standard-issue USB storage card. Researchers have also shown that it’s possible to hijack computers with malware-infested cables. It’s a jungle out there, so Apple has toughened up (Apple Silicon) Mac protection with USB Restricted Mode.

What is USB Restricted Mode?

Beginning with macOS Ventura, the new layer of protection comes in the form of USB Restricted mode, which should provide a little reassurance to enterprise IT and is enabled by default.

To read this article in full, please click here

ComputerWorld Independent

August 15, 2022 admin

Q&A: How employee monitoring can sometimes do more harm than good

Credit to Author: Matthew Finnegan| Date: Mon, 15 Aug 2022 03:00:00 -0700

Digital surveillance in the workplace became a growing concern for many workers during the COVID-19 pandemic, with a reported increase in use of productivity monitoring tools to track staffers working from home or “gig workers” subject to location and productivity monitoring throughout their day.

To read this article in full, please click here