RSS Reader for Computer Security Articles
We hear the terms "deep web" and "dark web" thrown around a lot… but what do they actually mean? And what's the difference between the two? CSO Online writer J.M. Porup joins Juliet to dispel rumors and discuss what sets the deep web and dark web apart from the rest of the web.
Credit to Author: Woody Leonhard| Date: Wed, 12 Feb 2020 09:40:00 -0800
What a month it’s been – and the Patch Tuesday patches have only been out for 24 hours. There are many February patching foibles to report.
Every version of Windows 10, stretching back to the beginning of time (except for the long-neglected version 1511) got patches this month.
There was no free Windows 7 update this month, even though Microsoft released a Monthly Rollup Preview in January. Anyone concerned about the well-documented “Stretch” black wallpaper bug caused by last month’s Win7 Monthly Rollup apparently can pound sand – or manually download and install the fix. Your choice.
Credit to Author: Woody Leonhard| Date: Wed, 12 Feb 2020 05:43:00 -0800
I’m hearing lots of complaints from people who spent good money to get Win7 Extended Security Updates, but don’t see this month’s patches. There’s a reason why. Microsoft didn’t bother to tell us that you need a new patch, released yesterday, in order to start receiving Win7 ESU updates. You have to download the new patch, KB 4538483, from the Microsoft Catalog, and install it manually before the updates even appear.
Folks who spent money to get the February and later patches are livid.
Yesterday, after releasing the February updates, Microsoft modified its ESU Procedure page to add this step:
Knowing where to look for malware lurking on your network gives you a better chance to prevent damage from it.
Credit to Author: Woody Leonhard| Date: Mon, 10 Feb 2020 12:13:00 -0800
Remember the frenzy after last month’s Patch Tuesday? How everybody and his twice-removed cousin — even the N forkin’ SA — told you to get patched immediately because of this big, spooky Crypto API security hole that was supposed to bring down Windows As We Know It, like, right now?
Guess what. It never materialized.
Credit to Author: Lucas Mearian| Date: Tue, 11 Feb 2020 03:00:00 -0800
The Federal Reserve is investigating the potential of a central bank digital currency (CBDC) as the backbone for a new, secure real-time payments and settlements system.
The move toward a form of government-backed digital currency is being driven by Fintech firms and a banking industry already piloting or planning to pilot cash-backed digital tokens, according to Lael Brainard, a member of the U.S. Federal Reserve’s Board of Governors.
“Today, it can take a few days to get access to your funds. A real-time retail payments infrastructure would ensure the funds are available immediately – to pay utility bills or split the rent with roommates, or for small business owners to pay their suppliers,” said Brainard, who serves as chair of the committees overseeing Financial Stability and Payments, Clearing and Settlements.
Credit to Author: Woody Leonhard| Date: Mon, 10 Feb 2020 12:13:00 -0800
Remember the frenzy after last month’s Patch Tuesday? How everybody and his twice-removed cousin — even the N forkin’ SA — told you to get patched immediately because of this big, spooky Crypto API security hole that was supposed to bring down Windows As We Know It, like, right now?
Guess what. It never materialized.
Credit to Author: Lucas Mearian| Date: Mon, 10 Feb 2020 03:00:00 -0800
The days of enterprise security being a separate entity from mobile and desktop endpoint management are coming to an end, which should delight infrastructure and security teams who’ll eventually have more powerful machine learning-enabled tools at their disposal — and a single console through which to control them.
Security around mobile and desktop infrastructures has traditionally depended on what’s being managed; you purchase one for mobile devices and another for the rest of your endpoints, whether laptop or desktop.
While security threats are growing, particularly phishing attacks via email, SMS or hyperlinks, the amount of money companies spend on mobile security appears to be shrinking. And yet, the percentage of organizations that admit to having suffered a mobile compromise grew in 2019, according to a Verizon survey.