DDoS-Guard To Forfeit Internet Space Occupied by Parler

Credit to Author: BrianKrebs| Date: Thu, 21 Jan 2021 15:48:01 +0000

Parler, the beleaguered social network advertised as a “free speech” alternative to Facebook and Twitter, has had a tough month. Apple and Google removed the Parler app from its stores, and Amazon blocked the platform from using its hosting services. Parler has since found a home in DDoS-Guard, a Russian digital infrastructure company. But now it appears DDoS-Guard is about to be relieved of more than two-thirds of the Internet address space the company leases to clients — including the Internet addresses currently occupied by Parler.

Read more

The work-from-home employee’s bill of rights

Credit to Author: Galen Gruman| Date: Thu, 21 Jan 2021 03:00:00 -0800

Remote work became the new normal quickly as COVID-19 pandemic lockdowns came into force in spring 2020, and it’s clear that after the pandemic recedes, remote work will remain the norm for many employees — as much as half the deskbound “white collar” workforce, various research firms estimate. As a result of the sudden lockdowns, many employees had to create makeshift workspaces, buy or repurpose personal equipment, and figure out how to use new software and services to be able to keep doing their jobs.

Users and IT departments alike made Herculean efforts to adapt quickly and ensure business continuity, and the result was an improvement in productivity despite the pandemic. But now the pandemic has become a longer-term phenomenon, and remote work will become more commonplace, even desirable as a way to save on office expenses and commute time, even after the pandemic subsides.

To read this article in full, please click here

Read more

New Charges Derail COVID Release for Hacker Who Aided ISIS

Credit to Author: BrianKrebs| Date: Tue, 19 Jan 2021 18:39:30 +0000

A hacker serving a 20-year sentence for stealing personal data on 1,300 U.S. military and government employees and giving it to an Islamic State hacker group in 2015 has been charged once again with fraud and identity theft. The new charges have derailed plans to deport him under compassionate release because of the COVID-19 pandemic.

Read more

Chrome vs. Edge vs. Firefox: Which is the best browser for business?

Credit to Author: Preston Gralla| Date: Tue, 19 Jan 2021 03:00:00 -0800

What’s the most important piece of productivity software in the business world? Some might say the office suite. But if you look at the time spent actually using software, the answer may well be the web browser. It’s where people do most of their fact-finding and research.

Edge

To read this article in full, please click here

(Insider Story)

Read more

Joker’s Stash Carding Market to Call it Quits

Credit to Author: BrianKrebs| Date: Mon, 18 Jan 2021 19:50:01 +0000

Joker’s Stash, by some accounts the largest underground shop for selling stolen credit card and identity data, says it’s closing up shop effective mid-February 2021. The announcement came on the heels of a turbulent year for the major cybercrime store, and just weeks after U.S. and European authorities seized a number of its servers.

Read more

For Microsoft’s January patches, no all-clear (yet)

Credit to Author: Susan Bradley| Date: Mon, 18 Jan 2021 05:11:00 -0800

I’m not ready to give an all-clear to the security patches released Jan. 12, and I want to warn you about one specific update that is affecting HyperV servers and some consumer level workstations.  

KB4535680, also known as Security update for Secure Boot DBX: January 12, 2021, makes improvements to Secure Boot DBX for a number of supported Windows versions. These include Windows Server 2012 x64-bit; Windows Server 2012 R2 x64-bit; Windows 8.1 x64-bit; Windows Server 2016 x64-bit; Windows Server 2019 x64-bit; Windows 10, version 1607 x64-bit; Windows 10; version 1803 x64-bit; Windows 10, version 1809 x64-bit; and Windows 10, version 1909 x64-bit. Key changes affect “Windows devices that [have] Unified Extensible Firmware Interface (UEFI) based firmware that can run with Secure Boot enabled.” The Secure Boot Forbidden Signature Database (DBX) prevents malicious UEFI modules from loading; this update adds additional modules to block malicious attackers who could successfully exploit the vulnerability, bypass secure boot, and load untrusted software.

To read this article in full, please click here

Read more

Easing into the new year with a modest January Patch Tuesday

Credit to Author: Greg Lambert| Date: Fri, 15 Jan 2021 12:47:00 -0800

Microsoft rolled into 2021 with a fairly benign update cycle for Windows and Microsoft Office systems, delivering 83 updates for January.

Yes, there is an update to Windows defender (CVE-2021-1647) that has been reported as exploited. Yes, there has been a publicly disclosed issue (CVE-2021-1648) in the Windows printing subsystem. But there are no Zero-days and no “Patch Now” recommendations for this month. There are, however, a large number of feature and functionality groups “touched” by these updates; we recommend a comprehensive test of printing and key graphics areas before general Windows update deployment.

To read this article in full, please click here

Read more

Apple makes welcome change to 'Big Sur' security for Macs

Credit to Author: Jonny Evans| Date: Thu, 14 Jan 2021 07:41:00 -0800

When Apple shipped macOS Big Sur in November, researchers quickly spotted a strange anomaly in the system’s security protection that could have left Macs insecure. Apple now seems to be dealing with this problem, introducing a fix in the latest public beta release.

What was wrong?

For some strange reason, Big Sur introduced a controversial and potentially insecure change that meant Apple’s own apps could still access the internet even when a user blocked all access from that Mac using a firewall. This wasn’t in tune with Apple’s traditional security stance. What made this worse is that when those apps (and there were 56 in all) did access the ‘Net, user and network traffic monitoring applications were unable to monitor this use.

To read this article in full, please click here

Read more