Big browsers to pull support plug for TLS 1.0 and 1.1 encryption protocols in early '20

Credit to Author: Gregg Keizer| Date: Tue, 16 Oct 2018 04:06:00 -0700

The makers of the four biggest browsers all said Monday that their applications will drop support for the TLS (Transport Layer Security) 1.0 and 1.1 encryption protocols in early 2020.

“In March of 2020, Firefox will disable support for TLS 1.0 and TLS 1.1,” wrote Martin Thomson, principal engineer at Mozilla, in a post to a company blog.

Other browser developers, including Apple (Safari), Google (Chrome) and Microsoft (Edge and Internet Explorer) issued similar notices. All pegged early 2020 as the target for disabling support.

To read this article in full, please click here

Read more

Stats make iOS a hard OS to ignore

Credit to Author: Evan Schuman| Date: Tue, 16 Oct 2018 03:00:00 -0700

The latest version of Apple’s mobile operating system — iOS 12 — was released just a few weeks ago, and yet it’s already installed on 53% of relatively newer iPhones (introduced since September 2014) and 50% of all iPhones. Bottom line: It’s the fastest acceptance of any Apple OS.

This is more than a minimally interesting statistic. It illustrates the key difference between Apple mobile devices and Android mobile devices: Although there are more Android users on the globe, Apple’s users are much more of a community. That means many things from an Apple marketing perspective, but for IT, it means far greater security.

To read this article in full, please click here

Read more

Economist Nouriel Roubini: Blockchain and bitcoin are the world’s biggest scams

Credit to Author: Lucas Mearian| Date: Mon, 15 Oct 2018 13:52:00 -0700

New York University professor and global economist Nouriel Roubini testified before the U.S. Senate Committee on Banking last week, saying cryptocurrencies such as bitcoin are the mother of all scams and bubbles.

He followed that assertion up by calling blockchain, the technology unpinning bitcoin, “the most over-hyped — and least useful — technology in human history.”

Today, Roubini doubled down on his claims in a column published on in which he said blockchain has promised to cure the world’s ills through decentralization but is “just a ruse to separate retail investors from their hard-earned real money.”

To read this article in full, please click here

Read more

SSD Advisory – Firefox JavaScript Type Confusion RCE

Credit to Author: SSD / Ori Nimron| Date: Sun, 14 Oct 2018 12:00:10 +0000

Vulnerabilities Summary A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write, which leads to remote code execution inside the sandboxed content process when triggered. Vendor Response The reported security vulnerability was fixed in Firefox 62.0.3 and Firefox ESR 60.2.2. CVE CVE-2018-12386 Credit Independent security researchers, … Continue reading SSD Advisory – Firefox JavaScript Type Confusion RCE

Read more

Supply Chain Security 101: An Expert’s View

Credit to Author: BrianKrebs| Date: Sat, 13 Oct 2018 01:03:12 +0000

Earlier this month I spoke at a cybersecurity conference in Albany, N.Y. alongside Tony Sager, senior vice president and chief evangelist at the Center for Internet Security and a former bug hunter at the U.S. National Security Agency. We  talked at length about many issues, including supply chain security, and I asked Sager whether he’d heard anything about rumors that Supermicro — a high tech firm in San Jose, Calif. — had allegedly inserted hardware backdoors in technology sold to a number of American companies.

Read more

Mingis on Tech: Data breaches and the rise of 'surveillance capitalism'

Credit to Author: Ken Mingis| Date: Thu, 11 Oct 2018 03:00:00 -0700

Read more

Patch Tuesday, October 2018 Edition

Credit to Author: BrianKrebs| Date: Thu, 11 Oct 2018 07:34:56 +0000

Microsoft this week released software updates to fix roughly 50 security problems with various versions of its Windows operating system and related software, including one flaw that is already being exploited and another for which exploit code is publicly available.

Read more

Why Apple must be looking into using blockchain

Credit to Author: Jonny Evans| Date: Wed, 10 Oct 2018 08:23:00 -0700

Everyone who can is looking into using Blockchain and Apple is no exception, though it will be a long time before we see any consumer-facing implementations of this.

Apple looks at lots of technologies

If it’s on the Gartner Hype Cycle you can bet a few bucks Apple is looking at it.

That’s why I think it will eventually introduce a 3D printer that works in conjunction with ARKit (unverified prediction), and also why it must be thinking about how to use blockchain.

To read this article in full, please click here

Read more

What the heck is it with Windows updates?

Credit to Author: Steven J. Vaughan-Nichols| Date: Wed, 10 Oct 2018 03:00:00 -0700

To help make life better for you, my loyal readers, I suffer by running Windows 7 and 10 on two harmless — never hurt anyone in their lives — PCs. Well, I did. But, in the last week I ran into not one, but two, showstopper update bugs.

First, on Windows 10, I was one of those “lucky” people who had files vaporize when I “updated” to Windows 10 October 2018 Update (version 1809). Because I only use Windows for trivial tasks, I didn’t lose anything valuable when the patch decided to erase everything in the My Documents folder.

Somehow, I think most Windows users use Windows for more important work than I do. I hope you have current backups. At least Computerworld’s Woody Leonhard has some good news: You can get those deleted files back.

To read this article in full, please click here

Read more