Apple wins praise for adding 'USB Restricted Mode' to secure iPhones

Credit to Author: Lucas Mearian| Date: Thu, 14 Jun 2018 12:43:00 -0700

Apple confirmed today it will close a security hole that has allowed law enforcement officials, working with forensic companies, to break into iPhones to retrieve data related to criminal investigations.

In the upcoming release of iOS 12, Apple will change default settings on iPhones to shutter access to the USB port when the phone has not been unlocked for one hour. In its beta release of iOS 11.3, Apple introduced the feature – known as USB Restricted Mode – but cut it from iOS 11.3 before that version was released publicly.

To read this article in full, please click here

Read more

Which Android phones get regular security updates? Here's a hint

Credit to Author: JR Raphael| Date: Thu, 14 Jun 2018 08:48:00 -0700

Read more

Is your company part of the GDPR 'mobile loophole'?

Credit to Author: Jack Gold| Date: Thu, 14 Jun 2018 08:13:00 -0700

Mobile tech, and especially mobile brought into companies through BYOD, has unique challenges for companies that need to comply with General Data Protection Regulations (GDPR) — and that’s virtually all companies, not just the ones in Europe. The regulations compel companies to manage personal data and protect privacy, and they provide individuals to have a say in what and how data about them is used.

GDPR has several disclosure and control requirements, such as providing notice of any personally identifiable data collection, notifying of any data breaches, obtaining consent of any person for whom data is being collected, recording what and how data is being used, and providing a right for people whose data is being collected to see, modify, and/or delete any information about them from corporate systems.

To read this article in full, please click here

Read more

Librarian Sues Equifax Over 2017 Data Breach, Wins $600

Credit to Author: BrianKrebs| Date: Wed, 13 Jun 2018 20:14:40 +0000

In the days following revelations last September that big-three consumer credit bureau Equifax had been hacked and relieved of personal data on nearly 150 million people, many Americans no doubt felt resigned and powerless to control their information. But not Jessamyn West. The 49-year-old librarian from a tiny town in Vermont took Equifax to court. And now she’s celebrating a small but symbolic victory after a small claims court awarded her $600 in damages stemming from the 2017 breach.

Read more

Microsoft Patch Tuesday, June 2018 Edition

Credit to Author: BrianKrebs| Date: Tue, 12 Jun 2018 21:04:05 +0000

Microsoft today pushed out a bevy of software updates to fix more than four dozen security holes in Windows and related software. Almost a quarter of the vulnerabilities addressed in this month’s patch batch earned Microsoft’s “critical” rating, meaning malware or miscreants can exploit the flaws to break into vulnerable systems without any help from users.

Read more

Apple bans cryptocurrency mining apps on iOS to protect mobile users

Credit to Author: Lucas Mearian| Date: Tue, 12 Jun 2018 12:36:00 -0700

Using an iPad or iPhone to mine bitcoin or other cryptocurrencies would be hard to do, as the CPU power available to complete the task would be a drop in the bucket compared to what’s needed.

But using a portion of the CPU power from thousands of iPads or iPhones to mine cryptocurrency makes more sense – and that’s exactly what some malware has been doing.

Apple is now moving to stop the practice.

[ Further reading: The way blockchain-based cryptocurrencies are governed could soon change ]

To read this article in full, please click here

Read more

Make sure Windows auto update is temporarily turned off, and watch out for SMBv1 fixes

Credit to Author: Woody Leonhard| Date: Mon, 11 Jun 2018 13:12:00 -0700

In May, we saw a host of bugs introduced by the Patch Tuesday “security” patches. By the end of the month, patches for those patches killed almost all of the bugs – even the inability of Win10 version 1803 to run on certain kinds of solid-state drives, including the one in some Surface Pros.

We also saw Microsoft push Win10 version 1803 onto machines that were specifically set to avoid it. I haven’t seen any official response to Microsoft’s inquiry into the reports, but we now have a sighting of a Win7 machine being pushed onto Win10, in spite of its settings.

To read this article in full, please click here

Read more

Bad .Men at .Work. Please Don’t .Click

Credit to Author: BrianKrebs| Date: Mon, 11 Jun 2018 14:42:39 +0000

Web site names ending in new top-level domains (TLDs) like .men, .work and .click are some of the riskiest and spammy-est on the Internet, according to experts who track such concentrations of badness online. Not that there still aren’t a whole mess of nasty .com, .net and .biz domains out there, but relative to their size (i.e. overall number of domains) these newer TLDs are far dicier to visit than most online destinations.

Read more

Adobe Patches Zero-Day Flash Flaw

Credit to Author: BrianKrebs| Date: Thu, 07 Jun 2018 16:37:50 +0000

Adobe has released an emergency update to address a critical security hole in its Flash Player browser plugin that is being actively exploited to deploy malicious software. If you’ve got Flash installed — and if you’re using Google Chrome or a recent version of Microsoft Windows you do — it’s time once again to make sure your copy of Flash is either patched, hobbled or removed.

Read more

Apple's Health Record API released to third-party developers; is it safe?

Credit to Author: Lucas Mearian| Date: Thu, 07 Jun 2018 03:11:00 -0700

Apple at its Worldwide Developers Conference this week released an API that allows  developers and researchers to create applications that connect to Health Records, a feature released with iOS 11.3 that allows patients to port their electronic health info to mobile devices and share data between care providers.

While the move promises to streamline the sharing of healthcare data, it also could open the door to that highly sensitive data falling into the wrong hands.

To read this article in full, please click here

Read more