Ransomware attack knocks Rackspace’s Exchange servers offline
Rackspace’s hosting for Exchange servers remained offline Tuesday after an outage Friday that the company now ascribes to a ransomware attack.
Computer Security Articles
RSS Reader for Computer Security Articles
Independent
What you need to know about the UK’s Online Safety Bill
Three years and four prime ministers after the UK government first published its Online Harms white paper—the basis for the current Online Safety Bill—the Conservative Party’s ambitious attempt at internet regulation has found its way back to Parliament after multiple amendments.
If the bill becomes law, it will apply to any service or site that has users in the UK, or targets the UK as a market, even if it is not based in the country. Failure to comply with the proposed rules will place organizations at risk of fines of up to 10% of global annual turnover or £18 million (US$22 million), whichever is higher.
A somewhat bloated and confused version of its former self, the bill, which was dropped from the legislative agenda when Boris Johnson was ousted in July, has now passed its final report stage, meaning the House of Commons now has one last chance to debate its contents and vote on whether to approve it.
UK set to mandate right to request flexible work from first day on the job
The UK government is backing proposed legislation that would give workers the right to request flexible working arrangements from day one of their employment.
In the aftermath of the COVID-19 pandemic, which saw millions of workers start working from home as lockdown orders were enforced, most employees continued to have flexibility over how and when they work, with many organizations now practicing a hybrid work model.
Judge Orders U.S. Lawyer in Russian Botnet Case to Pay Google
Credit to Author: BrianKrebs| Date: Mon, 05 Dec 2022 19:44:50 +0000
In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba, one of the Internet’s largest and oldest botnets. The defendants, who initially pursued a strategy of counter suing Google for tortious interference in their sprawling cybercrime business, later brazenly offered to dismantle the botnet in exchange for payment from Google. The judge in the case was not amused, found for the plaintiff, and ordered the defendants and their U.S. attorney to pay Google’s legal fees.
Read MoreBiometrics are even less accurate than we thought
Credit to Author: eschuman@thecontentfirm.com| Date: Mon, 05 Dec 2022 09:43:00 -0800
Biometrics is supposed to be one of the underpinnings of a modern authentication system. But many biometric implementations (whether that be fingerprint scanes or face recognition) can be wildly inaccurate, and the only universally positive thing to say about them is they’re better than nothing.
Also — and this may prove critical — the fact that biometrics are falsely seen as being very accurate may be sufficient to dissuade some fraud attempts.
There are a variety of practical reasons biometrics don’t work well in the real world, and a recent post by a cybersecurity specialist at KnowBe4, a security awareness training vendor, adds a new layer of complexity to the biometrics issue.
Hey, Google: It's time to step up your Pixel upgrade promise
Look, it’s no big secret that I’m a fan of Google’s Pixel program.
I’ve personally owned Pixel phones since the first-gen model graced our gunk-filled pockets way back in 2016. And Pixels have been the only Android devices I’ve wholeheartedly recommended for most folks ever since.
There’s a reason. And more than anything, it comes down to the software and the overall experience Google’s Pixel approach provides.
- Part of that is the Pixel’s interface and the lack of any unnecessary meddling and complication — including the absence of confusing (and often privacy-compromising) duplicative apps and services larded onto the phone for the manufacturer’s business benefit and at the expense of your user experience.
- Part of it is the unmatched integration of exceptional Google services and exclusive Google intelligence that puts genuinely useful stuff you’ll actually benefit from front and center and makes it an integrated part of the Pixel package.
- And, yes, part of it is the Pixel upgrade promise and the fact that Pixel phones are still the only Android devices where both timely and reliable software updates are a built-in feature and guarantee.
[Psst: Got a Pixel? Any Pixel? Check out my free Pixel Academy e-course to uncover all sorts of advanced intelligence lurking within your phone!]
ConnectWise Quietly Patches Flaw That Helps Phishers
Credit to Author: BrianKrebs| Date: Thu, 01 Dec 2022 19:35:11 +0000
ConnectWise, a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. The warning comes just days after the company quietly patched a vulnerability that makes it easier for phishers to launch these attacks.
Read MoreAWS brings Verified Access security to the Apple enterprise
Amazon is introducing its next-gen AWS Verified Access security technology. At its annual AWS re: Invent show, the company confirmed the tech will be made available to enterprises running Apple products thanks to partnerships with Jamf, JumpCloud, and other device management vendors in the space.