RSS Reader for Computer Security Articles
Credit to Author: BrianKrebs| Date: Sat, 11 Jun 2022 00:04:22 +0000
On the eve of their federal criminal trial for allegedly stealing vast swaths of Internet addresses for use in large-scale email spam campaigns, three current or former executives at online advertising firm Adconion Direct have agreed to plead guilty to lesser misdemeanor charges of fraud and misrepresentation via email.
Read More
Credit to Author: Jonny Evans| Date: Fri, 10 Jun 2022 08:59:00 -0700
Apple took several steps toward a password-free future at its Worldwide Developer Conference, but another component of its strategy will be to replace CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Humans Apart) with a more private solution.
Apple is working with Cloudflare (with whom most think it developed the tech behind iCloud Private Relay). It is also working with Google and Fastly to deploy a standardized alternative to CAPTCHA called Private Access Tokens.
Credit to Author: Charlotte Trueman| Date: Thu, 09 Jun 2022 04:21:00 -0700
Microsoft has launched four new employee workforce initiatives aimed at creating a more transparent workplace culture, including the banning of non-compete clauses in contracts and a commitment to improved pay transparency.
The four commitments have been categorized by Microsoft as:
The new policies aim to address concerns raised by employees that current non-compete obligations are being used as a forced retention tactic. Consequently, the company will be removing non-compete clauses from US employee agreements and will not enforce existing clauses for workers outside of Microsoft’s senior leadership team.
Credit to Author: BrianKrebs| Date: Tue, 07 Jun 2022 14:58:56 +0000
Netflix has a new documentary series airing next week — “Web of Make Believe: Death, Lies & the Internet” — in which Yours Truly apparently has a decent amount of screen time. The debut episode explores the far-too-common harassment tactic of “swatting” — wherein fake bomb threats or hostage situations are phoned in to police as part of a scheme to trick them into visiting potentially deadly force on a target’s address.
Read More
Credit to Author: Jonny Evans| Date: Mon, 06 Jun 2022 08:11:00 -0700
More opportunities for engineers and developers to implement declarative device management solutions are likely to emerge at WWDC 2022, at least, according to MacAdmins.
Speaking during the pre-event podcast, speakers argue that Apple will eventually require that all mobile device management (MDM) providers introduce support for declarative management. Might this include bringing declarative device management to the Mac?
Apple first introduced declarative device management last year, largely for two reasons: to make devices more proactive, and to reduce the impact on MDM servers that handle large fleets of devices. This should boost performance and scalability.
Credit to Author: Susan Bradley| Date: Mon, 06 Jun 2022 05:17:00 -0700
Let’s get this straight: It’s not normal for a Windows update to remove software. It’s designed to install the update, not change software already in place on your system.
At least, updates are not supposed to remove software. Since March, however, if you run the RDgateway broker service on Server 2022 (and only that version), the monthly cumulative updates have removed that service. This behavior is not normal; this is a bug.
As Microsoft notes in the Microsoft 365 Admin dashboard: “We have received reports that after installing KB5005575 or later updates on Windows Server 2022 Standard Edition, Remote Desktop Services Connection Broker role and supporting services might be removed unexpectedly. We have expedited investigation and are working on a resolution. Note: Windows Server 2022 Datacenter edition and other versions of Windows Server are not affected by this issue.”
Credit to Author: BrianKrebs| Date: Fri, 03 Jun 2022 19:33:03 +0000
The U.S. Department of Justice (DOJ) recently revised its policy on charging violations of the Computer Fraud and Abuse Act (CFAA), a 1986 law that remains the primary statute by which federal prosecutors pursue cybercrime cases. The new guidelines state that prosecutors should avoid charging security researchers who operate in “good faith” when finding and reporting vulnerabilities. But legal experts continue to advise researchers to proceed with caution, noting the new guidelines can’t be used as a defense in court, nor are they any kind of shield against civil prosecution.
Read More
Credit to Author: Jonny Evans| Date: Thu, 02 Jun 2022 08:30:00 -0700
Apple says millions of fraudulent attempts are made against the App Store and its users each year. The company prevented $1.5 billion in fraudulent transactions in 2021, it said, in line with similar levels of fraud in 2020.
The company explains how fraudsters attempt to commit fraud via the store.