Patch Tuesday, November 2020 Edition

Credit to Author: BrianKrebs| Date: Wed, 11 Nov 2020 01:56:41 +0000

Adobe and Microsoft each issued a bevy of updates today to plug critical security holes in their software. Microsoft’s release includes fixes for 112 separate flaws, including one zero-day vulnerability that is already being exploited to attack Windows users. Microsoft also is taking flak for changing its security advisories and limiting the amount of information disclosed about each bug.

Read more

Microsoft Patch Tuesday, Sept. 2020 Edition

Credit to Author: BrianKrebs| Date: Tue, 08 Sep 2020 21:33:26 +0000

Microsoft today released updates to remedy nearly 130 security vulnerabilities in its Windows operating system and supported software. None of the flaws are known to be currently under active exploitation, but 23 of them could be exploited by malware or malcontents to seize complete control of Windows computers with little or no help from users.

Read more

FBI, CISA Echo Warnings on ‘Vishing’ Threat

Credit to Author: BrianKrebs| Date: Fri, 21 Aug 2020 20:34:18 +0000

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) on Thursday issued a joint alert to warn about the growing threat from voice phishing or “vishing” attacks targeting companies. The advisory came less than 24 hours after KrebsOnSecurity published an in-depth look at a crime group offering a service that people can hire to steal VPN credentials and other sensitive data from employees working remotely during the Coronavirus pandemic.

Read more

Why & Where You Should Plant Your Flag

Credit to Author: BrianKrebs| Date: Wed, 12 Aug 2020 14:18:09 +0000

Several stories here have highlighted the importance of creating accounts online tied to your various identity, financial and communications services before identity thieves do it for you. This post examines some of the key places where everyone should plant their virtual flags.

Read more

Why & Where You Should You Plant Your Flag

Credit to Author: BrianKrebs| Date: Wed, 12 Aug 2020 14:18:09 +0000

Several stories here have highlighted the importance of creating accounts online tied to your various identity, financial and communications services before identity thieves do it for you. This post examines some of the key places where everyone should plant their virtual flags.

Read more

E-Verify’s “SSN Lock” is Nothing of the Sort

Credit to Author: BrianKrebs| Date: Sat, 04 Jul 2020 22:24:14 +0000

One of the most-read advice columns on this site is a 2018 piece called “Plant Your Flag, Mark Your Territory,” which tried to impress upon readers the importance of creating accounts at websites like those at the Social Security Administration, the IRS and others before crooks do it for you. A key concept here is that these services only allow one account per Social Security number — which for better or worse is the de facto national identifier in the United States. But KrebsOnSecurity recently discovered that this is not the case with all federal government sites built to help you manage your identity online. A reader who was recently the victim of unemployment insurance fraud said he was told he should create an account at the Department of Homeland Security’s myE-Verify website, and place a lock on his Social Security number (SSN) to minimize the chances that ID thieves might abuse his identity for employment fraud in the future.

Read more

Turn on MFA Before Crooks Do It For You

Credit to Author: BrianKrebs| Date: Fri, 19 Jun 2020 19:19:10 +0000

Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. But people who don’t take advantage of these added safeguards may find it far more difficult to regain access when their account gets hacked, because increasingly thieves will enable multi-factor options and tie the account to a device they control. Here’s the story of one such incident.

Read more

Patch Tuesday Lowdown, October 2019 Edition

Credit to Author: BrianKrebs| Date: Wed, 09 Oct 2019 06:00:58 +0000

On Tuesday Microsoft issued software updates to fix almost five dozen security problems in Windows and software designed to run on top of it. By most accounts, it’s a relatively light patch batch this month. Here’s a look at the highlights.

Read more