Patch Tuesday Lowdown, October 2019 Edition

Credit to Author: BrianKrebs| Date: Wed, 09 Oct 2019 06:00:58 +0000

On Tuesday Microsoft issued software updates to fix almost five dozen security problems in Windows and software designed to run on top of it. By most accounts, it’s a relatively light patch batch this month. Here’s a look at the highlights.

Read more

Spam In your Calendar? Here’s What to Do.

Credit to Author: BrianKrebs| Date: Tue, 03 Sep 2019 18:56:07 +0000

Many spam trends are cyclical: Spammers tend to switch tactics when one method of hijacking your time and attention stops working. But periodically they circle back to old tricks, and few spam trends are as perennial as calendar spam, in which invitations to click on dodgy links show up unbidden in your digital calendar application from Apple, Google and Microsoft. Here’s a brief primer on what you can do about it.

Read more

What You Should Know About the Equifax Data Breach Settlement

Credit to Author: BrianKrebs| Date: Mon, 22 Jul 2019 19:27:11 +0000

Big-three credit bureau Equifax has reportedly agreed to pay at least $650 million to settle lawsuits stemming from a 2017 breach that let intruders steal personal and financial data on roughly 148 million Americans. Here’s a brief primer that attempts to break down what this settlement means for you, and what it says about the value of your identity.

Read more

Caution: Misuse of security tools can turn against you

Credit to Author: Vasilios Hioureas| Date: Thu, 11 Jul 2019 17:34:57 +0000

If not implemented correctly, the very security tools we use to keep our information private may actually cause data leaks themselves. We outline a few cases and provide suggestions for researchers and security admins.

Categories:

Tags:

(Read more…)

The post Caution: Misuse of security tools can turn against you appeared first on Malwarebytes Labs.

Read more

Microsoft to Require Multi-Factor Authentication for Cloud Solution Providers

Credit to Author: BrianKrebs| Date: Fri, 28 Jun 2019 18:01:53 +0000

It might be difficult to fathom how this isn’t already mandatory, but Microsoft Corp. says it will soon force all Cloud Solution Providers (CSPs) that help companies manage their Microsoft Azure and Office365 accounts to use multi-factor authentication. The move comes amid a noticeable uptick in phishing and malware attacks targeting CSP employees and contractors.

Read more

Android 7.0+ Phones Can Now Double as Google Security Keys

Credit to Author: BrianKrebs| Date: Thu, 11 Apr 2019 16:14:53 +0000

Google this week made it easier for Android users to enable strong 2-factor authentication (2FA) when logging into Google’s various services. The company announced that all phones running Android 7.0 and higher can now be used as Security Keys, an additional authentication layer that helps thwart phishing sites and password theft.

Read more

Why Phone Numbers Stink As Identity Proof

Credit to Author: BrianKrebs| Date: Sun, 17 Mar 2019 23:25:06 +0000

Phone numbers stink for security and authentication. They stink because most of us have so much invested in these digits that they’ve become de facto identities. At the same time, when you lose control over a phone number — maybe it’s hijacked by fraudsters, you got separated or divorced, or you were way late on your phone bill payments — whoever inherits that number can then be you in a lot of places online.

Read more