Innovate or Die?

Credit to Author: William “Bill” Malik (CISA VP Infrastructure Strategies)| Date: Fri, 16 Aug 2019 15:13:14 +0000

The recent series of IT acquisitions and IPOs highlight a simple economic fact: companies that fail to keep up with the fast-paced innovation of technology can easily become targets for acquisition. Mark Twain put it this way: History doesn’t repeat itself, but it rhymes. As a former Gartner analyst, I find it irresistible to comment…

The post Innovate or Die? appeared first on .

Read more

This Week in Security News: Phishing Campaigns and a Biometric Data Breach

Credit to Author: Jon Clay (Global Threat Communications)| Date: Fri, 16 Aug 2019 14:05:21 +0000

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about ever-increasing amounts of phishing campaigns and how Trend Micro caught 2.4 million attacks of this type — a 59% increase from 1.5 million in the…

The post This Week in Security News: Phishing Campaigns and a Biometric Data Breach appeared first on .

Read more

Microsoft warns of Visual Basic, VBA and VBScript 'procedure call' errors after August patches

Credit to Author: Woody Leonhard| Date: Thu, 15 Aug 2019 05:28:00 -0700

August is going to be a perilous patching month.

We’re tracking down credible reports of the Server 2012 R2 Monthly rollup breaking RDP logins, a conflict between the Win10 1903 cumulative update and last month’s version of Outlook 365, confusion about Win7 patches being branded as “IA64 only,” dealing with the lack of telemetry (!) in the August Win7 Security Only patch, much mayhem trying to install SHA-2 signed patches (including the Win7 Monthly Rollup) on systems using Symantec Endpoint Protection, even more confusion over the difference between Symantec Endpoint Protection and Norton Security Suite, and lots of the usual installation failures and rollbacks.

To read this article in full, please click here

Read more

3 Google privacy tips for Mac and iOS users

Credit to Author: Jonny Evans| Date: Thu, 15 Aug 2019 04:15:00 -0700

Alternative search engines such as DuckDuckGo are attracting growing numbers of privacy focused users, but there’s no doubt that Google dominates the industry, even on Apple products. Fortunately, there are several ways to make your Google activity more private.

Do you have a Google account? (You probably do)

Do you use Gmail? Did you one use Google +? Perhaps you employ Google Drive, Google Docs or any of the company’s other products. If so, you have a Google account.

To read this article in full, please click here

Read more

Chrome, Firefox to expunge Extended Validation cert signals

Credit to Author: Gregg Keizer| Date: Thu, 15 Aug 2019 03:00:00 -0700

Google and Mozilla have decided to eliminate visual signals in their Chrome and Firefox desktop browsers of special digital certificates meant to assure users that they landed at a legitimate site, not a malicious copycat.

The certificates, dubbed “Extended Validation” (EV) certificates, were a subset of the usual certificates used to encrypt browser-to-server-and-back communications. Unlike run-of-the-mill certificates, EVs can be issued only by a select group of certificate authorities (CAs); to acquire one, a company must go through a complicated process that validates its legal identity as the site owner. They’re also more expensive.

The idea behind EVs was to give web users confidence that they were at their intended destination, that the site, for instance, was owned by its legal proprietor, IDG, and not a fishy – and phishy – URL run by It’s Crooks All the Way Down LLC and chockablock with malware. Browsers quickly took to the concept, rewarding EV-secured sites with in-your-face visual cues, notably the verified legal identity in front of the domain in the address bar. The identity was often shaded in green as an additional tip-off. (Chrome dismissed the green in September 2018 as of Chrome 69.)

To read this article in full, please click here

Read more

Data and device security for domestic abuse survivors

Credit to Author: David Ruiz| Date: Tue, 13 Aug 2019 16:33:22 +0000

Many domestic abuse survivors need help before stalkerware strikes. Here, we give basic advice on device security and protecting sensitive data.



(Read more…)

The post Data and device security for domestic abuse survivors appeared first on Malwarebytes Labs.

Read more