Computer Security Articles
RSS Reader for Computer Security Articles
ComputerWorld
What the FTC’s $5 billion fine really means for Facebook | TECH(feed)
Last week, the Federal Trade Commission hit Facebook with a $5 billion fine for mishandling user data. The fine comes after the FTC’s investigation following the Cambridge Analytica scandal. On this episode of TECH(feed), Juliet discusses the implications of this fine — and how Facebook may (or may not) change its practices.
How to take control of Face ID (with tools you may not know exist)
Credit to Author: Jonny Evans| Date: Mon, 15 Jul 2019 09:00:00 -0700
If you travel frequently and use an iPhone or iPad then you simply must familiarize yourself with these two tips – they’ll make it much easier to secure your device and its contents when you are on the move.
In praise of Face ID
I’ve become very used to using Face ID. It’s seamless.
On the iPhone, I like that I can pay for groceries with a look and find it much easier to use in the dark than the Home button.
My iPad experience is similar, but I do get annoyed sometimes that I must raise the tablet slightly to get the face angle right – this isn’t always as intuitive as I would like.
All the same, given Apple’s claim that there is a 1 in 50,000 chance that someone else’s fingerprint will unlock your iPhone and a 1 in 1,000,000 chance that it will be unlocked by another person’s face, I’ll always opt for the highly secure choice.
Memory-Lane Monday: Even worse than you thought
Credit to Author: Sharky| Date: Mon, 15 Jul 2019 03:00:00 -0700
This government agency has cashiers’ stations for handling transactions with the public, and the treasurer’s office decides it needs new software to run those stations, according to a pilot fish in IT.
And there’s going to be one sign-on and password for all the stations, brag the higher-ups.
Bad idea, protest all the IT programmers and system administrators. For one thing, having a single user sign-on to the system will prevent tracking who is completing each transaction. They cite security, accountability and separation of duties, but their protests fall on deaf ears.
The vendor rep shows up one day, and he and the treasurer do a presentation for an audience that includes IT managers. The two sound excited, and a touch proud, when they tell everyone that the cashiers will sign on with the user ID “Cash.” They don’t share the top-secret password, though; that’s just for the cashiers to know.
Zoom fixes webcam flaw for Macs, but security concerns linger
Credit to Author: Matthew Finnegan| Date: Thu, 11 Jul 2019 11:51:00 -0700
Zoom released a patch this week to fix a security flaw in the Mac version of its desktop video chat app that could allow hackers to take control of a user’s webcam.
The vulnerability was discovered by security researcher Jonathan Leitschuh, who published information about it in a blog post Monday. The flaw potentially affected 750,000 companies and approximately 4 million individuals using Zoom, Leitschuh said.
Zoom said it’s seen “no indication” any users were affected. But concerns about the flaw and how it works raised questions about whether other similar apps could be equally vulnerable.
How to set up Microsoft Cloud App Security
This new add-on will let you set up alerts about suspicious sign-on activity for Office 365 and other cloud apps.
New Windows 7 'security-only' update installs telemetry/snooping, uh, feature
Credit to Author: Woody Leonhard| Date: Thu, 11 Jul 2019 03:16:00 -0700
Back in October 2016, Microsoft divided the Win7 and 8.1 patching worlds into two parts.
Those who got their patches through Windows Update received so-called Monthly Rollups, which included security patches, bug fixes – and we frankly don’t know what else – rolled out in a cumulative stream.
The folks who were willing to download and manually install patches were also given the option of installing “security-only” patches, not cumulative; these were meant to address just the security holes.
Microsoft delivers Defender ATP security service to Macs
Credit to Author: Gregg Keizer| Date: Tue, 09 Jul 2019 11:42:00 -0700
Microsoft on Monday made good on a March pledge by announcing that its most sophisticated endpoint security service is now available for Macs.
Microsoft Defender ATP (Advanced Threat Protection) for Mac shifted to what the company calls “general availability” on June 28, wrote Helen Allas, a principal program manager on the enterprise security team, in a July 8 post to a company blog. Core components of Defender ATP, including the latest – “Threat & Vulnerability Management,” which made it to general availability a week ago – now serve Macs.