RSS Reader for Computer Security Articles
Credit to Author: Jonny Evans| Date: Fri, 02 Aug 2019 04:27:00 -0700
Apple has once again proved that it listens to valid criticism with the immediate global suspension of the Siri listening program that attracted so much controversy.
At issue was quality control.
A small number of conversational snippets were shared with third party human contractors for quality control purposes.
Just a few days after Equifax settled with the FTC over its 2017 data breach, Capital One announced it was the target of a March attack. Identifying information and bank account numbers are among some of the data breached in the attack that affects 100 million people. A software engineer is behind the attack and is awaiting a hearing. In this episode of TECH(feed), Juliet discusses the consequences of the attack and how to find out if you've been affected.
Every year, thousands of hackers arrive in Las Vegas for three large security conferences — DEF CON, Black Hat and Bsides Las Vegas — taking place from Monday through Sunday next week. CSO Online's J.M. Porup chats with Juliet about what to expect at the conferences' sessions and what he's looking forward to.
There are a number of ways attackers can exploit public information about your organization's employees. CSO Online's Susan Bradley walks through how an attacker can gain access to your organization's Office 365 accounts and how you can protect your enterprise from these potential attacks.
Credit to Author: Woody Leonhard| Date: Tue, 30 Jul 2019 09:33:00 -0700
This month, Microsoft Patch Land looks like a stranger Stranger Things Upside Down, where Security-only patches carry loads of telemetry, Visual Studio patches appear for the wrong versions… and we still can’t figure out how to keep the Win10 1903 upgrade demogorgon from swallowing established drivers.
As we end the month, we’ve seen the second “optional” monthly cumulative updates for all Win10 versions — the 1903 patch was released, pulled, then re-released — and fixes for Visual Studio’s transgressions. There’s a kludge for getting the Win10 1903 upgrade to work. And BlueKeep still looms like a gorging Mind Flayer.
Those of you who have been dodging Windows 7 telemetry by using the monthly Security-only patches — a process I described as “Group B” three years ago — have reached the end of the road. The July 2019 Win7 “Security-only” patch, KB4507456, includes a full array of telemetry/snooping, uh, enhancements.
Credit to Author: BrianKrebs| Date: Tue, 30 Jul 2019 13:59:54 +0000
Federal prosecutors this week charged a Seattle woman with stealing data from more than 100 million credit applications made with Capital One Financial Corp. Incredibly, much of this breached played out publicly over several months on social media and other open online platforms. What follows is a closer look at the accused, and what this incident may mean for consumers and businesses.
Read More
Credit to Author: BrianKrebs| Date: Mon, 29 Jul 2019 22:07:31 +0000
Marcus Hutchins, the “accidental hero” who helped arrest the spread of the global WannaCry ransomware outbreak in 2017, will receive no jail time for his admitted role in authoring and selling malware that helped cyberthieves steal online bank account credentials from victims, a federal judge ruled Friday.
Read More
Credit to Author: Jonny Evans| Date: Mon, 29 Jul 2019 07:51:00 -0700
News that Siri records snippets of our conversations with the voice assistant isn’t new, but claims that those short recordings are listened to by human agents is– particularly in light of the company’s big push on privacy.
I’m a passionate believer in the importance of privacy.
It isn’t only important in terms of preserving hard-won liberties and protecting public discourse, it’s also of growing importance across every part of human existence, for every school, medical facility or enterprise. History shows that the absence of privacy has a corrosive effect on society, turning family members against each other and dampening innovation.