Independent – Page 136 – Computer Security Articles

Credit to Author: Woody Leonhard| Date: Tue, 04 Jun 2019 05:08:00 -0700

May 2019 will go down in the annals of Patch-dom as the month we all ran for cover to fend off another WannaCry-caliber worm, but a convincing exploit never emerged.

Microsoft officially released Windows 10 version 1903 on May 21, but I haven’t yet heard from anyone who’s been pushed. All of the complaints I hear are from those “seekers” who went to the download site and installed 1903 with malice and forethought. A triumph of hope over experience.

This month, if you let Windows Update have its way on your machine, you may end up with a different build number than the person sitting next to you. Blame the gov.uk debacle for that: Folks with Windows set up for U.K. English get an extra cumulative update pushed onto their machines, whilst those who don’t fly the Union Jack will get the fix in due course next month.

To read this article in full, please click here

Independent Krebs

June 3, 2019 admin

Report: No ‘Eternal Blue’ Exploit Found in Baltimore City Ransomware

Credit to Author: BrianKrebs| Date: Tue, 04 Jun 2019 00:16:11 +0000

For almost the past month, key computer systems serving the government of Baltimore, Md. have been held hostage by a ransomware strain known as “Robbinhood.” Media publications have cited sources saying the Robbinhood version that hit Baltimore city computers was powered by “Eternal Blue,” a hacking tool developed by the U.S. National Security Agency (NSA) and leaked online in 2017. But new analysis suggests that while Eternal Blue could have been used to spread the infection, the Robbinhood malware itself contains no traces of it.

ComputerWorld Independent

May 31, 2019 admin

Who watches the iOS parental control apps?

Credit to Author: Jonny Evans| Date: Fri, 31 May 2019 07:36:00 -0700

Children are emotional. Protecting them matters. When it comes to technology, do you want developers you don’t know over whom you have no control watching what your children do on their devices?

Apple doesn’t

Apple recently cut developers off from using MDM software to drive third-party parental control solutions.

Developers were upset, and seventeen smaller developers you’ve probably never heard of got together just days before Apple’s WWDC 2019 conference with a well-organized PR campaign and a professional website to demand access to new API’s that let them develop parental control software for iOS.

To read this article in full, please click here

Independent Krebs

May 31, 2019 admin

NY Investigates Exposure of 885 Million Mortgage Documents

Credit to Author: BrianKrebs| Date: Fri, 31 May 2019 13:58:59 +0000

New York regulators are investigating a weakness that exposed 885 million mortgage records at First American Financial Corp. [NYSE:FAF] as the first test of the state’s strict new cybersecurity regulation. That measure, which went into effect in March 2019 and is considered among the toughest in the nation, requires financial companies to regularly audit and report on how they protect sensitive data, and provides for fines in cases where violations were reckless or willful.

Independent Krebs

May 30, 2019 admin

Canada Uses Civil Anti-Spam Law in Bid to Fine Malware Purveyors

Credit to Author: BrianKrebs| Date: Thu, 30 May 2019 22:21:47 +0000

Canadian government regulators are using the country’s powerful new anti-spam law to pursue hefty fines of up to a million dollars against Canadian citizens suspected of helping to spread malicious software.

ComputerWorld Independent

May 30, 2019 admin

Microsoft Patch Alert: Patching whack-a-mole continues

Credit to Author: Woody Leonhard| Date: Thu, 30 May 2019 04:16:00 -0700

In a normal month, you need a scorecard to keep track of Windows patches. Now, your scorecards need a scorecard. One ray of hope: It looks like some Windows 10 cumulative updates will include the new “Download and install now” feature.

The May 2019 Windows updates have taken so many twists and turns it’s hard to pin things down, but as of Thursday morning, here’s what we’ve seen.

Windows 10 cumulative updates

As of now, all of the recent versions of Win10 (1607/Server 2016, 1703, 1709, 1803, 1809/Server 2019) have had three cumulative updates in May. Depending on where you live (or, more correctly, which locality you’ve chosen for your machine), you’ve been pushed one or two of them. If you’re a “seeker” (and clicked “Check for updates” or downloaded and installed the patches), you’ve had at least two, and maybe three. Got that?

To read this article in full, please click here

Independent Krebs

May 29, 2019 admin

Should Failing Phish Tests Be a Fireable Offense?

Credit to Author: BrianKrebs| Date: Wed, 29 May 2019 17:39:26 +0000

Would your average Internet user would be any more vigilant against phishing scams if he or she faced the real possibility of losing their job after falling for one too many of these emails? Recently, I met someone at a conference who said his employer had in fact terminated employees for such repeated infractions. As this was the first time I’d ever heard of an organization actually doing this, I asked some phishing experts what they thought (spoiler alert: they’re not fans of this particular teaching approach).