RSS Reader for Computer Security Articles
The UK government is backing proposed legislation that would give workers the right to request flexible working arrangements from day one of their employment.
In the aftermath of the COVID-19 pandemic, which saw millions of workers start working from home as lockdown orders were enforced, most employees continued to have flexibility over how and when they work, with many organizations now practicing a hybrid work model.
Credit to Author: BrianKrebs| Date: Mon, 05 Dec 2022 19:44:50 +0000
In December 2021, Google filed a civil lawsuit against two Russian men thought to be responsible for operating Glupteba, one of the Internet’s largest and oldest botnets. The defendants, who initially pursued a strategy of counter suing Google for tortious interference in their sprawling cybercrime business, later brazenly offered to dismantle the botnet in exchange for payment from Google. The judge in the case was not amused, found for the plaintiff, and ordered the defendants and their U.S. attorney to pay Google’s legal fees.
Read More
Credit to Author: eschuman@thecontentfirm.com| Date: Mon, 05 Dec 2022 09:43:00 -0800
Biometrics is supposed to be one of the underpinnings of a modern authentication system. But many biometric implementations (whether that be fingerprint scanes or face recognition) can be wildly inaccurate, and the only universally positive thing to say about them is they’re better than nothing.
Also — and this may prove critical — the fact that biometrics are falsely seen as being very accurate may be sufficient to dissuade some fraud attempts.
There are a variety of practical reasons biometrics don’t work well in the real world, and a recent post by a cybersecurity specialist at KnowBe4, a security awareness training vendor, adds a new layer of complexity to the biometrics issue.
Look, it’s no big secret that I’m a fan of Google’s Pixel program.
I’ve personally owned Pixel phones since the first-gen model graced our gunk-filled pockets way back in 2016. And Pixels have been the only Android devices I’ve wholeheartedly recommended for most folks ever since.
There’s a reason. And more than anything, it comes down to the software and the overall experience Google’s Pixel approach provides.
[Psst: Got a Pixel? Any Pixel? Check out my free Pixel Academy e-course to uncover all sorts of advanced intelligence lurking within your phone!]
Credit to Author: BrianKrebs| Date: Thu, 01 Dec 2022 19:35:11 +0000
ConnectWise, a self-hosted, remote desktop software application that is widely used by Managed Service Providers (MSPs), is warning about an unusually sophisticated phishing attack that can let attackers take remote control over user systems when recipients click the included link. The warning comes just days after the company quietly patched a vulnerability that makes it easier for phishers to launch these attacks.
Read More
Amazon is introducing its next-gen AWS Verified Access security technology. At its annual AWS re: Invent show, the company confirmed the tech will be made available to enterprises running Apple products thanks to partnerships with Jamf, JumpCloud, and other device management vendors in the space.
Credit to Author: BrianKrebs| Date: Mon, 28 Nov 2022 22:08:21 +0000
A recent scoop by Reuters revealed that mobile apps for the U.S. Army and the Centers for Disease Control and Prevention (CDC) were integrating software that sends visitor data to a Russian company called Pushwoosh, which claims to be based in the United States. But that story omitted an important historical detail about Pushwoosh: In 2013, one of its developers admitted to authoring the Pincer Trojan, malware designed to surreptitiously intercept and forward text messages from Android mobile devices.
Read More
Just days after announcing the close of its consumer-oriented Wickr Me encrypted messaging service, Amazon Web Services (AWS), at its annual re:Invent conference on Monday, said that it was making the enterprise version of the app generally available.
Dubbed simply AWS Wickr, the service was first announced in July and has been in preview till now.
The enterprise version of the messaging service, designed to allow enterprise users to securely collaborate via text, voice and video, along with file and screen sharing, is expected to help enterprises meet auditing and regulatory requirements such as e-discovery and US Freedom of Information Act (FOIA) requests, the company said in a statement.