NEWS: COMPUTER WORLD SECURITY NEWS
Setup News Ticker
   NEWS: COMPUTER WORLD SECURITY NEWS
Computer World Security News
Sep 22, 2020

How IT can keep remote workers' Windows 7 PCs safe
In the time of COVID-19, with so many people working from home, it's inevitable that many will be using Windows 7 devices. And that's a big security problem for IT. As of January 2020, Windows 7 is no longer supported by Microsoft. That means no security patches — particularly dangerous at a time when many people are connecting to enterprise networks from their Windows 7 PCs.

It adds up to one of the biggest security risks many companies have seen for some time. Unpatched systems can be more easily hacked than ones that regularly receive security patches. Hackers go after low-hanging fruit — and right now Windows 7 is the lowest fruit there is. As the FBI stated in an August 2020 warning to businesses:

To read this article in full, please click here

(Insider Story)

Computer World Security News
Sep 17, 2020

Why you need Apple support to secure the C-suite
I get it. You're one of those enterprises that doesn't (yet) support Apple products among employees, but does that moratorium extend to the C-suite? I'm willing to bet it does not, and that's why even Windows-only IT must learn how to secure Apple's products.

Ignore the fantasy, this is reality The reality is that Apple's products are popular in the enterprise. And while there are many businesses that don't officially support them, one section of civic society that pretty much always do their own thing no matter what they ask others to do are the boys and girls in the C-suite. I can still recall the number of CFO's I spoke with early on in the iPad days who were deeply interested in trying the Apple tablet. Many did.

To read this article in full, please click here



Computer World Security News
Sep 17, 2020

Windows 10 upgrades are rarely useful, say IT admins
A majority of IT administrators polled this summer said that the twice-a-year Windows 10 feature upgrades are not useful - or rarely so - a stunning stance considering how much effort Microsoft puts into building the updates.

About 58% of nearly 500 business professionals who are responsible for servicing Windows at their workplaces said that Windows 10 feature upgrades - two annually, one each in the spring and fall - were either not useful (24%) or rarely useful (34%).

[ Related: Windows 10 version 2004: Key enterprise features ] Only 20% contended that the upgrades were useful in some fashion, while a slightly larger chunk - 22% - choose a noncommittal neutral as a response, claiming that the operating system's updates were neither useful nor not useful. (It might be best to consider this answer as undecided since in this binary world if something is not not useful, that must mean it is useful.)

To read this article in full, please click here



Computer World Security News
Sep 15, 2020

How COVID-19 has changed IT's focus and plans for 2021
The COVID-19 pandemic - and the lockdowns that followed last spring - wrought changes across IT operations and strategy as businesses and employees adjusted to a new environment. But what changes were made, and which ones are likely to last?

Spiceworks Ziff Davis, a B2B tech marketplace, polled 1,073 IT buyers in North America and Europe in June and July 2020 to find out. The results in its 2021 State of IT report, released today, show that the pandemic-fueled transformation will continue, affecting both planning and budgets for the long term.

[ Keep up on the latest thought leadership, insights, how-to, and analysis on IT through Computerworld's newsletters. ] The survey shows that 76% of businesses envision long-term IT changes, with more than half planning to retain flexible work policies (such as remote work); 64% of companies enabled remote work in 2020 due to the pandemic.

To read this article in full, please click here



Computer World Security News
Sep 11, 2020

A fat Windows Update for September's Patch Tuesday
Microsoft has released 129 updates to its Windows ecosystem, but the good news  this month is that we are not responding to any zero-days or publicly reported vulnerabilities. Microsoft appears to be getting serious about removing Adobe Flash Player (a good thing) and we see a very broad update to Windows desktops and servers. Unusually, Microsoft's browsers are not a huge focus this month, and both the Microsoft Office (excluding SharePoint) and development platform have received only a few, lower profile patches.

[ Related: Microsoft revamps Windows Insider release vernacular ] We have included a helpful infographic, which this month looks a little lopsided as all of the attention should be on Windows components.

To read this article in full, please click here



Computer World Security News
Sep 10, 2020

Beaucoup bugs beset this month's Windows patches
Someday, you'll tell your grandkids about the halcyon days of July and August 2020, when Microsoft took pity on us poor patching souls and introduced few bugs in its stew of Patch Tuesday patches.

Now, it looks like we're well on our way to another mess.

[ Related: Microsoft makes 'major-minor' Windows 10 release cadence the new normal ] Although it's still too early to throw up your hands and peremptorily pass on the September crop, I assure you that there is no joy in Patchville.

To read this article in full, please click here



Computer World Security News
Sep 09, 2020

Microsoft puts Application Guard for Office into public preview
Microsoft has launched a public preview of "Microsoft Defender Application Guard for Office," a defensive technology that quarantines untrusted Office documents so that attack code carried by malicious files can't reach the operating system or its applications.

On Monday, a senior cybersecurity engineer with the Redmond, Wash. company explained how Application Guard for Office worked and more importantly, walked customers through its operationm - something that existing documentation omitted when the public preview was launched late last month.

[ Related: 10 productivity-boosting apps for Microsoft Teams ] "Microsoft Office will open files from potentially unsafe locations in?Microsoft Defender Application Guard, a secure container, that is isolated from the device through hardware-based virtualization," John Barbare wrote in a post to a Microsoft blog. "When Microsoft Office opens files in Microsoft Defender Application Guard, a user can then securely read,?edit,?print, and?save?the files without having to re-open files outside of the container."

To read this article in full, please click here



Computer World Security News
Sep 07, 2020

With Patch Tuesday here, get Windows Update locked down
Every month we see the same pattern: Microsoft releases its Patch Tuesday regimen; the blogosphere flies into a frenzy about security holes that have to be patched right this minute; some patches have bugs; Microsoft fixes many of them in a week or two, warns about others, and stays mum on far too many.

Normal Windows users are left in the lurch. On the one hand, you have the threat of imminent malware mayhem. On the other, you have the threat of poorly tested patches. Wash. Rinse. Repeat.

[ Related: Windows 10 version 2004: Key enterprise features ] It's been like that for years. Don't believe it? Computerworld has month-by-month details for the past three years here.

To read this article in full, please click here



Computer World Security News
Sep 07, 2020

With Patch Tuesday near, get Windows Update locked down
Every month we see the same pattern: Microsoft releases its Patch Tuesday regimen; the blogosphere flies into a frenzy about security holes that have to be patched right this minute; some patches have bugs; Microsoft fixes many of them in a week or two, warns about others, and stays mum on far too many.

Normal Windows users are left in the lurch. On the one hand, you have the threat of imminent malware mayhem. On the other, you have the threat of poorly tested patches. Wash. Rinse. Repeat.

[ Related: Windows 10 version 2004: Key enterprise features ] It's been like that for years. Don't believe it? Computerworld has month-by-month details for the past three years here.

To read this article in full, please click here



Computer World Security News
Sep 04, 2020

Yes, you can install the August Windows and Office patches now
It looks like we're good to go with Microsoft's August Windows and Office patches. The second cumulative update for Windows 8.1, KB 4578013, throws some Virtual Private Networks out of kilter, and the Win7 patches may knock out your printers (for those of you paying for Win7 Extended Security Updates). But most of the other bugs appear to be squashed.

To read this article in full, please click here



Computer World Security News
Sep 04, 2020

Apple strengthens commitment to human rights with new policy
Apple has once again responded to critics with the publication of a human rights policy it says commits the company to "freedom of information and expression."

Freedom of expression "At Apple, we are optimistic about technology's awesome potential for good," says CEO Tim Cook. "But we know that it won't happen on its own. Every day, we work to infuse the devices we make with the humanity that makes us."

However, the document also points out that Apple is required to obey the law.

To read this article in full, please click here



Computer World Security News
Aug 31, 2020

Microsoft Patch Alert: August 2020
With Windows 10 2004 gradually creeping (I use the term intentionally) onto more machines, faults and foibles are coming out of the woodwork. It looks like a fix for the long-lamented version 2004 defrag bugs is on the way, but we aren't there yet. Lenovo isn't too happy with the August version 2004 cumulative update. It's still too early to move to 2004, in my opinion — and those problems ensure I'll keep 2004 off my machines for a while.

Meanwhile, Microsoft extended the end of support date for Win10 version 1803 — a move that'll interest exactly nobody except for admins with aging Win10 machines. Windows 8.1 patchers got left out in the Remote Access cold for a week. The .NET security updates have an odd, acknowledged bug with a manual registry workaround.

To read this article in full, please click here



Computer World Security News
Aug 27, 2020

TikTok sues the Trump administration, responding to potential U.S. ban
TikTok, the popular short form video app, has filed a lawsuit against the U.S. government, calling the potential U.S. ban an extreme action. At first glance, this lawsuit may mirror another one filed by a different tech company, Huawei. While both Huawei and ByteDance, the owner of TikTok, are Chinese tech companies, the proposed U.S. bans of each of these companies are different. Juliet breaks down why TikTok may fare better in the face of a potential ban than Huawei. More on TikTok's alleged security threats: https://youtu.be/LzeIOH2U8-8 Check out my latest video about the Huawei ban: https://youtu.be/bDXc7xeS5OE Sources-- https://www.nytimes.com/2020/08/24/technology/tiktok-sues-trump-administration.html https://newsroom.tiktok.com/en-us/tiktok-files-lawsuit Follow Juliet on Twitter: https://twitter.com/julietbeauchamp

Computer World Security News
Aug 26, 2020

Microsoft adds 6 months support to Windows 10 1803, again cites pandemic
Microsoft on Wednesday stretched support for a third version of Windows 10, again citing the coronavirus pandemic and its impact on business.

The Redmond, Wash. developer extended security support for Windows 10 Enterprise 1803 and Windows 10 Education 1803 by six months, to May 11, 2021. The original end-of-support date was to be Nov. 10.

[ Related: Microsoft makes 'major-minor' Windows 10 release cadence the new normal ] "We have heard your feedback and understand your need to focus on business continuity in the midst of the global pandemic," Chris Morrissey, who leads the communications team for Windows' servicing group, wrote in a post to a company blog. "As a result, we have decided to delay the scheduled end-of-service date for the Enterprise, Education, and IoT Enterprise editions of Windows 10, version 1803."

To read this article in full, please click here



Computer World Security News
Aug 21, 2020

Did Microsoft just solve a big business iPad problem
One of the most disappointing things about iOS devices as business devices, and one of the things that keeps the iPad from being a true computing solution, is that there is no support for multiple-user accounts. An unlikely ally is determined to solve the problem for Apple. A future version of Microsoft Authenticator will allow for a multi-user iPad experience.

Computer World Security News
Aug 20, 2020

Google to trial drastically truncated URLs in Chrome in anti-phishing move
Google will run a trial with Chrome 86, the browser set to release in October, that will hide much of a site's URL as a way to foil phishing attacks.

"We're ... going to experiment with how URLs are shown in the address bar on desktop platforms," Emily Stark, Eric Mill and Shweta Panditrao, all members of Chrome's security team, wrote in an Aug. 12 post to a company blog. "Our goal is to understand -- through real-world usage -- whether showing URLs this way helps users realize they're visiting a malicious website, and protects them from phishing and social engineering attacks."

To read this article in full, please click here



Computer World Security News
Aug 17, 2020

Xcode becomes vector for new Mac malware attack
Trend Micro has identified an insidious new form of Mac malware that is propagated by injecting itself into Xcode projects before they are compiled as apps.

So good they tried it twice We've seen a similar attack before. The so-called ‘XCode Ghost' was a malware infested version of Apple's developer environment that was distributed outside of Apple's channels. Apps built using the software were preinstalled with malware.

To read this article in full, please click here



Computer World Security News
Aug 14, 2020

A zero-day and testing of key printing features will drive August Windows updates
Though a DNS spoofing vulnerability in Windows (CVE-2020-1464) has been rated as a zero-day due to reports of exploitation in the wild, the focus for this month's updates should be on testing key Windows features prior to deployment. Primarily, printing and back-up scenarios will require your attention. You will also need to work with multiple and potentially overlapping updates to Window and the .NET development platform and, in some cases, Windows Store updates to your application portfolio.

Given the number and nature of changes we have seen in the update testing cycle during the past month, we advise a "Patch Now" approach to Windows 10, but with an extended test cycle on printing and more attention to the Windows 8.x platforms.

To read this article in full, please click here



Computer World Security News
Aug 13, 2020

Managing Windows 7 security risks
We've heard security experts warn that remote employees working on personal devices running old operating systems, like Windows 7, pose a huge security risk to enterprises. With some work from home regulations extending into 2021, IT teams will continue to manage employee devices and mitigate security risks remotely. Computerworld contributing editor and Windows expert Preston Gralla joins Juliet to discuss why Windows 7 is a security risk and what IT teams can do to manage that risk as employees continue to work off of unsecure personal and company devices.

Computer World Security News
Aug 12, 2020

Slack talks up security with new encryption options, FedRAMP certification
As Slack works to entice large organizations to deploy its channel-based collaboration app, the company is touting a variety of security upgrades, including an expanded enterprise key management (EKM) system and stronger compliance capabilities.

Among the updates announced Tuesday is the extension of EKM to give admins greater flexibility over the encryption of message data. Slack's EKM, introduced in 2018 for Enterprise Grid customers, can now cover data sent by users accessing the Workflow Builder automation tool. The company also plans to expand EKM to messages sent in Slack Connect - the company's  recently announced platform for multi-company conversations - when it launches later this year. 

To read this article in full, please click here



Computer World Security News
Aug 10, 2020

It's Patch Tuesday time. Make sure to have auto updates paused.
If you want to join the ranks of the unpaid beta testers, please go right ahead. Don't do anything and Patch Tuesday will find you. Make sure you tell us about any problems on AskWoody.com.

Every month we see the same pattern: Microsoft releases its Patch Tuesday regimen; the blogosphere flies into a frenzy about security holes that have to be patched right away; the patches bring bugs; the screams of imminent doom disappear as folks realize it takes a while - sometimes quite a while - for the security holes to turn into real, live exploits.

To read this article in full, please click here



Computer World Security News
Aug 04, 2020

Firefox gets next-gen anti-tracking defense, stymies 'bounce' trackers
Mozilla today announced a new defense against advanced tracking tactics that it will be switching on in Firefox 79 starting immediately and pushing out to the remaining user base during the next few weeks.

Calling the improved technologies and techniques Enhanced Tracking Protection 2.0 - Mozilla said that ETP 2.0's primary job is to block redirect tracking, also known as bounce tracking.

[ Related: 9 steps to lock down corporate browsers ] Trackers have been exploiting a loophole of sorts to continue following users browsing with Firefox, which enabled its first-generation ETP by default in June 2019. ETP takes a hands-off approach for first-party cookies - those tied to the site being browsed - because to do otherwise would break many of those websites or require users to, say, log in each time they returned.

To read this article in full, please click here



Computer World Security News
Jul 31, 2020

Despite an unexpected monkey wrench, now is the time to install the July Windows and Office patches
The folks at Microsoft have pretty much exterminated the bugs they introduced in July's patches. The Outlook-killing bug got fixed by an emergency update to Microsoft's own servers. The Win7 .NET patch was fixed and re-released nine days after paying Win7 Extended Security customers started bellyaching.  

To read this article in full, please click here



Computer World Security News
Jul 30, 2020

Microsoft Patch Alert: July 2020
July tends to be a leisurely month in Windows and Office patch land, and this one's no exception.

We had a bit of a thrill July 15 when Outlook stopped working on millions of PCs all over the world, but Microsoft fixed the bug four hours later by updating its servers.

Folks who pay for Windows 7 Extended Security Updates felt rightfully miffed when the new .NET Framework 4.8 patch, KB 4565636, refused to install. Microsoft took nine days to fix the bug and re-ship the patch.

To read this article in full, please click here



Computer World Security News
Jul 24, 2020

Windows Update is a bifurcated mess
This week's "Preview" patches led to some bizarre, unexplained, and self-contradictory behavior. Here's what we've been able to piece together, based on what actually happened - not on what Microsoft says is supposed to happen.

Two general sets of "Preview" patches arrived on Tuesday:

Optional, non-security, C/D Week Cumulative Updates for Win10 versions 1809, 1903, 1909, and various Servers, but not Win10 version 2004. Microsoft stopped distributing the C/D Week patches in March because of the "public health situation," but started pushing them again this week. July 21, 2020 Cumulative Update Previews for .NET Framework 3.5 and 4.8 on various versions of Win10. These are optional, non-security Preview patches released later in the month. Microsoft pushes Previews for .NET patches on Win10 infrequently; this year we've only seen two, one of them in January, the other in February. They're Previews,

Computer World Security News
Jul 24, 2020

At Microsoft Inspire, the new Edge browser took center stage
Disclosure:  Microsoft is a client of the author.

In the new Microsoft, Azure has - to a certain extent - taken over the center stage from the company's Windows Server platform, and the new Chromium Edge Browser has taken center stage from Windows. The ongoing COVID-19 pandemic has accelerated this result as the market rapidly turns from focusing on local hardware to using the Cloud as its primary place to do computing. 

As a result, each new browser update now feels a bit like what the old Windows refresh cycles used to feel like - but without the old compatibility drama. 

[ Related: FAQ: What the new Edge offers the enterprise ] Microsoft Inspire took place this week, so let's talk about the browser's new features, mostly focused on business users (now mostly working from home) that look compelling. 

To read this article in full, please click here



Computer World Security News
Jul 24, 2020

How to securely erase your Android device in 4 steps
It's an inevitable moment in the smartphone-owning cycle, the point at which a newer, shinier model comes along and your trusty old device is no longer needed.

Maybe your company bought you a new Android phone. Maybe your old one was getting too slow. Or maybe you just love electronics and couldn't resist the lure of whatever sexy new Android device your favorite manufacturer started selling.

Whatever the case, it's common nowadays to find yourself with an extra phone. And while there are plenty of practical uses for an old Android device, there's also a time when the best choice is to sell, donate, or otherwise pass it along.

To read this article in full, please click here



Computer World Security News
Jul 22, 2020

Microsoft releases some 'optional, non-security, C/D Week' Win10 patches. Avoid them.
I've always detested Microsoft's "optional, non-security, C/D Week" patches because they're confusing, easy to install accidentally, rarely solve any pressing problems, and potentially introduce yet more bugs. 

Guess what? They're back. 

As promised last month, Microsoft has started pushing them out again.

To read this article in full, please click here



Computer World Security News
Jul 21, 2020

Now let's guess what fish's new password is
It's COVID-19 days, and everyone at this tech company is practicing social distancing by working from home. All is fine for weeks for this pilot fish, but then his password expires.

An expired password cannot be replaced remotely, so he's going to have to go in to the office. Fish's boss says that the building is open, and once fish arrives, he finds it deserted and, he realizes, safer than the supermarket — no one has been inside there for weeks.

After he replaces his password, fish has an inspiration: He stops by the bathroom to grab some industrial-grade toilet paper, a product absent from store shelves for weeks.

To read this article in full, please click here



Computer World Security News
Jul 21, 2020

How to get one of iOS's best new privacy features on Android
Apple's latest iOS update may have taken plenty of inspiration from Android — to put it mildly — but iPhone owners will soon enjoy one important feature that isn't anywhere to be found here in the land o' Googley devices. And it's connected to a subject that's increasingly near and dear to many of our hearts: privacy.

The iOS 14 beta includes a new system that shows a visual alert anytime an app is using a device's microphone or camera, even in the background. It's a smart bit of added privacy protection, especially since traditionally — on iOS as well as on Android — once you've granted an app access to those parts of your phone, the app is technically able to tap into 'em anytime, with or without notifying you that it's doing it.

To read this article in full, please click here



Computer World Security News
Jul 20, 2020

Mozilla launches its first revenue-generating service, VPN for Firefox
Mozilla last week launched its virtual private network (VPN) in the U.S., Canada, the U.K. and three other countries, part of its strategy to expand revenue opportunities for its Firefox browser.

Dubbed Mozilla VPN, the service costs $4.99 per month and is available for devices running Windows and Android. Besides the U.S., Canada and the U.K., Mozilla VPN is also available in Singapore, Malaysia and New Zealand. The service will be offered on macOS and Linux devices "soon," while the iOS version is currently in beta, Mozilla said. For the monthly fee, users can access the VPN from up to five devices.

[ Related: 9 steps to lock down corporate browsers ] Mozilla kicked off a VPN preview - then tagged Firefox Private Network - nearly a year ago that relied on a browser extension and was free to users within the U.S. The Firefox Private Network was seen as the first of the paid services Mozilla would eventually introduce - another might be online storage - in an attempt to create new revenue streams to augment what the organization is paid to make specific search engines the Firefox default.

To read this article in full, please click here



Computer World Security News
Jul 17, 2020

Advisories and mitigations, oh my! Critical updates for Windows this July
This month's Patch Tuesday update from Microsoft attempts to address 123 unique security vulnerabilities including an urgent issue with Microsoft Outlook (CVE-2020-1349) and a very serious vulnerability in Windows (CVE-2020-1350). The big difference this month is that a "Patch Now" (as in right now-now) effort may not be enough. With average update cycles measured in weeks for most organizations, rapid mitigation strategies are required. Microsoft has offered registry-based fixes, some suggested code-based fixes, and a request to simply stop using certain features.

To read this article in full, please click here



Computer World Security News
Jul 13, 2020

It's Patch Tuesday time; make sure you pause Windows Updates
Yes, with Windows you have to get patched sooner or later. No, you don't have to do it right away.

Every month Microsoft releases buggy Patch Tuesday patches. Every. Single. Month. Every month we're admonished to get patched right now, lest the bad guys start mining PCs for juicy morsels. Every month we see the same hype, with the same results.

To read this article in full, please click here



Computer World Security News
Jul 13, 2020

It's Patch Tuesday; make sure you pause Windows Updates
Yes, with Windows you have to get patched sooner or later. No, you don't have to do it right away.

Every month Microsoft releases buggy Patch Tuesday patches. Every. Single. Month. Every month we're admonished to get patched right now, lest the bad guys start mining PCs for juicy morsels. Every month we see the same hype, with the same results.

To read this article in full, please click here



Computer World Security News
Jul 08, 2020

Most bugs in Microsoft's June patches have been fixed; go ahead and patch
The most obvious problem with June patches was a conflict between Microsoft's latest version of Windows and Microsoft's latest version of Office (er, Microsoft 365) Click-to-Run: If you installed patches as soon as they came out, Outlook wouldn't run. That bug got cleared up when Microsoft fixed Office a week later, even though Windows was to blame.

We also saw a bunch of belated patches for printers that didn't work after installing the June Windows updates.

To read this article in full, please click here



Computer World Security News
Jul 02, 2020

13 privacy improvements Apple announced at WWDC
Apple continues to focus on the challenge of providing technology-driven convenience while protecting customer privacy in its upcoming operating system releases. Here are all the privacy-related improvements to expect in iOS 14, macOS 11 and iPad.

Why privacy matters Fundamentally, the challenge with mobile technologies is the sheer quantity of personal data that can be collected and used against people.

A smartphone, for example, knows when it is picked up, how often, how high, who by, who it is in contact with, which websites you visit and much, much more.

To read this article in full, please click here



Computer World Security News
Jul 02, 2020

Microsoft Patch Alert: June 2020
There's never a dull moment for folks who try to keep Windows and Office patched.

Windows 10 version 2004 continues to make slow inroads among the "Go ahead and kick me" crowd, in spite of its (now documented) lack of update deferral settings, while those of us who are still trying to keep Win10 versions 2009, 2003 and 1809 afloat have our hands full.

June saw two truly innovative patching methods: A fix for a Windows bug delivered as an update to Office Click-to-Run and a fix for a different Windows bug delivered through the Microsoft Store.

If you can't fix things the normal way, I guess there's always the back door.

The two printer bugs All of the Win10 cumulative updates in June broke some printers, some of the time. The damage fell into two heaps:

To read this article in full, please click here



Computer World Security News
Jul 02, 2020

When shadow IT goes remote: How to keep workers in the fold
IT admins have a hard enough time keeping employees on the technology straight-and-narrow in the best of times. It's even harder when a pandemic hits and everyone in the office scatters to work from home.

Computer World Security News
Jul 01, 2020

Why coronavirus contact tracing apps are failing
Security, yes. But the biggest problem to adoption is staring us all in the mirror. Here's what that means for you and your organization.

Computer World Security News
Jun 30, 2020

Apple Watch's planned handwashing reminder feature? I don't trust it
When Apple rolled out its planned changes for iOS 14 and its companion WatchOS 7- both are expected to be available for download in mid-September - it included a variety of interesting tweaks. Two stood out as especially interesting: a COVID-friendly Watch handwashing app and an enterprise-IT-friendly facial recognition app for video cameras and doorbells.

The more straight-forward effort is positioned as a consumer feature, where video camera and doorbell apps within iOS will be able to identify visitors by name if they happen to appear within a user's photo library. It sounds rather cool for a consumer app, but I'm not sure how valuable it is. My doorbell app, for example, instantly shows me live video of the person at the door, so I can have a realtime conversation with whoever is there.

To read this article in full, please click here



Computer World Security News
Jun 26, 2020

WWDC: Apple brings Face & Touch ID authentication to Safari
It will soon be possible for enterprise workers, partners and customers to casually access web-based sites and services using biometric ID, with Apple set to enable Face ID and Touch ID authentication in Safari, the company told WWDC 2020.

Toughen up, just toughen up This is important because the scourge of online crime is not abating, and traditional passcode-based protection has proved itself insufficient.

As we move into a world of quantum computing, breaking password-protection will only get easier, which is why biometric protection adds another layer of access control. We need to toughen up every level of security.

To read this article in full, please click here



Computer World Security News
Jun 26, 2020

WWDC: Apple brings Face ID and Touch ID authentication to Safari
It will soon be possible for enterprise workers, partners and customers to casually access web-based sites and services using biometric ID, with Apple set to enable Face ID and Touch ID authentication in Safari, the company said at WWDC 2020.

Time to toughen up This move is important because the scourge of online crime is not abating, and traditional passcode-based protection has proved itself insufficient. As we move into a world of quantum computing, breaking password-protection will only get easier, which is why biometric protection adds another layer of access control. We need to toughen up every level of security.

To read this article in full, please click here



Computer World Security News
Jun 24, 2020

Mozilla takes first step in pulling Firefox plug on macOS Mavericks, Yosemite and El Capitan
Mozilla this week announced it would automatically move users running outdated versions of macOS to the Firefox Extended Support Release (ESR), an edition that provides security updates only.

The move, a first step towards dropping all support, will take place June 30, when Mozilla releases Firefox 78. On that date, users of Firefox still running OS X 10.9 (Mavericks), 10.10 (Yosemite) and 10.11 (El Capitan) on their Macs will instead be shunted to the extended channel and given 78.0 ESR. While that and Firefox 78 will be identical, when the latter shifts to version 79 four weeks later, ERS will remain at 78, increased to 78.1 to mark its first security update.

To read this article in full, please click here



Computer World Security News
Jun 24, 2020

Save big on popular VPNs & backup solutions today
Surf the web in complete anonymity and keep your file system safe from hardware failure as well as cybercrime.

Computer World Security News
Jun 22, 2020

Debilitating 'Outlook needs to close' bug linked to a bad Windows cumulative update
Internecine conflict seems to be a recurring theme at Microsoft, but this one takes it to new levels. Somehow, somebody forgot to test the latest patched version of Outlook with the latest patched version of Windows. The result is an error message that makes Outlook inoperable.

The official announcement appears on the Microsoft 365 support site:

To read this article in full, please click here



Computer World Security News
Jun 15, 2020

Memory-Lane Monday: As it was, no encryption was needed
Sysadmin pilot fish is checking out encryption for his company's backups.

"We have a mainframe that runs our core system," explains fish. "Each night we back up to an on-site tape and then make a copy of the tape to go off-site. Couriers shuttle the tape back and forth between the sites each day."

The obvious place to apply encryption is to those off-site tapes, so fish decides to create an encrypted copy of a tape to show how well the process works.

And the encryption process works fine every time. But when fish tries to decrypt the tape, no data comes out.

After fish spends several weeks experimenting, talking to vendors and growing more and more frustrated, one of his co-workers asks whether he has checked the script that generates the copy of the tape.

To read this article in full, please click here



Computer World Security News
Jun 12, 2020

Chrome to target abusive notification requests beginning in July
Chrome next month will begin to block notifications from sites that Google believes misuse or abuse the privilege of issuing the warnings.

Starting with Chrome 84 - scheduled to release July 14 - sites that Google thinks traffic in notifications meant to trick users will be blacklisted. Such sites' notifications will be scaled back to what Google earlier defined as its "Quiet UI" and a Chrome-produced warning will appear telling the user that the website may be trying to dupe him or her into accepting future notices.

To read this article in full, please click here



Computer World Security News
Jun 12, 2020

June cumulative updates cause multiple problems with network printers
Many admins report that installing the latest June cumulative updates knock out their networked printers. The problem seems to span all common versions of Windows and Server and many printers that have been installed and working in place for years. The bug appears to cause a conflict with older (but very common) PCL 5 and PCL 6 version 2 drivers on printers that are attached to networks, although the details aren't yet clear. 

Microsoft has acknowledged a bug in the June patches (it isn't clear precisely which ones) where the USB printer port disappears:

To read this article in full, please click here



Computer World Security News
Jun 12, 2020

Large in number, large in nature, this Patch Tuesday needs your attention
Despite Microsoft's announcement in May that all non-security releases (C and D updates) are paused until further notice, with 129 updates in June's Patch Tuesday release cycle, there is plenty to do - for your deployment team and your application testing team(s).

We see another critical update to Adobe Flash Player (see how to set your kill bits below) and critical updates to Microsoft's browsers that - depending on your legacy application portfolio - may require immediate action. The area to focus on this month is the number and nature of updates to the Windows platform.

To read this article in full, please click here



Computer World Security News
Jun 11, 2020

10 Signal tips for iPhone, Mac and iPad users
Enterprises, government officials or individuals - anyone who seriously wants to secure their communications - uses the cross-platform Signal service. Here are a dozen tips to help you get more from using this on your iPhone.

Secure by design Signal is built to be secure, so much so that the European Commission this year instructed staff to begin using the encrypted messaging app for public instant messaging. Encrypted emails and highly secure document exchange systems are also used.

To read this article in full, please click here



Computer World Security News
Jun 11, 2020

10 Signal tips for iPhone, Mac, iPad users
Enterprise, government or individuals, anyone who seriously wants to secure their communications uses the cross-platform Signal service. Here are a dozen tips to help you get more from using this on your iPhone.

Secure by design Signal is built to be secure. So much so in fact that the European Commission this year instructed staff to begin using the encrypted Signal messaging app for public instant messaging. Encrypted emails and highly secure document exchange systems are also used.

To read this article in full, please click here



Computer World Security News
Jun 11, 2020

Android 11's most important additions
Well, that was certainly unexpected.

In the middle of the day yesterday, Google dropped a big honkin' surprise in our laps: the official Android 11 Beta release. No buildup, no fanfare, no virtual events — just a short 'n' sweet blog post, some additional info for developers, and a website to download the software to supported Pixel phones for anyone feeling adventurous.

To read this article in full, please click here



Computer World Security News
Jun 10, 2020

14 IT certifications that will survive and thrive in the pandemic
These tech certifications not only have high value now, but employers will continue to value them as the coronavirus continues.

Computer World Security News
Jun 08, 2020

Microsoft Patch Tuesday is nigh: Pause updates now.
I call it crowdsourced beta testing. Here's how it works.

Microsoft releases its monthly patches. Headlines from the usual suspects scream that you need to get patched right now because of a known exploit - a zero-day.  "Microsoft warns hundreds of millions of users that Windows is at risk. Get patched now!"

You know the tune.

Folks who have seen this drama play out time and again wait to see what problems emerge. They know that you have to get patched eventually, but there's little upside and lots of downside in knee-jerk patching.

To read this article in full, please click here



Computer World Security News
Jun 03, 2020

The ultimate guide to privacy on Android
On the surface, Android and privacy might not seem like the most natural of bedfellows. Google is known for its advertising business, after all — it's how the company makes the lion's share of its money — and it can be tough to square the notion of data collection with the concept of carefully controlled information.

In actuality, though, Google gives you a good amount of authority over how and when it taps into your Android-associated info. (And even at its worst, the company never shares your data with anyone or sells it to third parties, despite some broad misconceptions to the contrary.) Ultimately, it just comes down to a matter of educating yourself about the possibilities and then determining what balance of privacy and function makes the most sense for you.

To read this article in full, please click here



Computer World Security News
Jun 01, 2020

Get your May 2020 Windows and Office patches installed
Headlines scream that you should avoid the May patches. Pshaw. From what I've seen they're largely overblown. Not to say that all is well in patchland - it isn't. But the situation has stabilized, and I don't see any reason to hold back on May's patches.

Of course, I'm assuming that you don't voluntarily jump down the rabbit hole and join the unpaid beta testers working on Windows 10 version 2004 - the May 2020 Update. It's kicking up all sorts of problems - but that's no reason to hold off on the May patches.

To read this article in full, please click here



Computer World Security News
May 29, 2020

Microsoft Patch Alert: May 2020
With most of the fanatical Windows fan base now circling the trough on the just-released upgrade to Windows 10 version 2004, it's time for those of us who rely on stable PCs to consider installing the May patches.

While the general outlook now is good, we've been through some rough patches - which you may, or may not, have noticed.

Unannounced Intel microcode patch triggers reboots On May 20, Microsoft released another of its ongoing series of "Intel microcode updates," all named KB 4497165. Ostensibly intended to fix the Meltdown/Spectre security holes, many of them have a history of problems and hassles not commensurate with the amount of protection they provide (unless you're running a bank transaction system or decrypting top secret emails).

To read this article in full, please click here



Computer World Security News
May 29, 2020

Getting started with Google Password Manager
If you're still trying to remember all of your passwords and then type 'em into sites by hand, let me tell you: You're doing it wrong.

With all the credentials we have to keep track of these days, there's just no way the human brain can handle the task of storing the specifics — at least, not if you're using complex, unique passwords that aren't repeated (or almost repeated, even) from one site to the next. That's where a password manager comes into play: It securely stores all your sign-in info for you and then fills it in as needed.

While there's a case to be made for leaning on a dedicated app for that purpose (for reasons we'll discuss further in a moment), Google has its own password management system built right into Chrome. And it's far better to rely on that than to use nothing at all.

To read this article in full, please click here



Computer World Security News
May 28, 2020

Mobile security forces difficult questions
As governments consider COVID-19 contact tracing and its privacy implications, it's not a bad idea for companies to take the opportunity to look more closely at their mobile agreements with employees. (By the way, just this week, Apple rolled out its latest iOS update, which included two COVID-19 updates, according to Apple: "iOS 13.5 speeds up access to the passcode field on devices with Face ID when you are wearing a face mask and introduces the Exposure Notification API to support COVID-19 contact tracing apps from public health authorities.")

Today, IT has to deal with pretty much one of two mobile scenarios: BYOD. where the employee uses the employee's personally owned device to perform enterprise business; and company-owned phones, which is the opposite: A company-owned phone where the employee, even if told not to, will use the phone for personal matters as well as business.

To read this article in full, please click here



Computer World Security News
May 27, 2020

Apple rejects flawed claims about its contact tracing tech
Even as we consider revelations Facebook shelved internal research suggesting its algorithms generate divisiveness, Apple has been forced to reject damaging claims against its contact tracing tech currently spreading on Facebook.

Exposure Notification is not spying on you Numerous hysterical myths concerning the Apple/Google contact tracing technology are being circulated on Facebook. A series of posts claim the Exposure Notification feature inside iOS 13.5 will allow authorities to track people's locations and monitor who they meet - which is precisely what it tries not to do.

To read this article in full, please click here



Computer World Security News
May 27, 2020

Use of cloud collaboration tools surges and so do attacks
Some industries have seen increases in cloud-related threat events rise as much as 1,350% since the COVID-19 crisis began.

Computer World Security News
May 20, 2020

Amid the pandemic, using trust to fight shadow IT
Shadow IT, where workers sometimes go rogue in their efforts to solve business problems, can create challenges - and opportunities - for companies in the best of times. With the COVID-19 pandemic still unfolding, these are not the best of times. With most employees and executives still working from home, the big issue for administrators and IT pros still centers on how to make things work in today's trying circumstances.

Every major platform has controls IT can use, some of them as blunt as a hammer and others that offer surgical precision. At either end of that spectrum lie two common questions: How restrictive does IT need to be and is there a way to fully communicate areas of risk while making business more secure.

To read this article in full, please click here

(Insider Story)

Computer World Security News
May 14, 2020

A 'business-as-usual' Patch Tuesday update for Windows desktops
It really is saying a lot when Microsoft releases more than 100 updates each month and this is now considered "business as usual." Speaking of the "new normal," Microsoft has changed the release cadence of its optional updates (generally released later each month).

In a statement about the new update regularity, the company said: "We have been evaluating the public health situation, and we understand this is impacting our customers. In response to these challenges we are prioritizing our focus on security updates. Starting in May 2020, we are pausing all optional non-security releases (C and D updates) for all supported versions of Windows client and server products (Windows 10, version 1909 down through Windows Server 2008 SP2).

To read this article in full, please click here



Computer World Security News
May 12, 2020

10 tips for a secure browsing experience
Your browser is one of the easiest ways for malware to penetrate your network. Here are 10 ways to practice safe surfing in Google Chrome, Microsoft Edge and Mozilla Firefox.

Computer World Security News
May 11, 2020

The Internet of things in 2020: More vital than ever
Just when we needed it most, the internet of things is delivering gobs of data and remote device control across almost every industry, from healthcare to agriculture.

Computer World Security News
May 08, 2020

Zoom to add end-to-end encryption with Keybase acquisition
Zoom has acquired secure messaging and identity management firm Keybase as its looks to shore up security capabilities on its platform with end-to-end encryption.

The acquisition will give Zoom access to Keybase's encryption technology, used to secure online identities, as well as its team of engineers. Launched in 2014, Keybase lets users encrypt social media messages and shared files with public key encryption to ensure that communications stay private. 

Keybase's cofounder Max Krohn will now head up Zoom's security team, Zoom said. Krohn's new role was first detailed by CNBC.

To read this article in full, please click here



Computer World Security News
May 07, 2020

5 lessons companies should learn about working at home
Companies now have the opportunity to learn from what is and isn't working during the coronavirus crisis. Use this time to build out a strategy so you won't have to use band aids and duct tape next time.

Computer World Security News
May 01, 2020

5 keys to supporting telework effectively and securely
Suddenly countless numbers of people are working from home. This massive shift in work processes can have huge repercussions from a security, privacy, regulatory and data governance standpoint.

Computer World Security News
Apr 29, 2020

Google extends G Suite identity and security device management to Windows 10 PCs
Google this week extended G Suite's device management tools to Windows 10 PCs, adding them to the Android, iOS and Chrome endpoints already on the list.

Administrators can now use the G Suite console to secure G Suite accounts on Windows 10 systems using Google's anti-hijacking and suspicious-login-detection technologies, and set those machines for single-sign on (SSO) so that G Suite account credentials double as Windows 10 log-in authentication.

The roll-out of the new console capabilities started April 27, with the rapid release and scheduled release tracks (the latter is the default) beginning simultaneously rather than staged, as usual.

To read this article in full, please click here



Computer World Security News
Apr 29, 2020

Microsoft Patch Alert: April 2020, another 'wacky' month
The patching pace this month returned to normal: We had the Patch Tuesday patches on April 14, followed by the "optional, non-security, C/D Week" patches one week later (Monthly Rollup Preview for you Win8.1 afficionados). With a bit of luck, that's the last round of confusing "optional" Win10 patches: Microsoft promises we won't see any more of them.

We also had an out-of-band patch for Office 2016 Click-to-Run, Office 2019 (which is only available as Click-to-Run) and Microsoft 365 Apps for Enterprise (previously known as Office 365 ProPlus). The big concern with those patches falls into the "it's not a bug, it's a feature" column.

To read this article in full, please click here



Computer World Security News
Apr 24, 2020

Many reported problems with this month's Win10 Cumulative Update, but few patterns
The blogosphere is awash in reports of problems with this month's Win10 1903/1909 Cumulative Update, with more than 100 reported bug sightings. What's causing the problems?

The trick every month is to sift through all of the problem reports and see if there are any common strings - whether folks running this piece of hardware or that kind of software should be especially cautious. 

I've been looking at the reports and I'll be hanged if I can see any pattern, aside from the usual cacophony of random error messages and broken systems. Can you see any common threads?

To read this article in full, please click here



Computer World Security News
Apr 23, 2020

Vivaldi joins anti-tracking browser brotherhood
Niche browser maker Vivaldi Technologies this week released version 3.0 of its eponymous application, which included integrated ad- and tracker-blockers.

Both tools were disabled by default in the new version, which was released Wednesday. "We believe that many users would not wish to prevent the sites they like to visit from generating revenue, and for that reason, we don't enable Ad blocker by default," wrote Jon von Tetzchner, co-founder and CEO of Vivaldi, in a post to a company blog.

To read this article in full, please click here



Computer World Security News
Apr 22, 2020

Zoom unveils a host of new privacy, security features
Looking to bounce back from a spate of recent security miss-steps, video conferencing platform Zoom today announced a variety of new privacy and security capabilities in Zoom 5.0, a key milestone in the company's recently launched 90-day security plan.

The primary difference between the current version of Zoom software and Zoom 5.0 is the addition of support for AES 256-bit GCM encryption; it's designed to provide increased protection for meeting data and resistance to tampering. The new level of encryption will be available across Zoom Meeting, Zoom Video Webinar, and Zoom Phone.

To read this article in full, please click here



Computer World Security News
Apr 21, 2020

8 video chat apps compared: Which is best for security?
Zoom, Microsoft Teams, Google Duo, Cisco Webex, FaceTime, Jitsi, Signal and WhatsApp. What does their encryption look like? What are the trade-offs?(Insider Story)

Computer World Security News
Apr 16, 2020

Don't Panic, but do make this month's Patch Tuesday a priority
Given that 113 updates arrived for April‘s Patch Tuesday, IT admins have a lot to do. For older systems, Adobe font issues (CVE-2020-0938, CVE-2020-1020) will should get immediate attention. Changes to the Windows Scripting handler and the browser-based Chakra scripting engine may require some additional testing for in-house applications.

This month's Office updates are relatively low impact unless you are running SharePoint server - which will then require a number of updates, leading to a server reboot. With three (so far) zero-days and a number of critical memory-related patches to Windows, my advice is: don't panic. Patch older systems first. Test core applications for scripting dependencies and then schedule the remaining updates according to your normal update cycle.

To read this article in full, please click here



Computer World Security News
Apr 16, 2020

How to protect against 'Apple' phishing scams
Checkpoint Research recently warned that criminals are exploiting the COVID-19 crisis with a wave of attempts to trick people into sharing their security credentials with fake emails.

To catch a phish Apple, the research claims, is the most widely impersonated brand.

Phishing is the practice of impersonating legitimate messages from a brand in an email or other message in an attempt to trick people into accessing that service via insecure servers, sharing their login passwords and credentials when they do.

Criminals can then use this information to undermine account security, dig deeper into your identity to get even more confidential data, or even sell your details on the black market to other hackers.

To read this article in full, please click here



Computer World Security News
Apr 14, 2020

The coronavirus is revealing our technology blunders
You've lost your job and now you face an obsolete, sluggish unemployment system that feels like it was written in the 1950s. Actually, it's more than a feeling. If you're in New Jersey, New York or Connecticut, your unemployment system was written in 60-year-old Cobol. Meanwhile, if you want to apply for unemployment benefits online in Washington, D.C., the system insists you use Internet Explorer. As I recall, IE was put out to pasture five years ago.

To read this article in full, please click here



Computer World Security News
Apr 13, 2020

Everything we know about the Google/Apple COVID-19 contact tracing tech
Creeping erosion of privacy? Desperately needed technology-based solution to a global life or death problem? A little of both? Here is what we think we know now about the Apple/Google contact tracing technology.

What has happened? Apple and Google are working together to develop COVID-19 contact tracing technology for both Android and iOS devices.

To read this article in full, please click here



Computer World Security News
Apr 13, 2020

Amid the pandemic, MFA's shortcomings are clearer than ever
Due to you-know-what (if I have to type "corona" or "COVID" again, I'll scream), enterprises have been forced to send a massive number of employees into makeshift home offices within just a few days. That means that there was no time for the security niceties, such as properly processing RFPs for apps that were thoroughly vetted. Given the emergency, employees and IT teams worked with what they could, figuring that they would improve security on the fly as soon as circumstances permitted.

That brings us to MFA. Multifactor authentication is supposed to be just that, but it's typically deployed in the least secure manner — sending straight numeric texts to a mobile device, a tactic that is well-known to be susceptible to man-in-the-middle attacks. So, are there better ways to deploy MFA, something that can be easily executed under today's far-less-than-ideal conditions? Let's dig in.

To read this article in full, please click here



Computer World Security News
Apr 10, 2020

Podcast: How to secure and speed up your home Wi-Fi network
With most of (if not everyone in) your household now working from home, you're perhaps asking more of your home network than ever before. Multiple devices may now be hosting a video conference, streaming and using chat tools all at the same time. On top of those demands, you may also be accessing sensitive company data from home. Your home Wi-Fi network needs to be both fast and secure. PCWorld/Macworld's Michael Simon joins Juliet and gives tips on how to prioritize certain traffic on your home network, boost speeds and secure it all without leaving your house.

To read this article in full, please click here



Computer World Security News
Apr 09, 2020

Google, Microsoft talk up security after Zoom firestorm
As video conferencing platform Zoom continues to weather unfavorable headlines about its security, two big market rivals are doubling down on commitments to keeps users safe.

In recent weeks, Zoom has faced a barrage of criticism involving privacy and security failings, culminating in CEO Eric Yuan acknowledging this week that the company "moved too fast" but is  now committed to being "open and honest with [customers] about areas where we are strengthening our platform." He also announced that Zoom had stopped development of new product features for 90 days to focus on security.

To read this article in full, please click here



Computer World Security News
Apr 09, 2020

Zoom hit by investor lawsuit as security, privacy concerns mount
The challenges facing Zoom continue to mount, as the company now faces an investor lawsuit and more organizations ban the use of the video meeting app due to privacy and security concerns. The company also upped efforts to improve its security and privacy practices by hiring Facebook's former CSO as a consultant. 

Zoom has seen a surge in use in recent weeks as self isolation in response to the pandemic ramps up the demand for video software. As its popularity has boomed - both for business and personal use - and the company's stock price rocketed, Zoom has come under pressure on a number of fronts. 

To read this article in full, please click here



Computer World Security News
Apr 07, 2020

Dumb luck?
This pilot fish is an engineer setting up control systems for power plants, and one day he has a disagreement with an IT manager at one of his clients. Topic: complex passwords. There's a push on throughout the IT world to make passwords more complex.  

But fish's point is that that advice isn't valid when you have an air gap between the control systems and any other network. In fact, fish tells the manager, when it comes to internal hacking, complex passwords are more risky than no password at all because people never remember complex passwords and have to write then down on sticky notes. The manager says that would never happen at his plant — people know better.

To read this article in full, please click here



Computer World Security News
Apr 07, 2020

Do's and don'ts of videoconferencing security
When any technology sees its popularity increase quickly, the number of bad actors taking advantage of new and untrained users also grows. The world is seeing this now with videoconferencing services and applications, as reports about the popular Zoom app being hijacked — known as "Zoom-bombing" — have surfaced.

With multiple reports of conferences being disrupted by pornographic and/or hate images and threatening language, the FBI's Boston office recently issued a warning for users of videoconferencing platforms about the incidents. Security expert and investigative journalist Brian Krebs provided details on Zoom's password problems and how hackers were able to use "war dialing" methods to discover meeting IDs and passwords for Zoom meetings.

To read this article in full, please click here



Computer World Security News
Apr 06, 2020

Zoom clamps down further on security weaknesses
Zoom, which on Friday stopped development of new product features so it could focus on fixing various privacy and security issues, clamped down even further on security weaknesses over the weekend.

The company on Saturday switched on default password settings and waiting rooms for users of its Free Basic tier and those with a single account on its cheapest paid tier, such as K-12 eduction accounts. All meetings that use a Personal Meeting ID (PMI) will now need a password, and password settings that had been disabled will be re-enabled. As a result, passwords will be required for instant meetings, for participants joining by phone and when a new meeting is scheduled.

To read this article in full, please click here



Computer World Security News
Apr 06, 2020

We need to social-distance from the scammers
For hackers who target Windows, the coronavirus pandemic is like Christmas come early. But what's good news for them is bad news for you, piled onto all the other bad news wrought by the pandemic. Undeterred by the crisis — indeed, spurred to new heights by it — hackers have been coming up with a host of devious ways to use your natural fears in order to infect your Windows PC with malware and ransomware.

How bad is it? The security company Malwarebytes calls the pandemic "a golden opportunity for threat actors to capitalize on fear, spread misinformation, and generate mass hysteria — all while compromising victims with scams or malware campaigns."

To read this article in full, please click here



Computer World Security News
Apr 03, 2020

Browser makers cite coronavirus, restore support for obsolete TLS 1.0 and 1.1 encryption
Google, Microsoft and Mozilla have each issued reprieves to Transport Layer Security (TLS) 1.0 and 1.1, aged encryption protocols that were to be bounced from browser support in March, because of the COVID-19 pandemic.

By common agreement, Google's Chrome, Microsoft's Internet Explorer (IE) and Edge, and Mozilla's Firefox were to disable support for TLS 1.0 and 1.1 early in 2020. They, along with Apple - which produces Safari - announced the move a year and a half ago, noting then that the protocols had been made obsolete by TLS 1.2 and 1.3.

To read this article in full, please click here



Computer World Security News
Apr 03, 2020

Zoom pauses new feature development to focus on privacy, security
Zoom has decided to cease development of new product features so it can focus on fixing various privacy and security issues.

The company has seen a surge in the use of its platform in recent weeks, as self isolation in response to the Covid-19 pandemic ramps up the demand for video software. As its popularity has boomed - both for business and personal use - and the company's stock price rocketed, underlying vulnerabilities in the platform have become apparent. 

[ Related: 7 Zoom tips for working from home ] "Zoom-bombing," where intruders have been able to access video meetings that were not password protected, has led to serious privacy concerns, with uninvited attendees harassing online A.A. meetings and church meetings, for example. The FBI this week warned of unauthorized access to virtual classrooms and recommended that users change security settings to protect meetings. 

To read this article in full, please click here



Computer World Security News
Apr 01, 2020

BrandPost: Avoid security breaches: How to protect your data
Data security breaches at major corporations seem to be perpetually in the news. The hacks range in size and scope, but it's no secret that firms hit by hackers often suffer serious consequences.

What can you do to help prevent your organization from becoming tomorrow's cyber-breach news headline? Here are 18 pointers:

Educate all employees on the importance of protecting data. Explain the need to avoid risky behavior such as downloading music or videos from rogue websites. Once employees understand that criminals want the data with which the employees work, their thinking changes in ways that can make the organization's data much safer than before. Understand what data you have and classify it. You cannot secure information if you do not know that it exists, where it is stored, how it is used, how it is backed up, and how it is decommissioned. Make sure you know those things about all of your sensitive information. Because not all data is equally sensitive, make sure to classify data according to its level of importance. Do not give every employee access to every system and piece of data. Create policies governing who has physical and/or electronic access to which computer systems and data, and implement procedures, policies, and technical controls to enforce such a scheme. Authorize people to access the data that they need in order to do their jobs but do not provide them with access to other sensitive data. Consider moving sensitive information and systems to a cloud provider. Unless you have an adequate information security team, the odds are pretty good that a major cloud provider will do a better jo

Computer World Security News
Apr 01, 2020

BrandPost: Protect your data to protect your business
The most important thing your business provides isn't a service or a product. It's trust. And it comes from letting your customers and employees know that you're protecting your business—and their data—against cyberattacks.

Building a foundation for trust isn't easy. Cyberthreats continue to grow in number and complexity as businesses shift more of their operations online and enable anytime/anywhere access to information to support an increasingly remote workforce. This ongoing digital transformation exposes more systems and data to potential attacks - increasing risk for your organization.

Addressing this challenge requires a new approach to protecting business information. "The assumption that everything's on-premises and protected behind a firewall has largely disappeared," says Robert Crane, principal at CIAOPS, a technology consultancy that specializes in helping businesses improve their productivity by using technology and smart business practices. "But some businesses are still locked into that old-world thinking."

To read this article in full, please click here



Computer World Security News
Mar 26, 2020

Google Smart Lock: The complete guide
Think fast: How many times a day do you pick up your phone to look at something? Unless you live in the tundra or have far more self-control than most, the answer probably falls somewhere between "quite a few" and "more than any sane person could count." Assuming you keep your device properly secured, that means you're doing an awful lot of unlocking — be it with your face, your fingerprint, or the code you tap or swipe onto your screen.

Security's important, but goodness gracious, it can be a hassle.

Thankfully, there's a better way. Google Smart Lock provides a variety of options for keeping your Android phone unlocked in preapproved, known-to-be-safe circumstances. It's an easily overlooked but incredibly useful feature that lets you create a sensible balance between security and convenience. And once you set it up, it's simple as can be to use.

To read this article in full, please click here



Computer World Security News
Mar 25, 2020

Microsoft to stop serving non-security monthly updates to Windows
Beginning in May, Microsoft plans to halt the delivery of all non-security updates to Windows, another step in its suspension of non-essential revisions to the OS and other important products.

The optional updates, which Microsoft designates as Windows' C and D updates, are released during the third and fourth week of each month, respectively.

"We have been evaluating the public health situation, and we understand this is impacting our customers," Microsoft said to some understatement in a March 24 post to the Windows 10 messaging center. "In response to these challenges we are prioritizing our focus on security updates."

To read this article in full, please click here



Computer World Security News
Mar 25, 2020

Reading between the lines about Microsoft 'pausing optional updates'
Yesterday, a post on the official Windows Release Information site said that Microsoft will, at least temporarily and starting in May, stop sending out the pesky "optional, non-security, C/D Week" patches we've come to expect. 

Those "optional" second-monthly patches are usually laden with many dozens of fixes for miscellaneous, minor bugs in Windows. For example, the second-monthly cumulative update for Win10 version 1903 released yesterday lists 31 different fixes, most of which only matter in very specific cases.

To read this article in full, please click here



Computer World Security News
Mar 24, 2020

Don't let the coronavirus make you a home office security risk
Congratulations. You're now the chief security officer of your company's newest branch office: Your home. Here's how to manage your new job.

Computer World Security News
Mar 24, 2020

Microsoft Patch Alert: March 2020 brings two ‘sky-is-falling' warnings, with no problems in sight
It's been another strange patching month. The usual Patch Tuesday crop appeared. Two days later, we got a second cumulative update for Win10 1903 and 1909, KB 4551762, that's had all sorts of documented problems. Two weeks later, on Monday, Microsoft posted a warning about (another) security hole related to jimmied Adobe fonts.

Predictably, much of the security press has gone P.T. Barnum.

The big, nasty, scary SMBv3 vulnerability Patch Tuesday rolled out with a jump-the-gun-early warning from various antivirus manufacturers about a mysterious and initially undocumented security hole in the networking protocol SMBv3.

To read this article in full, please click here



Computer World Security News
Mar 23, 2020

Post-coranavirus planning calls for more (not less) investment in tech
The coronavirus crisis is just beginning. But it will end. And how you fare after the pandemic depends on what you do right now. Here are four areas to focus on.

Computer World Security News
Mar 23, 2020

Post-coronavirus planning calls for more (not less) investment in tech
The coronavirus crisis is just beginning. But it will end. And how you fare after the pandemic depends on what you do right now. Here are four areas to focus on.

Computer World Security News
Mar 19, 2020

Microsoft adds 6 months support for Windows 10 1709 to account for pandemic disruption
Microsoft today extended the support lifespan of Windows 10 Enterprise 1709 and Windows 10 Education 1709 by six months, pushing their retirements to Oct. 13. The original end-of-support date had been fixed as April 14.

Microsoft cited the COVID-19 pandemic's impact, which in just the U.S. has ranged from massive business closings and multi-county lockdowns to a broad movement of companies telling white-collar employees to work from home. By midday March 19, 171 deaths in the U.S. had been attributed to the virus. Globally, deaths approached 10,000.

To read this article in full, please click here



Computer World Security News
Mar 19, 2020

COVID-19 and tech: New collaboration tools mean new security risks
As the coronavirus forces companies to move their communication and file sharing onto collaboration platforms, be prepared for unintended consequences: New security threats will surface, requiring new methods of securing your environment.

Computer World Security News
Mar 13, 2020

What your business should do about the coronavirus ... right now
The Covid-19 crisis is the Black Swan event of our lifetime. Here's how to hold it all together (while keeping employees apart).

  • CEOExpress
  • 1 Boston Place | Suite 2600
    Boston MA 02108
  • 617 482 1200
    617 299 8649 (fax)
  • Contact
  • As an Amazon Associate
    CEOExpress earns from
    qualifying purchases.

©1999-2020 CEOExpress Company LLC