NEWS: COMPUTER WORLD SECURITY NEWS
Setup News Ticker
   NEWS: COMPUTER WORLD SECURITY NEWS
Computer World Security News
Jul 13, 2018

Microsoft yanks buggy Office 2016 patch KB 4018385, republishes all of this month's patch downloads
As I reported yesterday, the July 2018 Windows and Office patches teem with bugs. We're just beginning to see the fallout.

The July 3 non-security Office 2016 patch KB 4018385 is officially yanked. If you don't recall KB 4018385 — a small patch in a sea of Office fixes — the original KB article describes it thusly:

To read this article in full, please click here



Computer World Security News
Jul 13, 2018

Here come the first blockchain smartphones: What you need to know
After months of speculation, Taiwanese electronics company Huawei Technologies Ltd. (HTC) has confirmed it will be releasing a blockchain-enabled smartphone this year that will allow users to securely store cryptocurrency offline and act as a compute node in a blockchain network.

"We want to double and triple the number of nodes of Ethereum and Bitcoin," HTC said in its marketing material for the device. The new smartphone is expected to be able to work with multiple blockchain protocols allowing for interoperability between them.

[ Further reading: Review: Samsung's new Galaxy S9 phones make excellence routine ] In addition, the HTC Exodus blockchain-enabled smartphone will allow owners to play CryptoKitties, a decentralized app (Dapp) game. Dapps are applications that run across multiple nodes on peer-to-peer (P2P) networks.

To read this article in full, please click here



Computer World Security News
Jul 12, 2018

Google flips switch on Chrome's newest defensive technology
Google has switched on a defensive technology in Chrome that will make it much more difficult for Spectra-like attacks to steal information such as log-on credentials.

Called "Site Isolation," the new security technology has a decade-long history. But most recently it's been cited as a shield to guard against threats posed by Spectre, the processor vulnerability sniffed out by Google's own engineers more than year ago. Google unveiled Site Isolation in late 2017 within Chrome 63, making it an option for enterprise IT staff members, who could customize the defense to shield workers from threats harbored on external sites. Company administrators could use Windows GPOs - Group Policy Objects - as well as command-line flags prior to wider deployment via group policies.

To read this article in full, please click here



Computer World Security News
Jul 12, 2018

Patch Tuesday problems abound, Server 2016 crashes, and a .Net patch goes down in flames
You know it's going to be an Alice in Wonderland month when some sites report that Microsoft plugged 54 vulnerabilities on Patch Tuesday, while others report 53. Fact is, patching has become so brutal — and so banal — that there's no consensus on counting, much less on what's good and bad.

Suffice to say that, once again this month, there was a huge number of security patches (129 individual patches, according to the Microsoft Update Catalog), with no pressing security fixes unless you're using the Edge browser or Internet Explorer. Microsoft changed Win10 version 1803 to "Semi-Annual Channel," but the term now means less than it ever has before. If that's possible.

To read this article in full, please click here



Computer World Security News
Jul 03, 2018

The difference between red team engagements and vulnerability assessments | Salted Hash Ep 34
In this episode, host Steve Ragan talks with Phil Grimes, Professional Services Lead at RedLegg, about the challenges of educating customers — and building a partnership with them — to create successful red team engagements.

Computer World Security News
Jul 02, 2018

Get the Microsoft June patches applied, but watch out for Win7 NICs and old antivirus
Windows 7 customers should be on the lookout for a couple of, uh, challenges this month, as the Win10 1803 trail of tears continues and Win10 1709 finally looks pretty solid.

The Win7/Server 2008R2 network card bugs continue First, the good news. If you installed last month's Win7/Server 2008R2 patches and your network connections didn't go kablooey, you're almost undoubtedly OK to proceed with this month's patches.

On the other hand, if you've been waiting to install patches on your Win7 or Server 2008R2 machine, you need to be aware of a bug that Microsoft has acknowledged. It was introduced by a patch back in March, according to the KB articles, and hasn't been fixed yet:

To read this article in full, please click here



Computer World Security News
Jun 28, 2018

BlackBerry's Android upgrade track record should give anyone pause
Hey, look: A new BlackBerry phone is here! And no, you didn't just wake up from a 12-year coma. I promise you, it is still 2018.

The new BlackBerry Key2, however, is aimed squarely at those who miss the glory days of the physical-keyboard-packin' phone — specifically, business users who still place some sort of value on the BlackBerry name (even if it's technically a different organization making the devices now). The company's own landing page for the device placards that focus plainly:

To read this article in full, please click here



Computer World Security News
Jun 27, 2018

Microsoft Patch Alert: Some bugs in Win 10 (1803) fixed, others persist
Microsoft's patches in June took on some unexpected twists.

Windows 7 owners with older, 2002-era Pentium III machines got their patching privileges revoked without warning or explanation (and a documentation cover-up to boot), but there's little sympathy in the blogosphere for elderly PCs.

Win10 1803 was declared fully fit for business, a pronouncement that was followed weeks later by fixes for a few glaring, acknowledged bugs — and stony silence for other known problems.

To read this article in full, please click here



Computer World Security News
Jun 22, 2018

Supreme Court: Your digital location is protected by the Constitution
The U.S. Supreme Court today ruled that access to historical cell-site records of a person's location based on their mobile phone will require law enforcement to obtain a warrant before searching a person's historical location records.

This is the first time the high court has ruled on whether a phone subscriber has a legitimate expectation of privacy regarding a telephone company's records of their cellphone location data, according to Aloke Chakravarty, a partner in the Denver-based law firm of Snell & Wilmer.

[ Free download: Mobile management vendors compared ] "This is a landmark case for privacy, and how the court will deal with emerging technologies going forward," Chakravarty said via email. "It creates a new lens through which to view a government's ability to obtain third-party records where a criminal defendant neither possesses the records, doesn't have a property interest in them, may not even know they exist, and he cannot personally even access them."

To read this article in full, please click here



Computer World Security News
Jun 22, 2018

Big Win10 1709 patch reinforces twice-a-month patching pace but, oddly, nothing new for 1803
Microsoft's Windows 10 patching pace is so fast at this point that one Patch Tuesday doesn't cover all the bases. Instead, we're seeing one massive Cumulative Update on Patch Tuesday, and a second — typically large — grab bag of patches later in the month.

You have to wonder what's happening, though, when Microsoft can deliver its second bundle of patches for 1709, 1703 and 1607 before the second patch for the latest version, 1803, sees light of day.

The Win10 patches KB 4284822 for Win10 1709

To read this article in full, please click here



Computer World Security News
Jun 22, 2018

Apple pushes privacy theme in Safari for iOS 12, 'Mojave'
Apple upgrades its Safari browser on macOS and iOS just once a year, making the refresh more strategic than most of its rivals, notably Google, which last year had eight separate opportunities to add features or functionality to Chrome.

The next Safari, which will be bundled with macOS 10.14 'Mojave' and iOS 12, and offered as a separate download for those who stick with macOS High Sierra (10.13) and Sierra (10.12), thus must make its enhancements count.

[ Further reading: 10 must-have Safari extensions ] On the security and privacy side, Safari tries its hardest to build a case. Here are the important ways Apple's browser - which shed user share on both the desktop and on mobile over the past year - has staked its reputation for the next 12 months.

To read this article in full, please click here



Computer World Security News
Jun 21, 2018

Throwback Thursday: Get the picture?
IT director pilot fish at a daily newspaper is reworking the company's entire network. Why? "There is no security," sighs fish. "None, with about 90 users in a peer-to-peer Mac and PC environment."

One night he gets a call from an editor: One of the applications isn't working. It's the one that lets a reporter find a photo on a wire service's website and save it to a folder. The app then moves the folder to a holding folder on another machine, where yet another machine can grab it and put it into the newspaper's production process.

It takes a couple hours of troubleshooting, but fish tracks down the problem. That holding folder? The one that's actually named "Do not touch, do not delete"?

To read this article in full, please click here



Computer World Security News
Jun 19, 2018

Getting hands-on with industrial control system setups at RSA | Salted Hash Ep 31
Host Steve Ragan is joined on the RSA 2018 show floor by Bryson Bort, CEO and founder of SCYTHE, to talk about the ICS Village, where attendees can learn how to better defend industrial equipment through hands-on access to the equipment.

Computer World Security News
Jun 14, 2018

Apple wins praise for adding 'USB Restricted Mode' to secure iPhones
Apple confirmed today it will close a security hole that has allowed law enforcement officials, working with forensic companies, to break into iPhones to retrieve data related to criminal investigations.

In the upcoming release of iOS 12, Apple will change default settings on iPhones to shutter access to the USB port when the phone has not been unlocked for one hour. In its beta release of iOS 11.3, Apple introduced the feature - known as USB Restricted Mode - but cut it from iOS 11.3 before that version was released publicly.

To read this article in full, please click here



Computer World Security News
Jun 14, 2018

Which Android phones get regular security updates? Here's a hint
Here in the land o' Android, wrapping your noggin around the subject of software updates isn't always easy to do.

We've got regular OS updates, sure — and info on the various phone-makers' performance in that domain is readily available, if you (a) know where to find it and (b) are even aware that you should be looking for such data in the first place. But still, that's only one piece of the puzzle.

To read this article in full, please click here



Computer World Security News
Jun 14, 2018

Is your company part of the GDPR 'mobile loophole'?
Mobile tech, and especially mobile brought into companies through BYOD, has unique challenges for companies that need to comply with General Data Protection Regulations (GDPR) — and that's virtually all companies, not just the ones in Europe. The regulations compel companies to manage personal data and protect privacy, and they provide individuals to have a say in what and how data about them is used.

GDPR has several disclosure and control requirements, such as providing notice of any personally identifiable data collection, notifying of any data breaches, obtaining consent of any person for whom data is being collected, recording what and how data is being used, and providing a right for people whose data is being collected to see, modify, and/or delete any information about them from corporate systems.

To read this article in full, please click here



Computer World Security News
Jun 12, 2018

Apple bans cryptocurrency mining apps on iOS to protect mobile users
Using an iPad or iPhone to mine bitcoin or other cryptocurrencies would be hard to do, as the CPU power available to complete the task would be a drop in the bucket compared to what's needed.

But using a portion of the CPU power from thousands of iPads or iPhones to mine cryptocurrency makes more sense - and that's exactly what some malware has been doing.

Apple is now moving to stop the practice.

[ Further reading: The way blockchain-based cryptocurrencies are governed could soon change ]

To read this article in full, please click here



Computer World Security News
Jun 12, 2018

How the Spanish cybercriminal underground operates | Salted Hash Ep 30
Host Steve Ragan reports from the RSA 2018 conference, talking with Liv Rowley, an intelligence analyst at Flashpoint, about Spanish cybercrime, an underground community that poses persistent security risks.

Computer World Security News
Jun 11, 2018

Make sure Windows auto update is temporarily turned off, and watch out for SMBv1 fixes
In May, we saw a host of bugs introduced by the Patch Tuesday "security" patches. By the end of the month, patches for those patches killed almost all of the bugs - even the inability of Win10 version 1803 to run on certain kinds of solid-state drives, including the one in some Surface Pros.

[ Related: Windows 7 to Windows 10 migration guide ] We also saw Microsoft push Win10 version 1803 onto machines that were specifically set to avoid it. I haven't seen any official response to Microsoft's inquiry into the reports, but we now have a sighting of a Win7 machine being pushed onto Win10, in spite of its settings.

To read this article in full, please click here



Computer World Security News
Jun 07, 2018

Apple's Health Record API released to third-party developers; is it safe?
Apple at its Worldwide Developers Conference this week released an API that allows  developers and researchers to create applications that connect to Health Records, a feature released with iOS 11.3 that allows patients to port their electronic health info to mobile devices and share data between care providers.

While the move promises to streamline the sharing of healthcare data, it also could open the door to that highly sensitive data falling into the wrong hands.

To read this article in full, please click here



Computer World Security News
Jun 05, 2018

Learn what the 'zero trust' security model really means | Salted Hash Ep 29
Host Steve Ragan reports from RSA 2018 conference, talking with Wendy Nather, director, advisory CISOs at Duo Security, about how organizations can build a zero trust model, including consistently authenticating users.

Computer World Security News
Jun 02, 2018

May Windows and Office patches are now relatively stable, but Win7 NIC problems persist
At least the really bad bugs, introduced by "security" patches earlier this month, have been fixed. The problems that remain reside in the dregs — not likely to bite, but worth knowing about in case something suddenly goes bump in the night.

And if you're using Win10 1803, you should definitely ask Microsoft for an increase in combat-duty pay. 

The ongoing Win7/Server 2008 R2 patching threat Remember when Win7 was relatively stable? OK, OK; "stable" is a relative term that's unlikely to apply to any version of Windows, but you know what I mean. Win7 and Server 2008 R2 have gone through months of problems with networking in general, and apoplectic network interface cards in particular.

To read this article in full, please click here



Computer World Security News
May 31, 2018

What is Apple hiding with iOS 11.4?
Have you installed iOS 11.4? Once you'd looked at AirPlay 2and Messages in iCloud, did you happen to take a look at the contents of the security updates?

‘Details available soon' If you did you'll have been disappointed.

Apple hasn't disclosed details concerning the security content of the new software. It hasn't revealed anything concerning USB Restricted Mode, which apparently makes it harder for people to hack into your device.

To read this article in full, please click here



Computer World Security News
May 30, 2018

How to use Apple's Messages in iCloud for iOS, Mac
Along with key HomePod improvements, Apple also introduced Messages in iCloud with iOS 11.4. It's a useful feature designed to store your Messages and attachments in iCloud, but enterprise users should think twice before enabling it.

Security is everything I'm not saying iCloud is not secure - so long as you use a six-or more digit passcode or (better, but more awkward) an alphanumeric passcode, it's highly secure. I'm reasonably confident a strong password, Apple's own systems and its insistence you use two-factor authentication is enough for most of us.

To read this article in full, please click here



Computer World Security News
May 30, 2018

Microsoft Patch Alert: Major bugs introduced in May fixed, plenty of problems remain
Once more we have a monthly Windows/Office patch scorecard that needs a guidebook. Or two. And we just got a handful of buried warnings about problems in old patches, plus a brand new way to fry your network interface card.

Thus continues the tradition of two cumulative updates per month for all of the supported Windows 10 versions - that's eight cumulative updates in total - in addition to bobs and weaves and a very long list of acknowledged bugs introduced by recent security patches in Windows 7.

Conflicts with Remote Desktop The strange behavior of the CredSSP update - where the Patch Tuesday fixes for all versions of Windows seemed to break Remote Desktop Protocol with a strange error message: "This could be due to CredSSP encryption oracle remediation" has been resolved.

To read this article in full, please click here



Computer World Security News
May 29, 2018

WWDC: Apple's NFC plan is a big developer opportunity
Apple will open up fresh opportunities for developers as it extends Near Field Communications (NFC) support in iOS to more uses.

NFC: Apple's story so far Apple introduced support for a new NFC framework called Core NFC at WWDC 2017. Developers were pleased, but the implementations were rather limited.

[Also read: WWDC 2018 preview: What can we expect?] Core NFC let developers build apps that read NFC tags, but only for things like visitor attractions and museum exhibitions.

To read this article in full, please click here



Computer World Security News
May 28, 2018

TSB phishing attacks | Salted Hash Ep 33
TSB customers in the U.K. were already frustrated by the bank's technical problems, but now the situation has gotten worse as criminals take advantage of the chaos. Host Steve Ragan looks at recent TSB phishing attacks and the kit that powers them.

Computer World Security News
May 26, 2018

Amazon's Echo privacy flub has big implications for IT
Amazon has confirmed a report that one of its Echo devices recorded a family's conversation and then messaged it to a random person on the family's contact list, who is an employee of a family member.

But Amazon, in a statement emailed to Computerworld, confirmed every privacy advocate's worst nightmare with its explanation: "Echo woke up due to a word in background conversation sounding like 'Alexa.' Then, the subsequent conversation was heard as a 'send message' request. At which point, Alexa said out loud 'To whom?' At which point, the background conversation was interpreted as a name in the customer's contact list. Alexa then asked out loud, '[contact name], right?' Alexa then interpreted background conversation as 'right.' As unlikely as this string of events is, we are evaluating options to make this case even less likely."

To read this article in full, please click here



Computer World Security News
May 25, 2018

Avast blames Microsoft for Win10 1803 upgrade blue screens, nonsensical options
Looks as if we have a solution for the Avast-related blue screens in Win10 1803 upgrades that I talked about earlier this week. Avast heavyweight Ondrej Vlcek chose his words carefully but threw lots of shade at Microsoft for the upgrade installer's bug.

Posting on the Avast forum, Vlcek says:

To read this article in full, please click here



Computer World Security News
May 23, 2018

How your web browser tells you when it's safe
Google last week spelled out the schedule it will use to reverse years of advice from security experts when browsing the Web - to "look for the padlock." Starting in July, the search giant will mark insecure URLs in its market-dominant Chrome, not those that already are secure. Google's goal? Pressure all website owners to adopt digital certificates and encrypt the traffic of all their pages.

The decision to tag HTTP sites - those not locked down with a certificate and which don't encrypt server-to-browser and browser-to-server communications - rather than label the safer HTTPS websites, didn't come out of nowhere. Google has been promising as much since 2014.

To read this article in full, please click here



Computer World Security News
May 22, 2018

How deception technologies use camouflage to attract attackers | Salted Hash Ep 26
Host Steve Ragan reports from the show floor at RSA 2018, where talks with Chris Roberts, chief security architect at Acalvio Technologies, about the benefits and misconceptions of deception technologies.

Computer World Security News
May 21, 2018

Google details how it will overturn encryption signals in Chrome
Google has further fleshed out plans to upend the historical approach browsers have taken to warn users of insecure websites, spelling out more gradual steps the company will take with Chrome this year.

Starting in September, Google will stop marking plain-vanilla HTTP sites - those not secured with a digital certificate, and which don't encrypt traffic between browser and site servers - as secure in Chrome's address bar. The following month, Chrome will tag HTTP pages with a red "Not Secure" marker when users enter any kind of data.

[ Further reading: What's in the latest Chrome update? ] Eventually, Google will have Chrome label every HTTP website as, in its words, "affirmatively non-secure." By doing so, Chrome will have completed a 180-degree turn from browsers' original signage - marking secure HTTPS sites, usually with a padlock icon of some shade, to indicate encryption and a digital certificate - to labeling only those pages that are insecure.

To read this article in full, please click here



Computer World Security News
May 19, 2018

Easy mobile security the Faraday way
Have you heard about those special bags, cases and wallets that protect your electronics from hack attacks?

It's a signal-blocking container, basically a tinfoil hat for your gadget.

Tinfoil hats are associated with conspiracy theorists concerned about secret government mind-control programs. But when it comes to your wireless gadgets, they really are out to get you.

For example: It's not a conspiracy theory to believe that companies you've never heard of are tracking your location.

In the past two weeks, we've learned that a company called Securus Technologies sold the real-time location data of millions of people. It got this data from another company called LocationSmart, which itself was buying the data from AT&T, Sprint, T-Mobile and Verizon.

To read this article in full, please click here



Computer World Security News
May 18, 2018

What is blockchain? The most disruptive tech in decades
Blockchain is poised to change IT in much the same way open-source software did a quarter of a century ago. And in the same way that Linux took more than a decade to become a cornerstone in modern application development, Blockchain will take years to become a lower cost, more efficient way to share information between open and private networks.

But the hype around this seemingly new, secure electronic ledger is real. In essence, blockchain represents a new paradigm for the way information is shared and tech vendors and companies are rushing to figure out how they can use the distributed ledger technology to save time and admin costs. Numerous companies in 2017 began rolling out pilot programs and real-world projects across a variety of industries - everything from financial services to healthcare to mobile payments and even global shipping.

To read this article in full, please click here



Computer World Security News
May 18, 2018

Tech Talk: As GDPR looms, companies rush to comply
For many companies, GDPR has become a four-letter acronym.

The European Union's new General Data Protection Rule - which applies to virtually any kind of data that can be used to identify a person - goes into effect May 25. And companies around the world are rushing to make sure they're in compliance, or at least can demonstrate that they're hard at work trying to meet the EU demands.

[ Further reading: Will blockchain run afoul of GDPR? (Yes and no) ] GDPR is designed to protect personal privacy, (hopefully) make companies more secure from data breaches and force them to get their collective hands around all the data they collect, use and distribute. 

To read this article in full, please click here



Computer World Security News
May 18, 2018

Tech Talk: Prepping for GDPR
CSO's Michael Nadeau and Steve Ragan join Computerworld's Ken Mingis and IDG Communications' Mark Lewis to look at what the new EU privacy rules means. They offer insights on how companies can prepare - and what happens if they don't.

Computer World Security News
May 18, 2018

What is blockchain technology?
Cryptocurrency such as Bitcoin has garnered most of the media coverage and hype to date, but keep your eye on blockchain - this new technology is poised to change IT in much the same way open-source software did a quarter century ago.

Computer World Security News
May 17, 2018

Patch update: Monthly Rollup previews arrive for Win7, 8.1, along with updates for Win10 1607, 1703
We just got a smattering of patches that seem to be in the "Oh yeah, we forgot" bucket. Windows 7 and 8.1 received Previews (which you should never install, of course). Win10 1607 (out of support for Home and Pro on April 10) and 1703 got the usual laundry list of minor fixes.

I bet Win10 1709 and 1803 updates will be out soon.

Here's the roundup:

KB 4103713 - Win7 Monthly Rollup preview. Doesn't solve the network driver uninstallation bug, but does add a new "SMB1 access auditing on Windows Server 2008 R2 SP1." You have to turn on the auditing with a registry change.

To read this article in full, please click here



Computer World Security News
May 17, 2018

Solving a blockchain conundrum: Biometrics could recover lost encryption keys
Blockchain could one day solve the online privacy problem by encrypting or scrambling personally identifiable information and issuing each person a random string of bits - a private key - created explicitly for unscrambling their data.

The person holding the blockchain private key could issue various public keys controlling who has access to the personal data on the blockchain. So, for instance, if a car rental agency needed to verify you have a driver's license, you could use a public key to give them access to that information.

To read this article in full, please click here



Computer World Security News
May 16, 2018

Lots of little Microsoft patches, but nothing for this month's big bugs — and no Previews
Third Tuesday of the month and it's time for bug fixes and Monthly Rollup Previews, right?

Well, no. May's Third Tuesday brought a big bag of .Net Framework Previews, microcode patches for Win10 1803 and Server 2016, and a Win10 1803 upgrade nag, but no respite at all for the major problems introduced by this month's earlier patches.

The .Net Framework Previews Unless you're testing your own .Net-based software to make sure it won't explode next month, you don't need to think about these. There's the usual assortment of Previews for .Net Framework 2.0, 3.0, 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7 and 4.7.1 for all the usual versions of Windows and Server.

To read this article in full, please click here



Computer World Security News
May 16, 2018

What an Apple phishing attack looks like | Salted Hash Ep 32
How can you tell the difference between a legitimate email and a phishing attack? Host Steve Ragan shows what an Apple phishing attack looks like, screen by screen, showing the difference between the real and the fake.

Computer World Security News
May 16, 2018

FAQ: How Edge's Application Guard and isolated browsing work
Microsoft two weeks ago quietly added a security feature to Windows 10 Pro that initially was available only in the operating system's most expensive edition.To read this article in full, please click here

(Insider Story)

Computer World Security News
May 16, 2018

Well, it's secure, all right...
This small IT consulting outfit gets a contract with a very, very big company -- which is a very big deal, says a pilot fish at the consultancy.

"On a daily basis, a large text data file needs to get loaded into a very fast database, and that information is used to deal or not deal with certain customers," fish explains. "And this all has to happen in real time."

The big client is very security conscious, and it won't let the consultancy download the data from the client's site. Instead, a third-party site is used, and access is through a secure connection with a totally inscrutable password.

And on the first day, everything works fine. The big client puts the data on the site and fish's company downloads the data, then keeps checking back periodically to see if anything has been added or changed.

To read this article in full, please click here



Computer World Security News
May 15, 2018

Get a hands-on, inside look at the dark web | Salted Hash Ep 25
Reporting from RSA 2018, host Steve Ragan helps dispel the hype and confusion surrounding the dark web, as he talks with Alon Arvatz, co-founder at IntSights.

Computer World Security News
May 15, 2018

Can AI help bridge the IT security skills gap? | Salted Hash Ep 27
Host Steve Ragan reports from the show floor at RSA 2018, taking with Oliver Tavakoli, CTO at Vectra Networks, and author of the Thinking Security blog on CSOonline.com, about the types of IT security work that can be off-loaded to artificial intelligence systems.

Computer World Security News
May 14, 2018

And thanks so much for your input, boss!
It's 1999, and in this IT department the big crisis isn't Y2k, says a pilot fish there -- it's the Melissa virus.

"We were infected, and we were all called into the Emergency Operations Center to devise a strategy to determine the extent of infection and how to mitigate the effects," fish says.

"The server admins were coming up with methods to clean up any servers that were affected. The desktop group was trying to figure out how many desktops were infected. We in the network group were trying to come up with a way to block traffic from the virus, both inbound and outbound, at the firewalls.

"Everything was moving as well as could be expected, but we had to give an update to senior leadership on progress.

To read this article in full, please click here



Computer World Security News
May 12, 2018

Watch out for Gmail's new Confidential Mode
Most email can either be secure or easy to use. You can have one but not both.

That's why people are so excited about a new feature in Google's Gmail. It's called Confidential Mode, and it's an easy way to make email more private.

Confidential Mode lets you add an "expiration date" to emails. Once that date arrives, the email is no longer viewable by the recipient.

Messages marked as Confidential can't be copied, forwarded, printed or downloaded.

And you can revoke access at any time.

Sounds great, right? Well, not so fast. There are a lot of "gotchas" in the new Confidential Mode that you need to know about.

To read this article in full, please click here



Computer World Security News
May 11, 2018

Two more evolving threats: JavaScript in Excel and payment processing in Outlook
Once upon a time - dating back to the first "Concept" macro virus in Word - the Office folks were wary of new features that had possible security implications. But in the past few weeks, we've been introduced to two new features that have "Kick Me" written all over them.

First, JavaScript in Excel. I mean, what could possibly go wrong?

[ Further reading: 10 spiffy new ways to show data with Excel ] Last December, Microsoft published a Dev Center article that talked about using the new Excel JavaScript API to create add-ins for Excel 2016.

To read this article in full, please click here



Computer World Security News
May 11, 2018

Surface Pro (2017) owners hitting Win10 1803 update blue screens. Now we know why.
As Win10 version 1803 rattles through the unpaid beta-testing phase, it's snagged another victim — Intel's aging SSD6 solid-state drives. Both Microsoft and Intel now admit that running Win10 version 1803 on Intel 600p or Pro 6000p is a recipe for disaster.

Some Surface Pro (2017) models ship with "bad" Intel SSD Pro 6000p drives. Customers are complaining about freezes with Win10 version 1803 — and the Microsoft support folks don't have a clue what's causing the problem. Now we know.

Here's how the drama unfolded.

Win10 version 1803 has been in beta testing for centuries, in internet time. The "final" version, build 17134.1, entered the Windows Insider Fast ring almost a month ago, on April 16. In a jumble of mixed-up build numbers, Win10 version 1803 has been officially pushed since April 30. Why did it take so long to figure out that the 600p and Pro 6000p cause problems?

To read this article in full, please click here



Computer World Security News
May 10, 2018

Patch Tuesday problems, fixes — but no cause for immediate alarm
Results are starting to roll in about this month's Patch Tuesday, and it's quite a mixed bag. For those of you struggling with the new Windows 10 April 2018 Update, version 1803, there's good news and bad news. The hand wringing about a new VBScript zero-day, thanks to our good old friend baked-in Internet Explorer, looks overblown for now. And if you can't get RDP working because of "An authentication error has occurred" messages, you missed the memo.

Windows 10 version 1803 First, the good news. As I anticipated earlier this week, this month's cumulative update for 1803 is a must-have, warts and all. The new build 17134.48 replaces the old 17134.1 (which went to those who installed 1803 directly or fell into the seeker trap) and the old 17134.5 (for those upgrading with the Windows Insider builds). As Susan Bradley explains, 17134.48 claims to fix both the Chrome and Cortana freeze, as well as a major VPN bug.

To read this article in full, please click here



Computer World Security News
May 10, 2018

CIO Leadership Live with Jack Clare, CIO and chief strategy officer at Dunkin' Brands | Ep 9
In this episode of CIO Leadership Live, host Maryfran Johnson talks with Jack Clare, CIO and chief strategy officer at Dunkin' Brands, about the company's mobile payment, ordering and loyalty apps, and how it's striving to improve customers' drive-through experience.

Computer World Security News
May 10, 2018

CIO Leadership Live, with guest Jack Clare, CIO and chief strategy officer at Dunkin' Brands
In this episode of CIO Leadership Live, host Maryfran Johnson talks with Jack Clare, CIO and chief strategy officer at Dunkin' Brands, about the company's mobile payment, ordering and loyalty apps, and how it's striving to improve customers' drive-through experience.

Computer World Security News
May 09, 2018

Mingis on Tech: Lessons from RSA 2018
This year's RSA Conference in San Francisco had a lot of ground to cover. Cybersecurity, of course. Fending off ransomware attacks. Building security best practices into employee training.

But, according to CSO's Steve Ragan, the hottest topics at the 2018 conference were this month's looming GDPR deadline and blockchain, blockchain, blockchain. (In fact, the two are often part of the same conversation.)

[ Related: How to protect Windows 10 PCs from ransomware ] Ragan, who attended RSA, spoke with Computerworld Executive Editor Ken Mingis about what he learned, with a special focus on the May 25 GDPR deadline and what companies are scrambling to do to protect their data.

To read this article in full, please click here



Computer World Security News
May 09, 2018

Mingis on Tech: Reflections on RSA 2018
This year's RSA security conference focused on a variety of cybersecurity topics - everything from blockchain to the looming GDPR rules. CSO's Steve Ragan was there and offers insights on what he learned.

Computer World Security News
May 09, 2018

Watch Tech Talk on May 17 for an in-depth GDPR discussion
The GDPR deadline is coming up fast, and most businesses in the U.S. aren't ready yet. Join Ken Mingis and his panel of experts as they discuss the impact of the new rules and what U.S. organizations must do now to protect customer data. Find the show here on May 17.

Computer World Security News
May 08, 2018

Countdown to the GDPR deadline: Are you ready? | Salted Hash Ep 28
Host Steve Ragan reports from the RSA 2018 show floor, talking with Greg Reber, founder and CEO at AsTech Consulting, about the looming GDPR deadline and what IT security professionals should be getting done now.

Computer World Security News
May 07, 2018

Will blockchain run afoul of GDPR? (Yes and no)
As the EU prepares to roll out new data protection regulations this month, concerns are emerging that they could dissuade businesses from rolling out blockchain-based projects because the online transaction technology might innately break the new rules.

The EU's General Data Protection Regulation (GDPR) targets citizens' personally identifiable information (PII), providing transparency around its use and giving people the right to restrict its use or request it be deleted all together.

[ Related: The top 5 problems with blockchain ] While GDPR never mentions PII, the new rules describing "personal data" are synonymous with it: "Any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data." In short, it means any data that can be tied back to person's identity.

To read this article in full, please click here



Computer World Security News
May 01, 2018

Defending against mobile technology threats | Salted Hash Ep 24
What are the current dangers in mobile technology and what are the strategies to keep yourself protected? Join host Steve Ragan from the show floor at RSA 2018, where he talks with Will LaSala, director of Security Solutions and security evangelist at VASCO Data Security.

Computer World Security News
Apr 30, 2018

How to see everything Apple knows about you
Apple has at last introduced a new tool that lets you request and download everything the company knows about you, including all the data it gathers and retains when using the company's retail outlets, iCloud, apps, products and services.

Why is this available? In part, Apple has made this information available to bring it into line with Europe's GDPR (General Data Protection Regulation) legislation, laws designed to better protect individual privacy in an online age.

To read this article in full, please click here



Computer World Security News
Apr 30, 2018

How to see everything Apple knows about you (u)
Apple has at last introduced a new tool that lets you request and download everything the company knows about you, including all the data it gathers and retains when using the company's retail outlets, iCloud, apps, products, and services.

Why is this tool available? In part, Apple has made this information available to bring it into line with Europe's GDPR (General Data Protection Regulation) legislation, laws designed to better protect individual privacy in an online age.

Google, Facebook, Twitter, and almost every other company has also had to introduce these tools, making it far easier for users to compare the quantity and depth of information these unconstrained corporations hold about them.

To read this article in full, please click here



Computer World Security News
Apr 30, 2018

How have network firewalls evolved?
Firewalls have become ubiquitous across the enterprise IT landscape because of their proven ability to stop bad traffic from entering corporate networks and protect a company's most valuable assets. So how have firewalls evolved over the years and what are the latest trends in firewall security?

Computer World Security News
Apr 27, 2018

Time to install the April Windows and Office patches, but there's a big problem with Win7
Good things come to those who wait. If you resisted the drill sergeant scream of "GET THOSE PATCHES INSTALLED AS SOON AS THEY'RE OUT, MAGGOT!" you're about to reap your just reward.

As is so often the case, the Patch Tuesday screams are something you should consider, but they're hardly the final word. At this point, there's a credible threat forming for Win7 and Server 2008 R2 machines — Total Meltdown is definitely coming — but the sky hasn't fallen. There are no known Meltdown or Spectre exploits in the wild, and all of the hell unleashed by this month's series of patches and re-patches and pre-appended re-re-patches primarily served as demonic theater to those of us who chose to wait.

To read this article in full, please click here



Computer World Security News
Apr 26, 2018

Throwback Thursday: How to improve security
There's a new security policy at this biotech company, reports a pilot fish in the know: When logging in on a PC, the username field will now be blank, and everyone will have to input the name together with the password.

"The policy is announced weeks in advance," fish says. "In spite of this, the first day is painful. A flurry of calls comes into the IT help desk regarding people not being able to log in. One is from a junior member of the payroll department who is about to leave on a two-week vacation -- in fact, her flight is later that afternoon."

"A tech tries to help her over the phone, but apparently she couldn't tell the difference between the username box and password box, in spite of them actually being labeled as such."

To read this article in full, please click here



Computer World Security News
Apr 25, 2018

Microsoft Patch Alert: April patches infested with bugs, but most are finally contained
People think I'm joking when I refer to bug fixing as Microsoft's next billion-dollar business. I'm not. This month woefully demonstrated why patching Windows has become much bigger - and more critical - than developing new versions. Microsoft's hell-bent move to bring out new versions of Windows twice a year "as a service" makes things worse, but quality control problems dog patches to every version of Windows. Except, arguably, Windows 8.1.

In April, we've seen a return to two massive cumulative updates per month for all supported versions of Windows 10. The second cumulative update, with luck, fixes the bugs in the first cumulative update. Windows 7 turned into a fiery pit when it was discovered in late March that every patch to Win7 (and Server 2008R2) pushed out this year enables the Total Meltdown bug. Fortunately, by April 23, we finally saw some stability return to the process.

To read this article in full, please click here



Computer World Security News
Apr 25, 2018

Why we love lawyers (well, OUR lawyers, anyway)
This IT pilot fish has spent the past year and a half helping his company's clients prepare for the European Union's upcoming General Data Protection Regulation, and with a month to go, it's been smooth sailing -- mostly.

"Over the last 18 months I've been asking my customers time and again about their readiness to implement the GDPR rules," says fish. "We have mostly small companies as our customers, family businesses and one-to-ten-person outfits, and most of them had need of our services one way or another.

"But one customer, a lawyer, told me every time that this particular set of rules does not apply to him, because everything he does is governed by an obligation to confidentiality. Ten weeks before the final date, he still thought it had nothing to do with him."

To read this article in full, please click here



Computer World Security News
Apr 24, 2018

Heads up: Total Meltdown exploit code now available on GitHub
Remember the Total Meltdown security hole? Microsoft spread the vulnerability in every 64-bit Win7 and Server 2008 R2 patch released this year, prior to March 29. Specifically, if you installed any of these patches:

KB 4056894 Win7/Server 2008 R2 January Monthly Rollup KB 4056897 Win7/Server 2008 R2 January Security-only patch KB 4073578 Hotfix for "Unbootable state for AMD devices in Windows 7 SP1 and Windows Server 2008 R2 SP1" bug installed in the January Monthly Rollup and Security-only patches KB 4057400 Win7/Server 2008 R2 Preview of the February Monthly Rollup KB 4074598 Win7/Server 2008 R2 February Monthly Rollup KB 4074587 Win7/Server 2008 R2 February Security-only patch KB 4075211 Win7/Server 2008 R2 Preview of the March Monthly Rollup KB 4091290 Hotfix for "smart card based operations fail with error with SCARD_E_NO_SERVICE" bug installed in the February Monthly Rollup

Computer World Security News
Apr 24, 2018

The missing cumulative update for Win10 1709 appeared overnight — KB 4093105
Late last night — on a Monday, mind you — Microsoft released its second big cumulative update for Win10 version 1709. This completes the triumvirate of second cumulative updates, since last week, on the third Tuesday of the month, Microsoft released second cumulative updates for Win10 1703 and 1607. 

There's a pattern emerging. Microsoft is now showering Win10 customers with two (sometimes more) cumulative updates a month, and they're big. The first cumulative update contains security patches and a big hodgepodge of additional bug fixes. The first one is (usually) released on the second Tuesday of the month. The second cumulative update arrives, uh, whenever, and it contains massive amounts of bug fixes in addition to those in the first — including, if we're lucky, fixes for the bugs introduced by the month's first cumulative update.

To read this article in full, please click here



Computer World Security News
Apr 24, 2018

Mingis on Tech: All about Android security
One of the many topics techies like to debate is whether Google's Android or Apple's iOS is more inherently secure. Sure, Apple has a closed system that makes it harder for iPhone users to get into trouble. But the frequent headlines about Android malware usually miss the point.

As Computerworld's JR Raphael explains, an Android user would really have to work at picking up malware. Android has multiple layers of defense; malware doesn't install itself without user intervention; and the chances of actually coming across damaging malware is really, really small.

To read this article in full, please click here



Computer World Security News
Apr 24, 2018

Mingis on Tech: The lowdown on Android security
Google's Android OS sometimes gets unfairly maligned as being weak on security. Computerworld blogger JR Raphael explains why that's a misconception and how users can keep their devices safe.

Computer World Security News
Apr 24, 2018

The best privacy and security apps for Android
Let's get one thing out of the way right off the bat: If you're looking for recommendations about Android security suites or other malware-scanning software, you've come to the wrong place.

Why? Because, like most people who closely study Android, I don't recommend using those types of apps at all. Android malware isn't the massive real-world threat it's frequently made out to be, and Google Play Protect and other native Android features are more than enough to keep most devices safe.

To read this article in full, please click here



Computer World Security News
Apr 24, 2018

Microsoft cites 24% jump in tech support scams
Reports of tech support scams jumped by 24% last year, Microsoft said, with loses by the bilked averaging between $200 and $400 each.

"Scammers continue to capitalize on the proven effectiveness of social engineering to perpetrate tech support scams," Erik Wahlstrom, Windows Defender research project manager, wrote in a post last week to a Microsoft blog. "These scams are designed to trick users into believing their devices are compromised or broken. They do this to scare or coerce victims into purchasing unnecessary support services."

To read this article in full, please click here



Computer World Security News
Apr 23, 2018

Microsoft boosts anti-phishing skills of Chrome, the IE and Edge killer
Microsoft has ceded a major asset of its Edge browser to rival Google by releasing an add-on that boosts Chrome's phishing detection skills.

The Redmond, Wash. company had little choice, according to one analyst. "Phishing is a huge problem, and people are going to use the browser they use," said Michael Cherry of Directions on Microsoft. "They're doing this to protect the Windows ecosystem."

[ Related: How to replace Edge as the default browser in Windows 10 — and why you should ] Dubbed "Windows Defender Browser Protection" (WDBP) the free extension can be added to Chrome on Windows or macOS, and after a post-launch fix, Chrome OS as well. Like the defenses built into Edge, the add-on relies on Microsoft's SmartScreen technology that warns users of potentially malicious websites that may try to download malware to the machine or of sites linked in email messages that lead to known phishing URLs.

To read this article in full, please click here



Computer World Security News
Apr 20, 2018

N.Y. AG's scrutiny of cryptocurrencies unlikely to stymie a thriving industry
States and the federal government are increasing their scrutiny of cryptocurrencies in an attempt to bring more transparency to a market where buyers and sellers are anonymous and regulatory oversight is light.

Cryptocurrencies such as Bitcoin, Ether, LiteCoin, and Ripple skyrocketed in value last year as investors sought to get in on what many see as the future of global currency - one that for trade and commerce knows no borders. Bitcoin generated massive hype among investors as its value surged more than 1,900% to nearly $20,000 last year, before tumbling back down below $11,000.

To read this article in full, please click here



Computer World Security News
Apr 20, 2018

You won't believe why the Win7 Monthly Rollup, KB 4093118, keeps installing itself
Yesterday, I talked about the weird bug that makes April's Win7 Monthly Rollup, KB 4093118, re-install itself over and over, even when Windows Update says that it's been installed successfully. Windows sleuth abbodi86 has discovered the source of the problem, and it should give you patching pause.

To understand how we got into this mess, you need to understand the bugs that Microsoft introduced in the March Win7 patches and their kludgey patches. Installing either the March Monthly Rollup (KB 4088875) or the March Security-only patch (KB 4088878) may knock your machine off the network. As Microsoft says:

To read this article in full, please click here



Computer World Security News
Apr 20, 2018

Honeypots and the evolution of botnets | Salted Hash Ep 23
Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Israel Barak, CISO at Cybereason, about his firm's recent honeypot research, which gathered information showing how the bot landscape is evolving.

Computer World Security News
Apr 19, 2018

9 Android settings that'll strengthen your security
You might not know it from all the panic-inducing headlines out there, but Android is actually packed with powerful and practical security features. Some are activated by default and protecting you whether you realize it or not, while others are more out of the way but equally deserving of your attention.

So stop wasting your time worrying about the Android malware monster du jour and which security company is using it to scare you into an unnecessary subscription, and take a moment instead to look through these far more impactful Android security settings — starting with the core elements and moving from there into some more advanced and easily overlooked options.

To read this article in full, please click here



Computer World Security News
Apr 19, 2018

The gift that keeps on giving: Win7 Monthly Rollup KB 4093118 installs over and over
Last week, Microsoft quietly re-released its buggy April Win7 Monthly Rollup patch, KB 4093118. You may recall the patch as a reaction to the Carnak the Magnificent situation we had with the original version of KB 4093118.

With the re-release earlier this week of the original Carnak patch, KB 4099950, it's not clear to me what the recommended installation sequence might be. But this much I know for sure. People all over the internet are complaining that this new version of KB 4093118 installs itself over and over again.

To read this article in full, please click here



Computer World Security News
Apr 18, 2018

How to use a strong passcode to better secure your iPhone
With police departments and federal agencies lining up to buy technology from two companies whose products can bypass iPhone security mechanisms, experts said users concerned about privacy should use a strong passcode to help prevent unwanted access to data.

That's also true for enterprise users with iPhones that access potentially sensitive coporate data.

[ Further reading: What is Face ID? Apple's facial recognition tech explained ] Simply put, complex passcodes are always better for security, according to Phil Hochmuth, IDC's program director for enterprise mobility. Common best practices for creating a hard-to-crack passcode includes using both upper- and lower-case characters, numbers and uncommon words.

To read this article in full, please click here



Computer World Security News
Apr 18, 2018

What is Windows Hello? Microsoft's biometrics security system explained
Windows Hello is a biometrics-based technology that enables Windows 10 users to authenticate secure access to their devices, apps, online services and networks with just a fingerprint, iris scan or facial recognition. The sign-in mechanism is essentially an alternative to passwords and is widely considered to be a more user friendly, secure and reliable method to access critical devices, services and data than traditional logins using passwords.

"Windows Hello solves a few problems: security and inconvenience," said Patrick Moorhead, president and principal analyst at Moor Insights & Strategy. "Traditional passwords are unsafe as they are hard to remember, and therefore people either choose easy-to-guess passwords or write down their passwords."

To read this article in full, please click here



Computer World Security News
Apr 18, 2018

Patches for Win10 1703 and 1607, and a brain-twisting update to the Win7 IP bug fix
Yesterday, the third Tuesday of the month, Microsoft dumped another big bucket of patches:

KB 4093117 brings Win10 1703 up to build 15063.1058, many miscellaneous fixes, no known issues. KB 4093120 brings Win10 1607 to build 14393.2214, a similarly large bunch of fixes, no known issues. KB 4093113 is the regular Monthly Rollup Preview for Win7. KB 4093121 is the similar Monthly Rollup Preview for Win 8.1. The Update Catalog says there's a new version of KB 4099950, the abandoned patch for fixing the NIC/static IP bug in Win7. There are lots of oddities in this motley collection.

To read this arti

Computer World Security News
Apr 18, 2018

Is it time to kill the pen test? | Salted Hash Ep 22
Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Adrian Sanabria, director of research at Savage Security, about de-emphasizing network penetration tests to put more focus on attack simulations and helping companies improve their defenses.

Computer World Security News
Apr 18, 2018

Is it time to kill the pentest? | Salted Hash Ep 22
Host Steve Ragan reports from the show floor at RSA 2018, talking with guest Adrian Sanabria, director of research at Savage Security, about de-emphasizing network penetration tests to put more focus on attack simulations and helping companies improve their defenses.

Computer World Security News
Apr 17, 2018

Before you panic: 6 things to remember about Android security
Android security sure can seem like a scary subject.

And it's no wonder: Every few weeks, we see some new hair-raising headline about how our phones are almost certain to be possessed by demons that'll steal our data, eat our ice cream, and pinch our tenders when we least expect it.

This week, it's a series of Android malware monsters known as "ViperRat" and "Desert Scorpion" that has phone-holders everywhere trembling in their bootsies. (Kudos to whoever came up with those spooky-sounding names, by the way. It's an art!) Last week, it was word that Android device-makers might be skipping security updates that had our hands a-shakin'.

To read this article in full, please click here



Computer World Security News
Apr 16, 2018

12 things you can do with a locked iPhone
With so much focus on staying productive, it may surprise you to realize just how many things you can do with a locked iPhone. What can you do and how can you switch these features off?

Wake it up The Raise to Wake feature available since iPhone 6S/SE means your iPhone can tell when you pick it up and will wake the display up automatically so you need not do so. Left on by default, you can disable this feature in SettingsDisplay & Brightness where you toggle Raise to Wake to off.

Make a call, send a message, and more You can call people from a locked iPhone. Just ask Siri to call a person in your contact book. You can also send Messages using the locked device. Just ask Siri to send a Message and name someone in the device's Contacts book. To stop this, set Allow Siri When Locked to off in SettingsSiri & Search.

To read this article in full, please click here



Computer World Security News
Apr 16, 2018

Well, DID she ever change her password?
Flashback to the days when this pilot fish is managing an email system for several corporate clients, and he needs to pick good passwords from the get-go -- because these users will never bother changing them.

"I wrote a program to generate accounts and to create a password," says fish. "The system consisted of a dictionary of about 100 three-letter words, and a separate dictionary of four-letter words where I had tried to remove the bad words. Then there was a list of special symbols, and then the digits 0 through 9.

"The system chose one element from each list, and put them in a random order. It then printed the information out. I folded the piece of paper and placed it in an envelope and mailed it -- never actually looking at it.

To read this article in full, please click here



Computer World Security News
Apr 13, 2018

Does moving your pen drag the canvas? Welcome to yet another bug in Win10 1709 patches
A Windows Ink engineer has confirmed that there's a bug in the third Win10 1709 March Cumulative Update, KB 4089848, that breaks common pen movements in Photoshop, Lightroom and CS Paint. Looks as if the same problem bedevils this month's 1709 Cumulative Update, KB 4093112, as well. Microsoft, it seems, decided to break pen behavior in Win10 1709 without any notification or explanation.

Early this month, DavideV, on the Microsoft Answers forum, posted a rather strange observation:

To read this article in full, please click here



Computer World Security News
Apr 13, 2018

Two vendors now sell iPhone cracking technology - and police are buying
Law enforcement interest in iPhone encryption-cracking hardware from two new companies is a strong indication that Apple no longer claims the mobile security high ground.

"What this means, if it's true, is that people who thought all of their communications were totally secure shouldn't feel so confident going forward," said Jack Gold, principal analyst with J. Gold Associates. "But, then security has always been a tug of war between the ones implementing it and the ones trying to break it."

In February, reports surfaced that an Israel-based technology vendor, Cellebrite, had discovered a way to unlock encrypted iPhones running iOS 11 and were marketing the product to law enforcement and private forensics firms around the world. According to a police warrant obtained by Forbes, the U.S. Department of Homeland Security had been testing the technology.

To read this article in full, please click here



Computer World Security News
Apr 13, 2018

Everything you need to know about Apple's GDPR privacy upgrade
Apple is updating its products and services to bring the company in line with the EU's forthcoming privacy protection rules, General Data Protection Regulations (GDPR). Among other improvements, customers will be able to download all the information Apple keeps about them.

What is GDPR? The GDPR rules are designed to bring existing data protection laws into the 21st century. They give individuals the right to see what information companies hold about them, oblige business to handle data more responsibly, and put a new set of fines and regulations in place. Almost any entity that handles personal data will be impacted by the GDPR rules.

To read this article in full, please click here



Computer World Security News
Apr 12, 2018

Patch Tuesday brings some surprises, some early crashes, and a surreal solution
With all of the problems in the January, February and March patches for Windows and Office, you'd think we would catch a break in April. In one sense we did — some of the worst bugs in the earlier patches now seem to be behind us. But we're definitely not out of the woods just yet.

To read this article in full, please click here



Computer World Security News
Apr 11, 2018

What happened to the new spring update, Windows 10 version 1803?
Most of us expected Microsoft to drop its latest and greatest version of the last version of Windows yesterday. The highly anticipated version 1803, Redstone 4 — which many of us have been testing for weeks — looked ready to go … until it wasn't.

Rumors are flying but, as of this writing, the actual cause for the delay isn't public.

Microsoft, of course, has never committed to a release date. Or a build number. Or even a hokey "Spring after Fall Creators Update" style name, for that matter. (I'm still plugging for "Terry Myerson Swansong version" but doubt it'll gain traction.)

To read this article in full, please click here



  • CEOExpress
  • 1 Boston Place | Suite 2600
    Boston MA 02108
  • 617 482 1200
    617 299 8649 (fax)
  • Contact

©1999-2018 CEOExpress Company LLC