NEWS: COMPUTER WORLD SECURITY NEWS
Setup News Ticker
   NEWS: COMPUTER WORLD SECURITY NEWS
Computer World Security News
Apr 01, 2020

BrandPost: Avoid security breaches: How to protect your data
Data security breaches at major corporations seem to be perpetually in the news. The hacks range in size and scope, but it's no secret that firms hit by hackers often suffer serious consequences.

What can you do to help prevent your organization from becoming tomorrow's cyber-breach news headline? Here are 18 pointers:

Educate all employees on the importance of protecting data. Explain the need to avoid risky behavior such as downloading music or videos from rogue websites. Once employees understand that criminals want the data with which the employees work, their thinking changes in ways that can make the organization's data much safer than before. Understand what data you have and classify it. You cannot secure information if you do not know that it exists, where it is stored, how it is used, how it is backed up, and how it is decommissioned. Make sure you know those things about all of your sensitive information. Because not all data is equally sensitive, make sure to classify data according to its level of importance. Do not give every employee access to every system and piece of data. Create policies governing who has physical and/or electronic access to which computer systems and data, and implement procedures, policies, and technical controls to enforce such a scheme. Authorize people to access the data that they need in order to do their jobs but do not provide them with access to other sensitive data. Consider moving sensitive information and systems to a cloud provider. Unless you have an adequate information security team, the odds are pretty good that a major cloud provider will do a better jo

Computer World Security News
Apr 01, 2020

BrandPost: Protect your data to protect your business
The most important thing your business provides isn't a service or a product. It's trust. And it comes from letting your customers and employees know that you're protecting your business—and their data—against cyberattacks.

Building a foundation for trust isn't easy. Cyberthreats continue to grow in number and complexity as businesses shift more of their operations online and enable anytime/anywhere access to information to support an increasingly remote workforce. This ongoing digital transformation exposes more systems and data to potential attacks - increasing risk for your organization.

Addressing this challenge requires a new approach to protecting business information. "The assumption that everything's on-premises and protected behind a firewall has largely disappeared," says Robert Crane, principal at CIAOPS, a technology consultancy that specializes in helping businesses improve their productivity by using technology and smart business practices. "But some businesses are still locked into that old-world thinking."

To read this article in full, please click here



Computer World Security News
Mar 26, 2020

Google Smart Lock: The complete guide
Think fast: How many times a day do you pick up your phone to look at something? Unless you live in the tundra or have far more self-control than most, the answer probably falls somewhere between "quite a few" and "more than any sane person could count." Assuming you keep your device properly secured, that means you're doing an awful lot of unlocking — be it with your face, your fingerprint, or the code you tap or swipe onto your screen.

Security's important, but goodness gracious, it can be a hassle.

Thankfully, there's a better way. Google Smart Lock provides a variety of options for keeping your Android phone unlocked in preapproved, known-to-be-safe circumstances. It's an easily overlooked but incredibly useful feature that lets you create a sensible balance between security and convenience. And once you set it up, it's simple as can be to use.

To read this article in full, please click here



Computer World Security News
Mar 25, 2020

Microsoft to stop serving non-security monthly updates to Windows
Beginning in May, Microsoft plans to halt the delivery of all non-security updates to Windows, another step in its suspension of non-essential revisions to the OS and other important products.

The optional updates, which Microsoft designates as Windows' C and D updates, are released during the third and fourth week of each month, respectively.

"We have been evaluating the public health situation, and we understand this is impacting our customers," Microsoft said to some understatement in a March 24 post to the Windows 10 messaging center. "In response to these challenges we are prioritizing our focus on security updates."

To read this article in full, please click here



Computer World Security News
Mar 25, 2020

Reading between the lines about Microsoft 'pausing optional updates'
Yesterday, a post on the official Windows Release Information site said that Microsoft will, at least temporarily and starting in May, stop sending out the pesky "optional, non-security, C/D Week" patches we've come to expect. 

Those "optional" second-monthly patches are usually laden with many dozens of fixes for miscellaneous, minor bugs in Windows. For example, the second-monthly cumulative update for Win10 version 1903 released yesterday lists 31 different fixes, most of which only matter in very specific cases.

To read this article in full, please click here



Computer World Security News
Mar 24, 2020

Don't let the coronavirus make you a home office security risk
Congratulations. You're now the chief security officer of your company's newest branch office: Your home. Here's how to manage your new job.

Computer World Security News
Mar 24, 2020

Microsoft Patch Alert: March 2020 brings two ‘sky-is-falling' warnings, with no problems in sight
It's been another strange patching month. The usual Patch Tuesday crop appeared. Two days later, we got a second cumulative update for Win10 1903 and 1909, KB 4551762, that's had all sorts of documented problems. Two weeks later, on Monday, Microsoft posted a warning about (another) security hole related to jimmied Adobe fonts.

Predictably, much of the security press has gone P.T. Barnum.

The big, nasty, scary SMBv3 vulnerability Patch Tuesday rolled out with a jump-the-gun-early warning from various antivirus manufacturers about a mysterious and initially undocumented security hole in the networking protocol SMBv3.

To read this article in full, please click here



Computer World Security News
Mar 23, 2020

Post-coranavirus planning calls for more (not less) investment in tech
The coronavirus crisis is just beginning. But it will end. And how you fare after the pandemic depends on what you do right now. Here are four areas to focus on.

Computer World Security News
Mar 23, 2020

Post-coronavirus planning calls for more (not less) investment in tech
The coronavirus crisis is just beginning. But it will end. And how you fare after the pandemic depends on what you do right now. Here are four areas to focus on.

Computer World Security News
Mar 19, 2020

Microsoft adds 6 months support for Windows 10 1709 to account for pandemic disruption
Microsoft today extended the support lifespan of Windows 10 Enterprise 1709 and Windows 10 Education 1709 by six months, pushing their retirements to Oct. 13. The original end-of-support date had been fixed as April 14.

Microsoft cited the COVID-19 pandemic's impact, which in just the U.S. has ranged from massive business closings and multi-county lockdowns to a broad movement of companies telling white-collar employees to work from home. By midday March 19, 171 deaths in the U.S. had been attributed to the virus. Globally, deaths approached 10,000.

To read this article in full, please click here



Computer World Security News
Mar 19, 2020

COVID-19 and tech: New collaboration tools mean new security risks
As the coronavirus forces companies to move their communication and file sharing onto collaboration platforms, be prepared for unintended consequences: New security threats will surface, requiring new methods of securing your environment.

Computer World Security News
Mar 13, 2020

What your business can do about the coronavirus ... right now
The Covid-19 crisis is the Black Swan event of our lifetime. Here's how to hold it all together (while keeping employees apart).

Computer World Security News
Mar 13, 2020

What your business should do about the coronavirus ... right now
The Covid-19 crisis is the Black Swan event of our lifetime. Here's how to hold it all together (while keeping employees apart).

Computer World Security News
Mar 13, 2020

12 security tips for the ‘work from home' enterprise
If you or your employees are working from home while our governments lurch awkwardly through the current crisis, then there are several security considerations that must be explored.

Your enterprise outside the wall Enterprises must consider the consequences of working from home in terms of systems access, access to internal IT infrastructure, bandwidth costs and data repatriation.

What this means, basically, is that when your worker accesses your data and/or databases remotely, then the risk to that data grows.

While at normal times the risk is only between the server, internal network and end user machine, external working adds public internet, local networks and consumer grade security systems to the mix of risk.

To read this article in full, please click here



Computer World Security News
Mar 12, 2020

Take your time, get it right for March Patch Tuesday
This is a big update to the Windows platform for the Microsoft March Patch Tuesday release cycle. Consisting of 115 patches, mostly to the Windows desktop, with almost all of the critical issues relating to browser-based scripting engine memory issues, this will be a difficult set of updates to release and manage.

The testing profile for the Windows desktop platform is very large, with a lower than usual exploitability/risk rating. For this month, we do not have any reports of publicly exploited or disclosed vulnerabilities (zero-days), so my recommendation is to take your time, test the changes to each platform, create a staged rollout plan and wait for future (potentially) imminent changes from Microsoft.

To read this article in full, please click here



Computer World Security News
Mar 11, 2020

Come on, Microsoft! Is it really that hard to update Windows 10 right?
Yesterday, on Patch Tuesday, as I was finishing up the column that follows lamenting the sorry state of Windows 10 patches and providing copious examples of things gone very wrong, a big, fat example landed in my lap (but happily not in my laptop). Word emerged that Microsoft had accidentally leaked news about a new Server Message Block (SMB) bug with a maximum severity rating, a.k.a. SMBGhost. The leak also said that this bug wasn't patched in that day's releases.

To read this article in full, please click here



Computer World Security News
Mar 09, 2020

Patch Tuesday's tomorrow. We're in uncharted territory. Get Automatic Updates paused.
It's always a good idea to pause Windows updates just before they hit the rollout chute. This month, we're facing two extraordinary issues that you need to take into account. Wouldn't hurt if you told your friends and family, too.

Take last month's Windows patches. Please. We had one patch, KB 4524244, that slid out on Patch Tuesday, clobbered an unknown number of machines (HP PCs with Ryzen processors got hit hard), then remained in "automatic download" status until it was finally pulled on Friday. We had another patch, KB 4532693, that gobbled desktop icons and moved files while performing a nifty trick with temporary user profiles. Microsoft never did fix that one.

To read this article in full, please click here



Computer World Security News
Mar 06, 2020

Enterprise resilience: Backup and management tips for iOS, Mac
Apple's solutions are seeing increasing use across the enterprise, but do you have a business resilience strategy in place in case things go wrong?

If you're one of the estimated 73% of SMBs that have not yet made such preparation, now might be a good time to start.

Your data is your business It's challenging enough when a consumer user suffers data loss as precious memories and valuable information go up in the digital smoke.

To read this article in full, please click here



Computer World Security News
Mar 03, 2020

Apple, the FIDO Alliance and the future of passwords
Apple is the latest firm to join the FIDO Alliance, an industry standards group developing more secure ways to log in to online accounts and apps using multi-factor authentication (MFA), biometric authentication and physical security keys. Computerworld's Lucas Mearian joins Ken Mingis and Juliet Beauchamp to discuss the Apple move, how different forms of authentication work and how far away we are from a password-less world.

Computer World Security News
Mar 03, 2020

FIDO Alliance and the future of passwords
Apple is the latest company to join the FIDO Alliance, an industry standards group committed to finding more secure ways to log in to online accounts and apps. The FIDO Alliance pushes for multi-factor authentication (MFA) deployment, from biometric authentication to physical security keys. Computerworld's Lucas Mearian joins Ken and Juliet to discuss why Apple joined the FIDO Alliance, how different forms of authentication work and how far away we are from a password-less world.

To read this article in full, please click here



Computer World Security News
Mar 03, 2020

Mitigate your risk of getting hacked with help from with this online academy
Cyber crime rates are on the rise. In fact, according to this 2019 Juniper Research paper, the financial burden of this global nuisance is expected to surpass $2 trillion in 2020 alone. But don't panic. It turns out that education plays a major role in mitigating the risks, which is why grabbing a lifetime subscription to the CyberTraining 365 Online Academy is money well spent.

To read this article in full, please click here



Computer World Security News
Mar 03, 2020

Verizon: Companies will sacrifice mobile security for profitability, convenience
Despite an increase in the number of companies hit by mobile attacks that led to compromises, four in 10 businesses sacrificed security to meet profit goals or avoid "cumbersome" security processes, according to Verizon's third annual Mobile Security Index 2020.

It showed that 43% of organizations sacrificed security. More typical reasons for companies exposing themselves to risk, such as lack of budget and IT expertise, trailed "way behind" things such as expediency (62%), convenience (52%) and  profitability targets (46%). Lack of budget and IT expertise were only cited by 27% and 26% of respondents, respectively.

To read this article in full, please click here



Computer World Security News
Mar 03, 2020

Will pay by palm be a thing? Should it be?
Amazon is experimenting with a way to allow shoppers to use a palm-print biometric to authenticate payments and to do so in physical stores far beyond Amazon-owned brick-and-mortars, (Whole Foods, AmazonGo, AmazonBooks, Amazon 4-Star and Amazon Pop-Up). Amazon is reportedly looking at QSRs (quick-service restaurants), especially coffee shops.

Palm prints have several advantages over more popular mobile biometric methods, such as fingerprint (prescription drugs, cleaning chemicals, burns and various other things can interfere with fingerprint readings) and facial recognition (finicky method that requires the face to be a precise distance from the scanner — not an inch too close or too far — and can suffer from hair growth, lighting, cosmetic changes, some sunglasses, as well as giving false positives to close relatives). And unlike my favorite biometric for security (retina scan), it's far less invasive. It's fairly accurate, convenient and (other than forcing customers to remove gloves, which could be a problem with outdoor shops in the winter) should be well-received.

To read this article in full, please click here



Computer World Security News
Mar 02, 2020

Memory-Lane Monday: The cruelest password
After a network manager unexpectedly tightens up the rules for passwords and forces the expiration of all user passwords on the main application system, calls flood into the help desk, reports a pilot fish on the scene. They're having trouble because of the new complexity rules.

One of the calls:

User: I can't seem to change my password.

Help desk tech: Your new password needs to contain letters, numbers and punctuation. Do not use any words such as you'd find in a dictionary.

User: OK. (Pause.) No, it still won't let me change it.

Tech: What is the password you are trying to use?

User: April.

Tech: "April" is a word.

To read this article in full, please click here



Computer World Security News
Feb 27, 2020

How and why you need HomeKit-secured smart homes
Once upon a time the Internet was amazing, enabling niche interests and connecting people. Apple's iMac was the epitome of the era, while the iPhone became the prophet of change.

What is HomeKit-secured and why should you use it? These days hackers break into home networks using our routers and smart home devices, which is why everyone must learn how to use HomeKit-secured routers to keep their connected homes safe.

Apple announced HomeKit-secured routers at WWDC 2019. The first few devices to support the tech recently began to reach market, including options from Linksys and (now) Amazon's Eero routers.

To read this article in full, please click here



Computer World Security News
Feb 26, 2020

Firefox starts switching on DNS-over-HTTPS to encrypt lookups, stymie tracking
Mozilla has started to turn on DNS-over-HTTPS, or DoH, as part of its overall strategy of stressing user privacy.

"We know that unencrypted DNS is not only vulnerable to spying but is being exploited," wrote Selena Deckelmann, Mozilla's new vice president of desktop Firefox, in a Feb. 25 post to a company blog. "We are helping...to make the shift to more secure alternatives [and] do this by performing DNS lookups in an encrypted HTTPS connection. This helps hide your browsing history from attackers on the network, helps prevent data collection by third parties on the network that ties your computer to websites you visit."

To read this article in full, please click here



Computer World Security News
Feb 26, 2020

Microsoft Patch Alert: February 2020 patches bring fire and ice but seem to have settled - finally.
The real stinker this month, KB 4524244, rolled out the automatic update chute for four full days until Microsoft yanked it - leaving a trail of wounded PCs, primarily HP machines, in its wake. The other big-time bug in this month's patches, a race condition in the KB 4532693 Win10 version 1903 and 1909 cumulative update installer, hasn't been officially acknowledged by Microsoft outside of a blog post. But at least it's well known and understood.

Folks running SQL Server and Exchange Server networks need to get patched right away.

Win10 UEFI update KB 4524244 blockages Patch Tuesday brought KB 4524244 for Windows 10 owners, a bizarre single-purpose patch apparently directed at one specific UEFI bootloader. I talked about it last week.

To read this article in full, please click here



Computer World Security News
Feb 26, 2020

How to fight scripting attacks
Most phishing campaigns use links to malicious scripts that infect users' devices. Here's how to spot and prevent them from doing damage.

Computer World Security News
Feb 26, 2020

10 steps to smarter Google account security
There are important accounts to secure, and then there are important accounts to secure. Your Google account falls into that second category, maybe even with a couple of asterisks and some neon orange highlighting added in for good measure.

I mean, really: When you stop and think about how much stuff is associated with that single sign-in — your email, your documents, your photos, your files, your search history, maybe even your contacts, text messages, and location history, if you use Android — saying it's a "sensitive account" seems like an understatement. Whether you're using Google for business, personal purposes, or some combination of the two, you want to do everything you possibly can to keep all of that information locked down and completely under your control.

To read this article in full, please click here



Computer World Security News
Feb 25, 2020

Top secret
It's back when 5-inch floppy disks roamed the Earth, and a customer service tech sends a software update to a customer known to be a bit more than a little computer-challenged, says a pilot fish in the know. This involves physically mailing a stack of disks to the customer, along with a note saying to call the tech when she's ready to install the update.

When the call comes, the tech is prepared to walk her through the installation step by step. After getting the computer booted up and verifying that the user has located disk No. 1, the tech says, "Insert the floppy disk into the disk drive, with the label facing up."

Customer: "Done."

Tech: "Type ‘A,' and press the Enter key."

To read this article in full, please click here



Computer World Security News
Feb 24, 2020

Why every user needs a smart speaker security policy
Does your voice assistant wake up randomly when you are engaged in normal conversation, listening to radio, or watching TV? You're not alone, and this may have serious implications in enterprise security policy.

All things being equal (they're not) "Anyone who has used voice assistants knows that they accidentally wake up and record when the 'wake word' isn't spoken - for example, 'seriously' sounds like the wake word 'Siri' and often causes Apple's Siri-enabled devices to start listening," the Smart Speakers research study says.

To read this article in full, please click here



Computer World Security News
Feb 21, 2020

Apple joins industry effort to eliminate passwords
In a somewhat unusual move for Apple, the company has joined the Fast IDentity Online (FIDO) Alliance, an authentication standards group dedicated to replacing passwords with another, faster and more secure method for logging into online services and apps.

Apple is among the last tech bigwigs to join FIDO, whose members now include Amazon, Facebook, Google, Intel, Microsoft, RSA, Samsung, Qualcomm and VMware. The group also boasts more than a dozen financial service firms such as American Express, ING, Mastercard, PayPal, Visa and Wells Fargo.

"Apple is not usually up front in joining new organizations and often waits to see if they gain enough traction before joining in. This is fairly atypical for them," said Jack Gold, president and principal analyst at J. Gold Associates. "Apple is often trying to present [its] own proposed industry standards for wide adoption, but is generally not an early adopter of true multi-vendor industry standards.

To read this article in full, please click here



Computer World Security News
Feb 20, 2020

The mess behind Microsoft's yanked UEFI patch KB 4524244
Remember the warning about watching how sausage is made? This is an electronic sausage-making story with lots of dirty little bits.

First, the chronology. On February's Patch Tuesday, Microsoft released a bizarre standalone security patch, KB 4524244, which was then called "Security update for Windows 10, version 1607, 1703, 1709, 1803, 1809, and 1903: Feb. 11, 2020." The name has changed, but bear with me.

The original problems with KB 4524244 That patch had all sorts of weird hallmarks as I discussed at the time:

To read this article in full, please click here



Computer World Security News
Feb 19, 2020

How to prevent data loss on your network
Use these tools and techniques to protect important data from being exfiltrated from your Windows network.

Computer World Security News
Feb 18, 2020

Complying with CCPA: Answers to common questions
Enforcement of the California Consumer Privacy Act begins this summer, but lawsuits are already being filed. To help you comply and avoid being sued, CSO contributor Maria Korolov joins IDG TECH(talk) host Juliet Beauchamp to discuss critical components of the CCPA and answer viewers' questions.

Computer World Security News
Feb 18, 2020

Dump Windows 7 already! Jeez!
Why am I still writing about Windows 7? It's dead, Jim! The tombstone reads, "June 22, 2009 - January 14, 2020." It was a good run, but unless you're shelling out some serious coin for Windows 7 Extended Security Updates (ESU), you shouldn't be running Windows 7.

But many of you are. According to the best survey of who's running what, the U.S. government's Digital Analytics Program (DAP), on Feb. 14, weeks after Win7's end of life, just over one in 20 of Windows users was still using Windows 7! Oh, come on! More than 5%! A dead and buried OS! Get with the program!

To read this article in full, please click here



Computer World Security News
Feb 18, 2020

Mobile security: Worse than you thought
Many security professionals have long held that the words "mobile security" are an oxymoron. True or not, with today's mobile usage soaring in enterprises, that viewpoint may become irrelevant. It's a reasonable estimate that 2020 knowledge workers use mobile devices to either supplement or handle much of their work 98% of the time. Laptops still have a role (OK, if you want to get literal, I suppose a laptop can be considered mobile), but that's only because of their larger screens and keyboards. I'd give mobile players maybe three more years before that becomes moot.

That means that security on mobile needs to become a top priority. To date, that usually has been addressed with enterprise-grade mobile VPNs, antivirus and more secure communication methods (such as Signal). But in the latest Verizon Data Breach Investigations Report — always a worthwhile read — Verizon eloquently argues that aside from wireless, the form factor of mobile in and of itself poses security risks.

To read this article in full, please click here



Computer World Security News
Feb 17, 2020

How blockchain could help block fake news
In 2018, a video of former President Barrack Obama surfaced on YouTube explaining how easily technology could be used to manipulate video and create fake news. It got more than 7.2 million views.

In the video, Obama explains how we live in dangerous times when "enemies" can make anyone say anything at any point in time. Moments later, it's revealed that the video was itself faked.

Whether its news articles, images or video, fake and misleading content has proliferated across the internet over the past five or so years. One possible solution to the problem now being proposed would standardize how content is delivered online, with anything outside those standards not trusted.

To read this article in full, please click here



Computer World Security News
Feb 15, 2020

Microsoft springs last-minute demand on buyers of Windows 7 after-expiration support
Microsoft this week threw a wrench into the workings of its long-touted Windows 7 post-retirement support, telling IT administrators that there was a brand new prerequisite that must be installed before they can download the patches they'd already paid for.

The last-minute requirement was titled "Extended Security Updates Licensing Preparation Package" and identified as KB4538483 in Microsoft's numerical format.

The licensing prep package can be downloaded manually from the Microsoft Update Catalog. It should also appear in WSUS (Windows Server Update Services), the patch management platform used by many commercial customers. It will not, however, be automatically delivered through the Windows Update service, which some very small businesses rely on to provide them necessary patches.

To read this article in full, please click here



Computer World Security News
Feb 13, 2020

MIT researchers say mobile voting app piloted in U.S. is rife with vulnerabilities
Elections officials in numerous states have piloted various mobile voting applications as a method of expanding access to the polls, but MIT researchers say one of the more popular apps has security vulnerabilities that could open it up to tampering by bad actors.

The MIT analysis of the application, called Voatz, highlighted a number of weaknesses that could allow hackers to "alter, stop, or expose how an individual user has voted."

Additionally, the researchers found that Voatz's use of Palo Alto-based vendor Jumio for voter identification and verification poses potential privacy issues for users.

To read this article in full, please click here



Computer World Security News
Feb 13, 2020

A large - but manageable - February Patch Tuesday brings critical browser updates
With 99 reported vulnerabilities and patches to both Microsoft browsers, Office and Windows, this month's Patch Tuesday update is not as large an administrative burden as you might initially think. We've rated the browser updates as a "Patch Now" update due to issues with the Chakra engine, but both Office and Windows can be scheduled according to a regular patch cadence. Unfortunately, we have another Adobe Flash update to deploy, but no critical development updates for February.

You can find more information in our helpful infographic here.

To read this article in full, please click here



Computer World Security News
Feb 12, 2020

BlackBerry says its new Digital Workplace eliminates need for VPN, VDI
BlackBerry has unveiled its Digital Workplace platform, a web portal and workspace for secure online and offline access to corporate on-premise or cloud content,  including Microsoft Office 365 resources.

Digital Workplace, announced last week, integrates a secure browser-based workspace sold by Awingu, a Belgium company that penned a partnership with BlackBerry in 2018. Businesses can access their legacy Windows, Linux, SaaS or internal web apps, desktops and files inside of Awingu's secure managed browser. Awingu's unified workspace runs Windows, Linux, web and intranet apps.

To read this article in full, please click here



Computer World Security News
Feb 12, 2020

Patch Tuesday: 99 holes, 'exploited' IE fix, Win7 mayhem and UEFI ghost
What a month it's been - and the Patch Tuesday patches have only been out for 24 hours. There are many February patching foibles to report.

Every version of Windows 10, stretching back to the beginning of time (except for the long-neglected version 1511) got patches this month.

Welcome to the new, improved, paid-for Win7 patches There was no free Windows 7 update this month, even though Microsoft released a Monthly Rollup Preview in January. Anyone concerned about the well-documented "Stretch" black wallpaper bug caused by last month's Win7 Monthly Rollup apparently can pound sand - or manually download and install the fix. Your choice.

To read this article in full, please click here



Computer World Security News
Feb 12, 2020

Thought you already paid for Win7 Extended Security Updates? Think again.
I'm hearing lots of complaints from people who spent good money to get Win7 Extended Security Updates, but don't see this month's patches. There's a reason why. Microsoft didn't bother to tell us that you need a new patch, released yesterday, in order to start receiving Win7 ESU updates. You have to download the new patch, KB 4538483, from the Microsoft Catalog, and install it manually before the updates even appear.

Folks who spent money to get the February and later patches are livid. 

Yesterday, after releasing the February updates, Microsoft modified its ESU Procedure page to add this step:

To read this article in full, please click here



Computer World Security News
Feb 12, 2020

How cyber attackers hide malware on your network
Knowing where to look for malware lurking on your network gives you a better chance to prevent damage from it.

Computer World Security News
Feb 11, 2020

What's the difference between the deep web and the dark web?
We hear the terms "deep web" and "dark web" thrown around a lot... but what do they actually mean? And what's the difference between the two? CSO Online writer J.M. Porup joins Juliet to dispel rumors and discuss what sets the deep web and dark web apart from the rest of the web.

Computer World Security News
Feb 11, 2020

Why the Fed is considering a cash-backed cryptocurrency
The Federal Reserve is investigating the potential of a central bank digital currency (CBDC) as the backbone for a new, secure real-time payments and settlements system.

The move toward a form of government-backed digital currency is being driven by Fintech firms and a banking industry already piloting or planning to pilot cash-backed digital tokens, according to Lael Brainard, a member of the U.S. Federal Reserve's Board of Governors.

"Today, it can take a few days to get access to your funds. A real-time retail payments infrastructure would ensure the funds are available immediately - to pay utility bills or split the rent with roommates, or for small business owners to pay their suppliers," said Brainard, who serves as chair of the committees overseeing Financial Stability and Payments, Clearing and Settlements.

To read this article in full, please click here



Computer World Security News
Feb 10, 2020

For Patch Tuesday, verify you have 'Pause Updates' enabled
Remember the frenzy after last month's Patch Tuesday? How everybody and his twice-removed cousin — even the N forkin' SA — told you to get patched immediately because of this big, spooky Crypto API security hole that was supposed to bring down  Windows As We Know It, like, right now?

Guess what. It never materialized.

To read this article in full, please click here



Computer World Security News
Feb 10, 2020

Patch Tuesday's tomorrow. Verify you have 'Pause Updates' enabled
Remember the frenzy after last month's Patch Tuesday? How everybody and his twice-removed cousin — even the N forkin' SA — told you to get patched immediately because of this big, spooky Crypto API security hole that was supposed to bring down  Windows As We Know It, like, right now?

Guess what. It never materialized.

To read this article in full, please click here



Computer World Security News
Feb 10, 2020

UEM to marry security - finally - after long courtship
The days of enterprise security being a separate entity from mobile and desktop endpoint management are coming to an end, which should delight infrastructure and security teams who'll eventually have more powerful machine learning-enabled tools at their disposal - and a single console through which to control them.

Security around mobile and desktop infrastructures has traditionally depended on what's being managed; you purchase one for mobile devices and another for the rest of your endpoints, whether laptop or desktop.

While security threats are growing, particularly phishing attacks via email, SMS or hyperlinks, the amount of money companies spend on mobile security appears to be shrinking. And yet, the percentage of organizations that admit to having suffered a mobile compromise grew in 2019, according to a Verizon survey.

To read this article in full, please click here



Computer World Security News
Feb 10, 2020

UEM to marry security — finally — after long courtship
The days of enterprise security being a separate entity from mobile and desktop endpoint management are coming to an end, which should delight infrastructure and security teams who'll eventually have more powerful machine learning-enabled tools at their disposal — and a single console through which to control them.

Security around mobile and desktop infrastructures has traditionally depended on what's being managed; you purchase one for mobile devices and another for the rest of your endpoints, whether laptop or desktop.

[ Related: Enterprise mobility 2019: Dawning of the age of UEM ] While security threats are growing, particularly phishing attacks via email, SMS or hyperlinks, the amount of money companies spend on mobile security appears to be shrinking. And yet, the percentage of organizations that admit to having suffered a mobile compromise grew in 2019, according to a Verizon survey.

To read this article in full, please click here



Computer World Security News
Feb 07, 2020

Smart lighting security flaw illuminates risk of IoT
The latest smart home security nightmare sheds light on the risk you take each time you add another connected item to your home, office or industrial network - and even market leading brands make mistakes.

The story of Hue Philips Hue smart lighting systems are probably among the most widely installed smart home solutions in the world, so plenty of people deserve to learn about the latest Check Point research which warns of a major security flaw in them.

To read this article in full, please click here



Computer World Security News
Feb 06, 2020

U.S. Air Force to pilot blockchain-based database for data sharing
The U.S. Air Force (USAF) is planning to test a blockchain-based graph database that will allow it to share documents internally as well as throughout the various branches of the Department of Defense and allied governments.

The permissioned blockchain ledger comes from a small Winston-Salem, N.C. start-up, Fluree PBC, which announced the government contract this week. Fluree is working with Air Force's Small Business Innovation Research AFWERX technology innovation program to launch a proof of concept of the distributed ledger technology (DLT) later this year.

To read this article in full, please click here



Computer World Security News
Feb 06, 2020

Is Apple's iCloud folder sharing a shadow IT problem?
After a long delay, Apple is preparing to introduce iCloud Folder Sharing across both its Mac and iOS platforms. This is a big blessing for collaboration, but is it safe?

What is iCloud Folder Sharing? iCloud Folder Sharing was first announced at WWDC 2019, but delayed until - well, at present it is still delayed and was only recently made available inside the latest iOS and macOS developer betas. Which means it should be on the way.

Probably.

How it works?

To read this article in full, please click here



Computer World Security News
Feb 05, 2020

It's not too late to get an Extended Security Update license for Windows 7
Worried about the future of your Win7 machine? Welcome to the family.

Right now, we have a promise that Microsoft will fix the "Stretch" wallpaper bug it rolled out last month, and there's some hope that it will fix the Internet Explorer JScript engine security hole CVE-2020-0674 noted last month in Security Advisory ADV200001. We don't know how/when the fix(es) will be distributed, or if Microsoft will soften its "no free Win7 patches after January 14" edict in some other way.

To read this article in full, please click here



Computer World Security News
Feb 05, 2020

How to check your vulnerability to credential dumping
Use these techniques to see if attackers have harvested authentication credentials from your Windows network.

Computer World Security News
Feb 04, 2020

Iowa Caucus chaos likely to set back mobile voting
A coding flaw and lack of sufficient testing of an application to record votes in Monday's Iowa Democratic Presidential Caucus will likely hurt the advancement and uptake of online voting.

While there have been hundreds of tests of mobile and online voting platforms in recent years - mostly in small municipal or corporate shareholder and university student elections - online voting technology has yet to be tested for widespread use by the general public in a national election.

"This is one of the cases where we narrowly dodged a bullet," said Jeremy Epstein, vice chair of the Association for Computing Machinery's US Technology Policy Committee (USTPC). "The Iowa Democratic Party had planned to allow voters to vote in the caucus using their phones; if this sort of meltdown had happened with actual votes, it would have been an actual disaster. In this case, it's just delayed results and egg on the face of the people who built and purchased the technology."

To read this article in full, please click here



Computer World Security News
Feb 04, 2020

The problem with mobile and app voting
It's the day after the 2020 Iowa caucuses, and the Iowa Democratic Party has yet to announce the winner. The app that precinct leaders were supposed to use to report final tallies recorded inconsistent results. Party leaders blamed a "coding issue" within the app, not a hack or attack. Computerworld's Lucas Mearian joins Juliet to discuss the problem with mobile voting and how this snafu may affect the reputation of app voting in the future.

Computer World Security News
Feb 04, 2020

Come on, NSA, it's time to join the fight against Windows hacking
It's no secret that hackers the world over target Windows vulnerabilities in order to wreak havoc, hold up data and networks for ransom, pull off money-making scams, and disrupt elections and the workings of democracy. They target Windows for a simple reason: volume. The operating system is on the vast majority of desktop and laptop computers worldwide.

Over the years, the U.S. National Security Agency (NSA) has unwittingly helped hackers in some of the world's most dangerous and notoriously successful attacks by developing tools to exploit Windows security holes, rather than alert Microsoft to those vulnerabilities. Some of the tools have been leaked to hackers and used in massive attacks, including the EternalBlue cyber-exploit, which was used in the WannaCry global ransomware attack that affected computers in more than 150 countries and is estimated to have caused billions of dollars in damage.

To read this article in full, please click here



Computer World Security News
Jan 30, 2020

The perils of shouting 'fire' in a crowd of PC patchers
Time and again we see the same drama play out. Microsoft releases a security patch and scary warnings appear from every corner. When your local news broadcast tells you that you better patch Windows right now…, more temperate advice should prevail.

A little over two weeks ago, on Patch Tuesday, Microsoft released a patch for a security hole known as  CVE-2020-0601 - the Crypt32.dll vulnerability also called ChainOfFools or CurveBall. 

To read this article in full, please click here



Computer World Security News
Jan 30, 2020

Fed rule on patient access to healthcare data gets EMR vendor pushback
The largest electronic medical record (EMR) vendor in the U.S. is fighting a proposed government rule to allow patients and their physicians greater access to electronic health information - regardless of the technology platform - to promote data exchange.

According to a number of recent reports, EMR vendor Epic Systems is lookng to derail the finalization of a rule from the Department of Health and Human Services (HHS) that would implement some provisions of the 21st Century Cures Act. In particular, the rules governing information-blocking of patient healthcare information and EMR interoperability are at the heart of the fight.

To read this article in full, please click here



Computer World Security News
Jan 29, 2020

How to better control access to your Windows network
Take stock of how people and devices access your network and block potential avenues of attack.

Computer World Security News
Jan 28, 2020

Seattle tries out mobile voting
About 1.2 million Seattle area voters will be able to use their smartphone, laptop or a computer at their local library to vote in a current election this year.

This will be the first-time online voting is available to all eligible registered voters of a district, according to a foundation behind the initiative.

The King Conservation District in Washington State is the third region in the U.S. to partner with the non-profit Tusk Philanthropies on a national effort to expand mobile voting, and Washington is the fifth state to pilot mobile voting in general. The King Conservation District is a state environmental agency that includes Seattle and 33 other cities, but it is separate from the King County Elections agency and operates under a different budget.

To read this article in full, please click here



Computer World Security News
Jan 27, 2020

Why manipulation campaigns are the biggest threat facing the 2020 election
This era of political espionage is rooted in manipulative ads, fake news articles and other forms of digital content. It's one of the nation's greatest threats, especially as we approach the 2020 presidential election.

Computer World Security News
Jan 24, 2020

Google and Microsoft have gone too far
Google and Microsoft are using dark pattern design to trick or force users to do things they never intended. Is it time to switch to more ethical search engines? (We list 10 alternatives.)

Computer World Security News
Jan 24, 2020

Get the January 2020 Patch Tuesday patches installed
This month has seen a whole lotta hand waving and sky-is-falling-caliber rhetoric, but the reality is much more prosaic. If you aren't running a major network (and thus aren't susceptible to the imminent problems with Remote Desktop Gateway, the Citrix network bugs or the whopping 334 patches in Oracle), there's been little reason to install this month's updates. 

To read this article in full, please click here



Computer World Security News
Jan 23, 2020

Microsoft Patch Alert: January 2020 patches look relatively benign
The big patching problems this month fell at the feet of admins who had to deal with an unholy mess of pressing exposures: Fixing the holes in Microsoft's RD Gateway (CVE-2020-0610; see Susan Bradley's Patch Watch, paywalled); dealing with Server 2008 R2 systems that booted to Recovery mode after installing the January patches; scrambling to pick up after breaches in Citrix networking products; or the 334 Oracle security patches. They all took a toll.

To read this article in full, please click here



Computer World Security News
Jan 22, 2020

How to prep for Windows 7, Server 2008 end of life
Still running Windows 7 or Windows Server 2008? Take these steps to minimize your risk.

Computer World Security News
Jan 22, 2020

Galaxy users, take note: Samsung's probably selling your data
Relying on Google services, as most of us Android-carrying primates do, comes with a certain tradeoff. It's no big secret or anything: Google makes its money by selling ads, which are more effective when they're catered to our interests — the subjects we tend to search about, the things we buy (when Google knows about 'em, at least), and often even the places we go with our location-enabled phones in tow (and/or in toe, for the monkeys among us).

That's all par for the course, as I frequently say — part of the deal we all accept when we use Google services. That's what makes it possible for Google to give us top-notch apps for free, and it's also what opens the door to certain advanced features that wouldn't be possible without that information's presence.

To read this article in full, please click here



Computer World Security News
Jan 21, 2020

Don't worry about CurveBall just yet — get your Citrix systems patched
Hey, admins! It's been an exciting week, eh?

Most of you have been inundated with requests — demands — that you patch all of your systems immediately to protect them from the highly publicized CVE-2020-0601 Crypt32.dll security hole, known as "Chain Of Fools" or "CurveBall." 

While you were scrambling to comply with the NSA's unique advertising, abetted by almost every security expert on the planet, a funny thing happened. There are no in-the-wild exploits for the ol' CurveBall. But there are lots and lots of Citrix ADC and Citrix Gateway systems under attack, using a security hole announced in December called CVE-2019-19781. 

To read this article in full, please click here



Computer World Security News
Jan 17, 2020

3 reasons you can't fight facial recognition
The biometric backlash is but a brief blip. Resistance is futile. You WILL be identified. But is that good or bad?

Computer World Security News
Jan 17, 2020

Worried about an NSA ChainOfFools/CurveBall attack? There are lots of moving parts. Test your system.
If you want to install the January Patch Tuesday patches, by all means, go right ahead. That said, I continue to recommend that you hold off installing the January Microsoft patches until we get a clearer reading on potential bugs.

The pro-patch-now argument generally goes something like this: Everybody is recommending that you install the patches to protect against the Crypto bug — almost all of the major security folks, the researchers, the big online sites, your local news station, your congresscritter, your neighbor's nine-year-old, even the bleeping NSA. It's a little patch. Why not just install it and be done with it?

To read this article in full, please click here



Computer World Security News
Jan 16, 2020

Kadena launches a hybrid platform to connect public, private blockchains
Brooklyn-based spinoff Kadena has launched a hybrid blockchain that can scale horizontally, enabling multiple electronic ledgers to talk to each other via smart contracts - and letting users transfer cryptocurrency between the chains.

Hybrid blockchains combine permissioned chains for businesses to transact in the background while connecting to a public blockchain (via an API) for consumers and others to make money transfers or access information about products moving across supply chains.

"Their hybrid blockchain model looks interesting, mainly because it enables interoperability via smart contracts that run on public chains and talk to/with private chains," said Avivah Litan, a vice president of research at Gartner. "That way, enterprises can keep their private data and transactions limited to the private chain but benefit from the liquidity and cross-chain access available by leveraging smart contracts running on the public chain."

To read this article in full, please click here



Computer World Security News
Jan 16, 2020

Kadena launches Chainweb, a hybrid platform to connect public, private blockchains
Brooklyn-based startup Kadena has launched a hybrid blockchain that can scale horizontally, enabling multiple electronic ledgers to talk to each other via smart contracts - and letting users transfer cryptocurrency between the chains.

Hybrid blockchains combine permissioned chains for businesses to transact in the background while connecting to a public blockchain (via an API) for consumers and others to make money transfers or access information about products moving across supply chains.

"Their hybrid blockchain model looks interesting, mainly because it enables interoperability via smart contracts that run on public chains and talk to/with private chains," said Avivah Litan, a vice president of research at Gartner. "That way, enterprises can keep their private data and transactions limited to the private chain but benefit from the liquidity and cross-chain access available by leveraging smart contracts running on the public chain."

To read this article in full, please click here



Computer World Security News
Jan 15, 2020

Windows 7 end of support: Separating the bull from the horns
No, Windows 7 isn't dead.

No, you don't need to buy a Win10 computer. 

No, you don't need to upgrade.

No, you don't need to install the latest Win7 patches right away.

No, Microsoft isn't withdrawing its unofficial nod-and-a-wink free upgrade from Win7 to Win10. At least, not right away.

No, the old Win7 patches aren't disappearing.

No, your Internet Service Provider won't kick you off your network for using Win7.

To read this article in full, please click here



Computer World Security News
Jan 15, 2020

Patch Tuesday aftermath: The NSA Crypt32 threat is real, but not yet imminent
Get ready for your local news station's weather reporter to start lecturing on the importance of installing Windows patches.

Yesterday we were treated to a remarkable Patch Tuesday. "Remarkable" specifically in the sense that the U.S. National Security Agency was moved to put out a press release (PDF):


To read this article in full, please click here



Computer World Security News
Jan 15, 2020

Breaking iPhone encryption won't make anyone safer
Imagine all your tax documentation could be examined by officials from any government merely on suspicion. That's the future some governments are pushing for when they demand Apple puts security backdoors into its products.

Making no one safe Think about the nature of security backdoors:

To read this article in full, please click here



Computer World Security News
Jan 15, 2020

3 easy ways to make your Windows network harder to hack
Start the new year off by eliminating common paths for attackers to breach your network.

Computer World Security News
Jan 14, 2020

Microsoft to Windows 7: Beat it, you bum
Microsoft today figuratively told Window 7 - which ended support with a final security update - not to let the door hit it on the way out.

"Ten-year-old tech just can't keep up," Jared Spataro, an executive on the Microsoft 365 team, wrote in a post to a company blog. "As we end support for Windows 7, I encourage you to transition to these newer options right away."

Not surprisingly, Spataro named those newer options as Windows 10 to replace Windows 7, and Office 365 to fill in for the retiring-in-October Office 2010. Combined, they make up the bulk of Microsoft 365, the business subscription plan Microsoft wants all customers to adopt.

To read this article in full, please click here



Computer World Security News
Jan 14, 2020

Apple refuses latest government iPhone-unlock request
Apple turned down a request from U.S. Attorney General William Barr this week,  saying it will not help unlock two iPhones used by a terrorist suspect last month in the deadly shooting at the Naval Air Station in Pensacola, Fla.

Barr said the shooter, 21-year-old Mohammed Saeed Alshamrani, acted alone when he shot and killed three service members and wounded several others, including two sheriff's deputies responding to the attack. Alshamrani, a member of the Saudi Air Force and an aviation student at the base, was shot dead on the scene by police.

To read this article in full, please click here



Computer World Security News
Jan 14, 2020

Feds may already have found a way to hack into Apple iPhones
After Apple turned down a request by U.S. Attorney General William Barr this week to unlock two iPhones used by a terrorist suspect in a recent deadly shooting, the FBI appears to already have the tools needed to access the smartphones.

Apple turned down a request from U.S. Attorney General William Barr saying it would  not help unlock two iPhones used by the shooter, 21-year-old Mohammed Saeed Alshamrani. He is believed to have acted alone when he shot and killed three service members and wounded several others at the Naval Air Station in Pensacola, Fla. last month.

To read this article in full, please click here



Computer World Security News
Jan 14, 2020

Today's Patch Tuesday brings fireworks and — a magic bullet?
Over the past few years we've seen a few security holes that have drawn Chicken Little warnings and vast amounts of unthinking press reports. When you turn on a local news program and hear from the hometown weather reporter that you really need to get Windows patched, a bit of skepticism might be in order.

Today's Patch Tuesday appears to be headed down the same well-worn chute.

Brian Krebs, the security guru with impeccable credentials, fired an opening salvo in his blog post yesterday:

To read this article in full, please click here



Computer World Security News
Jan 14, 2020

Seven high points of Windows 7
Today Microsoft issues its final free security update for Windows 7, putting an end to that operating system's decade.

To remember that service - a retirement party but without the cloyingly-sweet cake and cheap gold watch - Computerworld selected seven highlights of Windows 7. While the seven do not pretend to trace Windows 7's history, they illustrate the influence and impact of the OS.

Here's to Windows 7. Raise a glass, for cryin' out loud.

It salvaged Microsoft's reputation after the Vista debacle The numbers say it all.

Windows Vista, the 2006 replacement for Windows XP, topped out at 20% of all Windows versions in October 2009. Even though the OS it followed was long in the tooth - XP was nearly twice the age of a typical version when it was supplanted - Vista struggled to put a dent in its forerunner's share.

To read this article in full, please click here



Computer World Security News
Jan 14, 2020

Saying goodbye to Windows 7 isn't easy, but you must
Listen, I get it. Windows 7 has worked really well. After the Vista fiasco, you were so happy to get a decent version of Windows. You dodged the Windows 8.x sinkhole, and, boy, were you glad! Then, you thought about Windows 10, but 7 just did the job so you stuck with it, and then you felt vindicated because of Windows 10's dodgy upgrades and patches. Now, today, Jan. 14, 2020, Windows 7 has reached its end of life, and either you've upgraded to Windows 10 or you're working on another Windows 7 alternative like Chrome OS, macOS or Linux, right?

To read this article in full, please click here



Computer World Security News
Jan 09, 2020

Mozilla patches Firefox zero-day as attackers exploit flaw
Just one day after releasing Firefox 72, Mozilla updated the browser with a fix to shut down active attacks, the company acknowledged.

On Wednesday, Mozilla issued Firefox 72.0.1, which included one change: A patch for the vulnerability identified as CVE-2019-17026. "We are aware of targeted attacks in the wild abusing this flaw," Mozilla said in the short description of the flaw, signaling that criminals were already leveraging the zero-day vulnerability, the term applied because there no time elapses between patching and exploitation.

To read this article in full, please click here



Computer World Security News
Jan 09, 2020

Your Windows PC may become collateral damage in any conflict with Iran
When Iran launches cyberattacks in revenge for the killing of Major Gen. Qasem Soleimani — which it almost certainly will do — the attack vector, as always, will be Windows. And when that happens, your PC and your business's PCs will be right in the crosshairs. Here's why — and how you can protect your machines and your business.

A long history of U.S.-Iranian cyberwarfare To understand the coming cyberattacks, it's useful to look back. For more than a decade, the U.S. and Iran have engaged in low-level cyberwarfare, with occasional bursts of higher-level attacks. The most destructive of them was Stuxnet, launched in 2009 by the U.S. and Israel against Iran's nuclear program. It exploited four zero-day flaws in Windows machines, which controlled the centrifuges Iran used to create nuclear material that can be used in nuclear weapons.

To read this article in full, please click here



Computer World Security News
Jan 08, 2020

Apple wants privacy laws to protect its users
Your iPhone (like most smartphones) knows when it is picked up, what you do with it, who you call, where you go, who you know - and a bunch more personal information, too.

The snag with your device knowing all this information is that once the data is understood, that information can be shared or even used against you.

Information is power Jane Horvath, Apple's senior director for global privacy, appeared at CES 2020 this week to discuss the company's approach to smartphone security. She stressed the company's opposition to the creation of software backdoors into devices, and also said:

To read this article in full, please click here



Computer World Security News
Jan 08, 2020

Apple's wants privacy laws to protect its users
Your iPhone (like most smartphones) knows when it is picked up, what you do with it, who you call, where you go, who you know - and a bunch more personal information, too.

Information is power The snag with your device knowing all this information is that once the data is understood than that information can be shared or even used against you.

Jane Horvath, Apple's senior director for global privacy, appeared at CES 2012 to discuss the company's approach to smartphone security.

To read this article in full, please click here



Computer World Security News
Jan 08, 2020

How to fix insecure LDAP binds
Prevent Windows admin credentials from being exposed in cleartext with this tip.

Computer World Security News
Jan 07, 2020

FAQ: Last-minute answers about Windows 7's post-retirement patches
A week from now, Microsoft will serve customers with the last for-free Windows 7 security update, in effect retiring the 2009 operating system.

However, hundreds of millions of personal computers will still power up thanks to Windows 7 on Jan. 14, and for an indeterminate timespan after that date. Windows 7 may be retiring, but it's not disappearing.

Microsoft admitted as much more than a year ago when it announced Extended Security Updates (ESU), a program for commercial customers who needed more time to ditch Windows 7. ESU would provide patches for some security vulnerabilities for as long as three years. For a fee.

To read this article in full, please click here

(Insider Story)

Computer World Security News
Jan 06, 2020

Microsoft Patch Alert: December patches hang Win7 Pro endpoints and force Server 2012 reboots
It was the kind of month admins dread: Mysterious problems on hundreds of machines, with no apparent cause or cure. Toss in the holidays, and we had a whole lot of Mr. and Ms. Grinches in the industry.

Fortunately, it looks like the problems have been sorted out at this point. Individual users had many fewer problems. Microsoft's left and right hands still aren't talking on the 1909 team, but what else is new…

Win7 hang on 'Preparing to configure Windows' Microsoft dropped a new Servicing Stack Update for Windows 7 on Dec. 10, and it gummed up the works for many. Here's a good summary on Reddit from poster Djaesthetic:

To read this article in full, please click here



Computer World Security News
Jan 06, 2020

Top 3 enterprise tech trends to watch in 2020
If blockchain felt more like hype than reality in 2019, prepare for that to change. Industry watchers expect 2020 to be the year the distributed ledger technology matures and we see use cases that go beyond cryptocurrency.

Areas where experts envision growth include data security, the supply chain and electronic health records.

"Someone's gonna hit me, but I think blockchain as it relates to data security (think access management) is going to have some landmark use cases in 2020," Siobhan Climer, science and technology writer at Mindsight, said during a recent IDG TECH(talk) Twitter chat.

To read this article in full, please click here



Computer World Security News
Jan 06, 2020

Amid privacy and security failures, digital IDs advance
Frustration over a growing number of privacy and security failuresin recent years is driving the creation of digital identities controlled only by those whose information they contain.

Known as "self-sovereign identities," the digital IDs will be used by consumers, businesses, their workers and governments over the next few years to verify everything from credit worthiness and college diplomas to licenses and business-to-business credentials.

"We are slowly graduating from crawling to walking. It takes one to two years 'til we have reliable capabilities to spark meaningful decentralized identity adoption," said Homan Farahmand, a senior research director at Gartner. "A major non-technical hurdle is for organizations to learn the concept and take the necessary steps to appropriately adapt their business processes to decentralized identity ecosystems."

To read this article in full, please click here



Computer World Security News
Jan 03, 2020

Will spam die in 2020?
The problem with spam isn't that it's a time-wasting annoyance, but that it drives us away from phone calls and emails to bad media.

Computer World Security News
Jan 03, 2020

Windows vulnerability
Pilot fish is working at a bank, but it's the 1970s, and ATMs are far from common. What this bank has is an after-hours teller window, available from 3 to 7 p.m. It's located in a small enclosure accessible from the street, and its operation involves a human teller working behind a reinforced-concrete wall.

When the bank develops an online customer system, the night teller is chosen as the testing ground, because the new system will allow for instant posting of deposits instead of waiting for the next day. And fish, a computer science major, will serve as teller/guinea pig.

But first, a new window has to be constructed, right next to the two-story glass façade of the bank. The work includes putting the cabling inside heavy steel pipes to ensure that no one can tap into them.

To read this article in full, please click here



Computer World Security News
Jan 02, 2020

How to get maximum protection from MFA in Office 365
Follow these steps to ensure your multi-factor authentication for Office 365 is effective.

Computer World Security News
Dec 31, 2019

Ultra Wideband (UWB) explained (and why it's in the iPhone 11)
One of the new chips in this year's crop of iPhones is the U1; it provides Ultra Wideband (UWB) connectivity that, in conjunction with Internet of Things (IoT) technology, could offer a myriad of new services for enterprises and consumers.

As Apple puts it, UWB technology offers "spatial awareness" - the ability for your phone to recognize its surroundings and the objects in it. Essentially, one iPhone 11 user can point his or her phone at another and transfer a file or photo.

While the technology isn't new, Apple's implementation marks the first time UWB has been used in a modern smartphone.

What is Ultra Wideband? UWB is a short-range, wireless communication protocol that - like Bluetooth or Wi-Fi - uses radio waves. But it differs substantially in that IT operates at a very high frequency. As its name denotes, it also uses a wide spectrum of several GHz. One way to think of it is as a radar that can continuously scan an entire room and precisely lock onto an object like a laser beam to discover its location and communicate data.

To read this article in full, please click here



Computer World Security News
Dec 30, 2019

Most popular tech stories of 2019
Insider Pro subscribers pick the Top 10 articles published in our debut year.

Computer World Security News
Dec 26, 2019

Top tech stories of 2019
The new Apple Card, the battle for cryptocurrency dominance, cybersecurity skills shortage - just a few of the stories that made headlines in 2019. Watch as IDG TECH(talk) hosts Ken Mingis and Juliet Beauchamp discuss the top tech stories of the year.

Computer World Security News
Dec 24, 2019

How to make the most of Microsoft's new Compliance Score Console
This new Microsoft 365 feature can help you stay in compliance with regulations like GDPR and better protect data.

  • CEOExpress
  • 1 Boston Place | Suite 2600
    Boston MA 02108
  • 617 482 1200
    617 299 8649 (fax)
  • Contact
  • As an Amazon Associate
    CEOExpress earns from
    qualifying purchases.

©1999-2020 CEOExpress Company LLC