Skip to main content
Please wait...

Microsoft Patch Alert: December patches hang Win7 Pro endpoints and force Server 2012 reboots

1 week 6 days ago

It was the kind of month admins dread: Mysterious problems on hundreds of machines, with no apparent cause or cure. Toss in the holidays, and we had a whole lot of Mr. and Ms. Grinches in the industry.

Fortunately, it looks like the problems have been sorted out at this point. Individual users had many fewer problems. Microsoft’s left and right hands still aren’t talking on the 1909 team, but what else is new…

Win7 hang on 'Preparing to configure Windows'

Microsoft dropped a new Servicing Stack Update for Windows 7 on Dec. 10, and it gummed up the works for many. Here’s a good summary on Reddit from poster Djaesthetic:

To read this article in full, please click here

Woody Leonhard

Top 3 enterprise tech trends to watch in 2020

1 week 6 days ago

If blockchain felt more like hype than reality in 2019, prepare for that to change. Industry watchers expect 2020 to be the year the distributed ledger technology matures and we see use cases that go beyond cryptocurrency.

Areas where experts envision growth include data security, the supply chain and electronic health records.

“Someone's gonna hit me, but I think blockchain as it relates to data security (think access management) is going to have some landmark use cases in 2020,” Siobhan Climer, science and technology writer at Mindsight, said during a recent IDG TECH(talk) Twitter chat.

To read this article in full, please click here

Michelle Davidson

Amid privacy and security failures, digital IDs advance

2 weeks ago

Frustration over a growing number of privacy and security failures in recent years is driving the creation of digital identities controlled only by those whose information they contain.

Known as “self-sovereign identities,” the digital IDs will be used by consumers, businesses, their workers and governments over the next few years to verify everything from credit worthiness and college diplomas to licenses and business-to-business credentials.

“We are slowly graduating from crawling to walking. It takes one to two years 'til we have reliable capabilities to spark meaningful decentralized identity adoption,” said Homan Farahmand, a senior research director at Gartner. “A major non-technical hurdle is for organizations to learn the concept and take the necessary steps to appropriately adapt their business processes to decentralized identity ecosystems.”

To read this article in full, please click here

Lucas Mearian

Windows vulnerability

2 weeks 3 days ago

Pilot fish is working at a bank, but it’s the 1970s, and ATMs are far from common. What this bank has is an after-hours teller window, available from 3 to 7 p.m. It’s located in a small enclosure accessible from the street, and its operation involves a human teller working behind a reinforced-concrete wall.

When the bank develops an online customer system, the night teller is chosen as the testing ground, because the new system will allow for instant posting of deposits instead of waiting for the next day. And fish, a computer science major, will serve as teller/guinea pig.

But first, a new window has to be constructed, right next to the two-story glass façade of the bank. The work includes putting the cabling inside heavy steel pipes to ensure that no one can tap into them.

To read this article in full, please click here

Sharky

Ultra Wideband (UWB) explained (and why it’s in the iPhone 11)

2 weeks 6 days ago

One of the new chips in this year’s crop of iPhones is the U1; it provides Ultra Wideband (UWB) connectivity that, in conjunction with Internet of Things (IoT) technology, could offer a myriad of new services for enterprises and consumers.

As Apple puts it, UWB technology offers “spatial awareness" – the ability for your phone to recognize its surroundings and the objects in it. Essentially, one iPhone 11 user can point his or her phone at another and transfer a file or photo.

While the technology isn't new, Apple’s implementation marks the first time UWB has been used in a modern smartphone.

What is Ultra Wideband?

UWB is a short-range, wireless communication protocol that – like Bluetooth or Wi-Fi – uses radio waves. But it differs substantially in that it operates at a very high frequency. As its name denotes, it also uses a wide spectrum of several GHz. One way to think of it is as a radar that can continuously scan an entire room and precisely lock onto an object like a laser beam to discover its location and communicate data.

To read this article in full, please click here

Lucas Mearian

Top tech stories of 2019

3 weeks 4 days ago
The new Apple Card, the battle for cryptocurrency dominance, cybersecurity skills shortage – just a few of the stories that made headlines in 2019. Watch as IDG TECH(talk) hosts Ken Mingis and Juliet Beauchamp discuss the top tech stories of the year.

Microsoft blinks: Security Essentials will continue to receive updates after Jan. 14

1 month ago

Late last week, I talked about a discrepancy in Microsoft’s promised handling of Microsoft Security Essentials as Windows 7 reaches end of support. An internally inconsistent official announcement seemed to say that MSE signature file updates would stop — even for those who have paid for Extended Security Updates. 

Which is absurd. Why would Microsoft stop updating its antivirus program even for people who are paying to continue receiving Monthly Rollup patches?

To read this article in full, please click here

Woody Leonhard

How bad can text security be? One company just showed us.

1 month ago

There is nothing more quintessentially mobile than text messages, the most commonly used communication method today. That's why it was very unsettling that a security research house found — and the vendor at issue essentially confirmed — that a massive number of text messages were stored in plaintext, with no security at all. In short, the texts from what the security research firm estimated were "hundreds of millions of people" were open to any thief or stalker who wanted to look.

The company involved, an Austin-based business called TrueDialog, would likely be unknown to almost all of those users. TrueDialog is a marketing firm offering SMS products and services to other companies — a lot of companies. That will make it hard for consumers to even know if their texts were victimized. Text message users were able to text back, giving the impression of having two-way conversations with businesses.

To read this article in full, please click here

Evan Schuman

Will Microsoft stop updating its Security Essentials on Jan. 14? Are you sure?

1 month ago

You know that businesses will be able to pay for Win7 security patches after Win7 hits end-of-life on Jan. 14. Many of Microsoft's Extended Security Update program details aren't clear to me — How does a very small business buy ESU? Why is Microsoft releasing Edge on Win7 the day after it goes end-of-life? Will that new full-screen nag keep coming back? — but there’s one loose end that sits in the middle of my confusion.

To read this article in full, please click here

Woody Leonhard

The usual suspects

1 month 1 week ago

One morning Wilma, the print shop manager at a beer distributor, discovers that her computer has a virus. It’s no big deal — sometimes bad things happen to good computers — so she cleans up the system and gets on with her day.

But a few days later the system is infected again.

Considerably more annoyed this time, she contacts Betty (the company’s sole IT person) to get some assistance and make sure the system is 100% clean. After disinfecting the system, Betty checks the browser history and finds that someone has been making late-night visits to X-rated websites.

The question then becomes, Who is using company resources to watch porn? At most companies, suspicion would immediately fall on the nighttime cleaning crew. But the print shop is located in the warehouse, to which the cleaning crew doesn’t have access.

To read this article in full, please click here

Sharky

Apple is forcing the ad industry to change

1 month 1 week ago

Advertising has become too personal.

Modern systems learn too much about your personal life, tastes and aspirations, and while this is manna from heaven for advertisers, it’s an invasion of privacy for many. And Apple is changing the equation.

Intelligent Tracking Prevention

Apple has built a technology that reduces the quantity of data advertisers can harvest from your online life. It is called Intelligent Tracking Prevention and The Information tells us that since the technology debuted in 2017:

To read this article in full, please click here

Jonny Evans

Patch Tuesday brings a reprise of the Autopilot debacle, now quashed, and another Win7 nag

1 month 1 week ago

Patch Tuesday in December rarely brings anything worthwhile — everybody’s on vacation, or wants to be on vacation — and this month’s no exception. We got patches for 36 separately identified security holes and two new advisories, full of sound and fury but covering very little.

The one “exploited” security hole — CVE-2019-1458 Win32k Elevation of Privilege Vulnerability — shouldn’t cause any heartburn. Microsoft says:

To read this article in full, please click here

Woody Leonhard

Blockchain/IoT integration accelerates, hits a 'sweet spot'

1 month 1 week ago

Three-quarters of companies implementing IoT have already adopted blockchain or plan to use it by the end of 2020, an indicator of the growing connection between the two, according to a survey of 500 U.S. companies by Gartner.

While the marriage between the two technologies has been expected to be crucial for  industry digital transformation, the adoption rate is happening at a “much faster pace than expected,” Gartner said.

“Among the blockchain adopters, 86% are implementing the two technologies together in various projects,” Avivah Litan, a Gartner vice president and report author,  wrote in a blog. She called IoT integration "a sweet spot" for blockchain, the much-hyped distributed ledger technology.

To read this article in full, please click here

Lucas Mearian

Android security checkup: 16 steps to a safer phone

1 month 1 week ago

Android security is always a hot topic on these here Nets of Inter — and almost always for the wrong reason.

As we've discussed ad nauseam over the years, most of the missives you read about this-or-that super-scary malware/virus/brain-eating-boogie-monster are overly sensationalized accounts tied to theoretical threats with practically zero chance of actually affecting you in the real world. If you look closely, in fact, you'll start to notice that the vast majority of those stories stem from companies that — gasp! — make their money selling malware protection programs for Android phones. (Pure coincidence, right?)

To read this article in full, please click here

JR Raphael
Checked
23 minutes 35 seconds ago
Computer World Security
Subscribe to Computer World Security feed

About SecurityFeeds

SecurityFeeds Logo

Tim Weil is a Security Architect/IT Security Manager with over twenty five years of IT management, consulting and engineering experience in the U.S. Government and Communications Industry.  Mr. Weil's technical areas of expertise include IT Security Management, Enterprise Security Architecture, FISMA Compliance, Identity Management, and Network Engineering. Mr. Weil is a Senior Member of the IEEE and has served in several IEEE positions.