Skip to main content
Please wait...

Throwback Thursday: Pick a card, any card ...

2 months 2 weeks ago

This conglomerate is structured as several smaller companies, with a big central IT organization plus individual IT groups in some of the companies, reports an IT pilot fish there.

“An IT staffer from one of the companies loaded a password cracker and proceeded to crack the Windows NT servers,” fish says. “He sent out emails bragging about how insecure NT was and giving the NT team a hard time.”

Fish isn’t on the NT team, but he and his security co-workers decide to strike back on behalf of their colleagues — and they do it through the central IT audit group, to make sure it’s all above board.

First, they supply the audit people with a list of more than 100 Unix servers, and get them to pick a server at random. Amazingly, the audit group picks the only server on the list that belongs to the company where the NT attack originated.

To read this article in full, please click here

Sharky

The January Windows and Office patches are good to go

2 months 3 weeks ago

Compared to some months last year, January has been a Microsoft patching cakewalk. We had several rounds of close calls and missed calls, as I posted earlier this week, but almost everything is cleared up.

We’ve seen a few more problems raise their ugly heads in the past few days:

  • Microsoft has confirmed that the latest version of Office Click-to-Run (which you’re likely using if you have Office 365) makes the conversation window disappear in Skype for Business 2016.
  • The Windows 8.1 Monthly Rollup, KB 4480963, breaks the Live Migration feature on older AMD Opteron machines. We’re still waiting for confirmation on that one.
  • Citrix confirms (but Microsoft hasn’t acknowledged) that the latest Win10 1803 cumulative update, KB 4480976, causes page file problems when the page file isn’t sitting on C:. More details on Tenforums.

Those are typical Microsoft edge-use bugs: They don’t affect many people, but if you’re one of the stuckees, you’re up the ol’ creek.

To read this article in full, please click here

Woody Leonhard

The January Windows and Office patches are good to go

2 months 3 weeks ago

Compared to some months last year, January has been a Microsoft patching cakewalk. We had several rounds of close calls and missed calls, as I posted earlier this week, but almost everything is cleared up.

We’ve seen a few more problems raise their ugly heads in the past few days:

  • Microsoft has confirmed that the latest version of Office Click-to-Run (which you’re likely using if you have Office 365) makes the conversation window disappear in Skype for Business 2016.
  • The Windows 8.1 Monthly Rollup, KB 4480963, breaks the Live Migration feature on older AMD Opteron machines. We’re still waiting for confirmation on that one.
  • Citrix confirms (but Microsoft hasn’t acknowledged) that the latest Win10 1803 cumulative update, KB 4480976, causes page file problems when the page file isn’t sitting on C:. More details on Tenforums.

Those are typical Microsoft edge-use bugs: They don’t affect many people, but if you’re one of the stuckees, you’re up the ol’ creek.

To read this article in full, please click here

Woody Leonhard

Microsoft Patch Alert: January patches include a reprisal of KB 4023057 and a swarm of lesser bugs

2 months 3 weeks ago

In general, the January patches look relatively benign, but for some folks in some situations they can bite. Hard.

On the surface we’ve seen the usual Patch Tuesday Cumulative Updates and secondary Cumulative Updates for all versions of Windows 10. Microsoft calls the secondary Cumulative Updates “optional” because you only get them if you click “Check for updates.”

[ Related: How to clean up your Windows 10 act ]

Windows 7 and 8.1 got their usual Monthly Rollups, but there’s a problem. Specifically, this month’s Win7 Monthly Rollup has a couple of bugs that are only fixed if you install the preview of February’s Monthly Rollup. Which makes no sense at all, but that’s Microsoft. There’s another Win7 Monthly Rollup bug that’s fixed by installing a different “silver bullet” patch.

To read this article in full, please click here

Woody Leonhard

Microsoft Patch Alert: January patches include a reprisal of KB 4023057 and a swarm of lesser bugs

2 months 3 weeks ago

In general, the January patches look relatively benign, but for some folks in some situations they can bite. Hard.

On the surface we’ve seen the usual Patch Tuesday Cumulative Updates and secondary Cumulative Updates for all versions of Windows 10. Microsoft calls the secondary Cumulative Updates “optional” because you only get them if you click “Check for updates.”

[ Related: How to clean up your Windows 10 act ]

Windows 7 and 8.1 got their usual Monthly Rollups, but there’s a problem. Specifically, this month’s Win7 Monthly Rollup has a couple of bugs that are only fixed if you install the preview of February’s Monthly Rollup. Which makes no sense at all, but that’s Microsoft. There’s another Win7 Monthly Rollup bug that’s fixed by installing a different “silver bullet” patch.

To read this article in full, please click here

Woody Leonhard

It's a hack!

2 months 3 weeks ago

It's a few years after Y2K, and this pilot fish has overall responsibility for all things related to his company's website.

"Like most corporations, our company had a policy that computers and laptops were to be used only for company business, along with policies governing the appropriate use of the internet in the work environment," fish says.

"After arriving at work one morning, I opened my email to find a frantic message from our CEO to me and our internet security manager, stating that our website had been hacked."

The big boss knows this is the case because there are spammy images and text on the home page, among other issues. Not surprisingly, the CEO is adamant that this must be resolved ASAP.

To read this article in full, please click here

Sharky

Blockchain: The complete guide

2 months 3 weeks ago

Blockchain, which began to emerge as a real-world tech option in 2016 and 2017, is poised to change IT in much the same way open-source software did a quarter century ago. And in the same way Linux took more than a decade to become a cornerstone in modern application development, Blockchain will likely take years to become a lower cost, more efficient way to share information and data between open and private business networks.

Based on a distributed, peer-to-peer (P2P) topology, blockchain or distributed ledger technology (DLT) allows data to be stored globally on thousands of servers – while letting anyone on the network see everyone else's entries in real-time. That makes it difficult for one user to gain control of, or game, the network.

To read this article in full, please click here

Lucas Mearian

Get 140+ Hours Of CompTIA Certification Training For $59 (90% Off)

2 months 3 weeks ago

Knowing how to design, build out, grow, and manage Internet Technology (IT) firms, departments, and facilities provides what you need to take charge in today's most challenging and lucrative IT environments. And lifetime access to the Complete CompTIA Certification Training Bundle is exactly what you need to get the required training and ensuing certifications.

To read this article in full, please click here

DealPost Team

Apple’s Group FaceTime: A place for spies?

2 months 3 weeks ago

Apple has disabled Group FaceTime following discovery of a flaw that could potentially let people hear audio from other people’s devices without permission. What’s going on and what can you do about it?

The Group FaceTime bug, in brief

9to5Mac report based on a video published to Twitter by @BmManski that revealed this flaw lets a user listen to audio captured using another person’s device before they accept or reject the call requesting a FaceTime chat. The problem affects only iOS devices running iOS 12.1 or later (pending an update).

To read this article in full, please click here

Jonny Evans

Apple’s Group FaceTime: A place for spies?

2 months 3 weeks ago

Apple has disabled Group FaceTime following discovery of a flaw that could potentially let people hear audio from other people’s devices without permission. What’s going on and what can you do about it?

The Group FaceTime bug, in brief

9to5Mac report based on a video published to Twitter by @BmManski that revealed this flaw lets a user listen to audio captured using another person’s device before they accept or reject the call requesting a FaceTime chat. The problem affects only iOS devices running iOS 12.1 or later (pending an update).

To read this article in full, please click here

Jonny Evans

Sharding: What it is and why many blockchain protocols rely on it

2 months 4 weeks ago

As blockchains are being rolled out in an increasing number of pilot programs for everything from cross-border financial transactions to supply chain management, one persistent issue remains: a lack of scalability.

As more computers join the peer-to-peer network, the efficiency of the whole system typically degrades.

[ Further reading: What is FinTech (and how has it evolved)? ]

Scalability has already been identified as an issue with cryptocurrencies such as bitcoin and Ethereum's Ether. If a distributed ledger is to achieve adoption by financial technology (FinTech) companies and compete with payment networks hundreds of times faster, it must find a way to boost scalability and throughput and address latency problems.

To read this article in full, please click here

Lucas Mearian

Get 3 Years of NordVPN Service for Just $2.99 Per Month - Deal Alert

3 months ago

NordVPN promises a private and fast path through the public internet, with no logs, unmetered access for 6 simultaneous devices and access to 5,232 servers worldwide. They are currently running a promotion, but you'll have to use this link to find it. Its typical price has been discounted for 3 years of service -- a good deal at just $2.99 per month.  See the $2.99/month NordVPN deal here.

To read this article in full, please click here

DealPost Team

'We need new privacy laws,' urges Apple CEO Tim Cook

3 months 1 week ago

In a sidelong slap at the business model of Facebook, Google and others, Apple CEO Tim Cook has published an article in which he urges the U.S. government to put surveillance capitalists/data brokers under transparent legal oversight.

Stand up for your rights

“In 2019, it's time to stand up for the right to privacy — yours, mine, all of ours.” Cook writes in an article for Time Magazine.

To read this article in full, please click here

Jonny Evans

Start-up Devvio claims its blockchain can handle 8M transactions a second

3 months 1 week ago

A start-up firm claims its highly efficient distributed ledger protocol can address all the major problems facing blockchain networks, including being able to scale for global financial business by executing up to eight million transactions per second (TPS).

The new blockchain protocol, called Devv, was unveiled and demonstrated at CES in Las Vegas last week.

If the claims prove true, Devv would be able to compete with traditional financial networks in terms of scalability, be far less expensive to use and would address fraud, theft and privacy issues. Like many blockchain protocols, Devv is not just a peer-to-peer (P2P) database technology but also a digital currency or cryptocurrency called Devcash.

To read this article in full, please click here

Lucas Mearian

How to create and open compressed files on iPhone, iPad

3 months 2 weeks ago

Many enterprises rely on zip files to exchange data, particularly confidential data. And compression helps keep information safe, even against inquisitive ads trackers lurking inside “free” email or online storage services. How do you handle these things on iPad or iPhone?

How to handle zip files on iPhone

While it isn’t especially obvious, iOS provides some limited features that let you archive and decompress zip files. You can even create a nice little Shortcut to do this for you:

  • Open Shortcuts, Tap Create Shortcut.
  • In the search bar, type Extract Archive: That shortcut should appear in the list below; tap it to add it to your workflow.
  • Returning to the search bar, type Save File. When it appears, tap it to add it to the workflow you are building.
  • Tap the switch button at top right of the shortcut name.
  • In the next pane, you can name the shortcut and give it an icon. The most important change you should make is to enable Show in Share Sheet (flick to green).
  • You can create a second Shortcut to make archives. Just type Make Archive to find the relevant flow and then add Save File and Show in Share Sheet as decribed above. Remember to give it a name, such as Make Archive.
  • Shortcuts can work with multiple compression formats, including .tar, .zip and .iso.
[ Further reading: The wireless road warrior’s essential guide ]

How to use the zip files shortcut:

To read this article in full, please click here

Jonny Evans

How to create and open compressed files on iPhone, iPad

3 months 2 weeks ago

Many enterprises rely on zip files to exchange data, particularly confidential data. And compression helps keep information safe, even against inquisitive ads trackers lurking inside “free” email or online storage services. How do you handle these things on iPad or iPhone?

How to handle zip files on iPhone

While it isn’t especially obvious, iOS provides some limited features that let you archive and decompress zip files. You can even create a nice little Shortcut to do this for you:

  • Open Shortcuts, Tap Create Shortcut.
  • In the search bar, type Extract Archive: That shortcut should appear in the list below; tap it to add it to your workflow.
  • Returning to the search bar, type Save File. When it appears, tap it to add it to the workflow you are building.
  • Tap the switch button at top right of the shortcut name.
  • In the next pane, you can name the shortcut and give it an icon. The most important change you should make is to enable Show in Share Sheet (flick to green).
  • You can create a second Shortcut to make archives. Just type Make Archive to find the relevant flow and then add Save File and Show in Share Sheet as decribed above. Remember to give it a name, such as Make Archive.
  • Shortcuts can work with multiple compression formats, including .tar, .zip and .iso.
[ Further reading: The wireless road warrior’s essential guide ]

How to use the zip files shortcut:

To read this article in full, please click here

Jonny Evans

Enterprise iPhones will soon be able to use security dongles

3 months 2 weeks ago

Enterprise security professionals will be pleased to learn that it will soon be possible to enhance the already considerable device security of Apple’s iPhones with hardware-based physical authentication dongles using the Lightning port.

A highly secure proposition

Announced at CES 2019, the key fits on a keyring and comes from the authorization experts at Yubico. The hardware connects to iOS systems using the Lightning connection and is also equipped with USB-C for Macs. This is quite a big deal.

To read this article in full, please click here

Jonny Evans
Checked
40 minutes 33 seconds ago
Computer World Security
Subscribe to Computer World Security feed

About SecurityFeeds

SecurityFeeds Logo

Tim Weil is a Security Architect/IT Security Manager with over twenty five years of IT management, consulting and engineering experience in the U.S. Government and Communications Industry.  Mr. Weil's technical areas of expertise include IT Security Management, Enterprise Security Architecture, FISMA Compliance, Identity Management, and Network Engineering. Mr. Weil is a Senior Member of the IEEE and has served in several IEEE positions.