Credit to Author: Danny Bradbury| Date: Thu, 15 Aug 2019 13:03:19 +0000
There are many ways to compromise company data, but IT teams often overlook one of the most serious: the humble printer.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/nskUwQnmN2Q” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Woody Leonhard| Date: Thu, 15 Aug 2019 05:28:00 -0700
August is going to be a perilous patching month.
We’re tracking down credible reports of the Server 2012 R2 Monthly rollup breaking RDP logins, a conflict between the Win10 1903 cumulative update and last month’s version of Outlook 365, confusion about Win7 patches being branded as “IA64 only,” dealing with the lack of telemetry (!) in the August Win7 Security Only patch, much mayhem trying to install SHA-2 signed patches (including the Win7 Monthly Rollup) on systems using Symantec Endpoint Protection, even more confusion over the difference between Symantec Endpoint Protection and Norton Security Suite, and lots of the usual installation failures and rollbacks.
Credit to Author: Jonny Evans| Date: Thu, 15 Aug 2019 04:15:00 -0700
Alternative search engines such as DuckDuckGo are attracting growing numbers of privacy focused users, but there’s no doubt that Google dominates the industry, even on Apple products. Fortunately, there are several ways to make your Google activity more private.
Do you use Gmail? Did you one use Google +? Perhaps you employ Google Drive, Google Docs or any of the company’s other products. If so, you have a Google account.
Credit to Author: Lisa Vaas| Date: Thu, 15 Aug 2019 10:58:55 +0000
The vanity plate sounded good in theory: maybe it would make his plate invisible to ALPR systems?!<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/0V6dSt5YHpQ” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: John E Dunn| Date: Thu, 15 Aug 2019 10:41:09 +0000
When users of hacking forums turn on each other, expect things to get messy quickly.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/xvjD6W7zzTE” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Lisa Vaas| Date: Thu, 15 Aug 2019 10:15:55 +0000
Facebook says it’s paused the practice of collecting voice clips and sending them to employees to transcribe and analyze.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/ygMZYoeBESk” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Gregg Keizer| Date: Thu, 15 Aug 2019 03:00:00 -0700
Google and Mozilla have decided to eliminate visual signals in their Chrome and Firefox desktop browsers of special digital certificates meant to assure users that they landed at a legitimate site, not a malicious copycat.
The certificates, dubbed “Extended Validation” (EV) certificates, were a subset of the usual certificates used to encrypt browser-to-server-and-back communications. Unlike run-of-the-mill certificates, EVs can be issued only by a select group of certificate authorities (CAs); to acquire one, a company must go through a complicated process that validates its legal identity as the site owner. They’re also more expensive.
The idea behind EVs was to give web users confidence that they were at their intended destination, that the site computerworld.com, for instance, was owned by its legal proprietor, IDG, and not a fishy – and phishy – URL run by It’s Crooks All the Way Down LLC and chockablock with malware. Browsers quickly took to the concept, rewarding EV-secured sites with in-your-face visual cues, notably the verified legal identity in front of the domain in the address bar. The identity was often shaded in green as an additional tip-off. (Chrome dismissed the green in September 2018 as of Chrome 69.)
Credit to Author: Lisa Vaas| Date: Wed, 14 Aug 2019 10:18:51 +0000
So much for trusting the Tor network to hide their tracks.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/W3IQrFPLq9A” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Brian Barrett| Date: Wed, 14 Aug 2019 00:51:05 +0000
Security researcher Joseph Tartaro thought NULL would make a fun license plate. He’s never been more wrong.
Read more
Credit to Author: Andy Greenberg| Date: Tue, 13 Aug 2019 23:21:23 +0000
Vulnerabilities in Microsoft’s Remote Desktop Protocol continue to plague the web.
Read more