August 2019 – Page 26 – PossibleThreat Articles

A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response

August 7, 2019 0 Comments CVE-2019-0887, cybersecurity, Endpoint security, Event Tracing for Windows (ETW), Exploit, Microsoft Defender Advanced Threat Protection, Microsoft security intelligence, Remote Desktop Protocol (RDP), Security Response, vulnerability, Windows Security

Credit to Author: Eric Avena| Date: Wed, 07 Aug 2019 23:50:25 +0000

Through a cross-company, cross-continent collaboration, we discovered a vulnerability, secured customers, and developed fix, all while learning important lessons that we can share with the industry.

The post A case study in industry collaboration: Poisoned RDP vulnerability disclosure and response appeared first on Microsoft Security .

Fortinet Security

Tricky Chinese-Targeted Trojan Bypasses Authentication

August 7, 2019 0 Comments

FortiGuard Labs uncovered a new campaign targeted at Chinese-speakers using malware that bypasses normal authentication by exploiting known WinRAR file (cve-2018-20250) and RTF file (cve-2017-11882) vulnerabilities. Read this analysis to learn more.<img src=”http://feeds.feedburner.com/~r/fortinet/blog/threat-research/~4/34AxhazOK7c” height=”1″ width=”1″ alt=””/>

ComputerWorld Independent

Microsoft relaxes telemetry rule for PCs managed with Windows Update for Business

August 7, 2019 0 Comments Microsoft, Security, Windows

Credit to Author: Gregg Keizer| Date: Wed, 07 Aug 2019 13:12:00 -0700

Microsoft has quietly relaxed a rule that prevented privacy-first organizations from managing the Windows Update for Business (WUfB) service using group policies.

With Windows 10 1903, aka “Windows 10 May 2019 Update,” which debuted in late May, organizations no longer are required to set the “diagnostic data level” for their devices to “Basic” or higher.

That diagnostic data level is a multi-step categorization of what Microsoft pulls from Windows devices and sends to its own servers. Also dubbed “telemetry,” the data harvesting is used by Microsoft for a range of tasks, notably deciding when a specific PC receives a feature upgrade.

To read this article in full, please click here

Fortinet Security

New Ursnif Variant Spreading by Word Document

August 7, 2019 0 Comments

FortiGuard Labs recently captured a number of Word documents that were spreading a new variant of the Ursnif trojan. Learn more about how it operates and the techniques it uses.<img src=”http://feeds.feedburner.com/~r/fortinet/blog/threat-research/~4/gB4h2sgbiiQ” height=”1″ width=”1″ alt=””/>

Security TrendMicro

XDR Needs Network Data and Here’s Why

August 7, 2019 0 Comments Managed Detection and Response, Security

Credit to Author: Jon Clay (Global Threat Communications)| Date: Wed, 07 Aug 2019 15:56:40 +0000

As we’ve discussed in previous blogs, XDR is a better way to detect attacks within a network since it is able to coordinate and collaborate threat intelligence and data across multiple threat vectors, including endpoint (including mobile and IIoT), server, network, messaging, web, and cloud. In this blog I want to discuss an area of…

The post XDR Needs Network Data and Here’s Why appeared first on .

MalwareBytes Security

8 ways to improve security on smart home devices

August 7, 2019 0 Comments 2fa, Alexa, Google Home, Internet of Things, IoT, Privacy, secure passwords, smart device, smart devices, smart home assistant

Credit to Author: Kayla Matthews| Date: Wed, 07 Aug 2019 15:00:00 +0000

Smart home devices aren’t the most secure, but they do make life more convenient. How can those who’ve embraced smart home tech stay as secure as possible? Here are eight ways.

Categories:

Tags: 2fa alexa Google Home Internet of Things IoT privacy secure passwords smart device smart devices smart home assistant

(Read more…)

The post 8 ways to improve security on smart home devices appeared first on Malwarebytes Labs.

Security Sophos

Don’t let the crooks ‘borrow’ your home router as a hacking server

August 7, 2019 0 Comments Botnet, cybersecurity, Hacking, home router, malware, ssh

Credit to Author: Paul Ducklin| Date: Wed, 07 Aug 2019 14:18:42 +0000

Crooks don’t have to break *into* your network to benefit – they can bounce *off* it so you take the blame and look like a hacker yourself.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/5y3xxyh3DoA” height=”1″ width=”1″ alt=””/>

Security TrendMicro

Digital skimmers: What are they and how can I keep my card details safe online?

August 7, 2019 0 Comments Consumer, Security

Credit to Author: Trend Micro| Date: Wed, 07 Aug 2019 14:05:18 +0000

A few weeks ago, British Airways was hit by the largest ever regulatory fine of its kind, after global customers visiting its website had their card data stolen. The $228m penalty levied by the UK’s privacy watchdog reflects the seriousness of the attack and the carrier’s failure to protect its customer’s personal and financial information….

The post Digital skimmers: What are they and how can I keep my card details safe online? appeared first on .

Security Wired

The Weird, Dark History of 8chan and Its Founder Fredrick Brennan

August 7, 2019 0 Comments Backchannel, Security

Credit to Author: Timothy McLaughlin| Date: Tue, 06 Aug 2019 22:00:23 +0000

Fredrick Brennan is appalled by the notorious chat site’s links to right-wing extremism and mass shootings. Inside his tortured journey through the web’s cesspool and his attempt at redemption.

Security Wired

A Model Hospital Where the Devices Get Hacked—on Purpose

August 7, 2019 0 Comments Security, Security / Security News

Credit to Author: Lily Hay Newman| Date: Tue, 06 Aug 2019 16:46:39 +0000

At this year’s Defcon Medical Device Village, hackers will attack real medical devices at a pretend hospital.