PossibleThreat Articles

Articles for the experts…

ComputerWorld

ComputerWorld Independent 

For Patch Tuesday, 48 updates, no zero-day flaws

0 Comments , , ,

Microsoft has eased us into the new new year with just 48 updates for the Windows, Office and .NET platforms. There were no zero-days for January, and no reports of publicly exposed vulnerabilities or exploited security issues.

Developers of complex, line-of-business applications might need to pay particular attention to how Microsoft has updated the Message Queue system. Printing has been patched and minor updates to bluetooth and Windows shell sub-systems (shortcuts and wallpaper) require some testing before deployment.

The team at Readiness has crafted a useful infographic that outlines the risks associated with each of the updates for this January release.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Security tips for Apple-using workers in co-working spaces

0 Comments , , , ,

For Apple-using workers on the go, especially if you frequent shared co-working spaces or public places, don’t assume you’re as secure as you think you are.  

Co-working spaces are particularly under threat, in part because criminals have already figured out that the people using them are good targets for data theft, ransomware, and more.

They’ve also realized that at least some of those working from such spaces might well be part of, or connected with, larger corporate entities — meaning a successful data heist could unlock the gates to greater and more profitable kingdoms. There are useful resources from government and industry aimed at helping workers lock down their devices and data. In the US, for instance, the National Institute of Standards and Technology has published a useful guide to explain some of the risks, while the US Office of Personnel Management offered up even more useful advice.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Will super chips disrupt the 'everything to the cloud' IT mentality?

0 Comments , , ,

Credit to Author: eschuman@thecontentfirm.com| Date: Wed, 10 Jan 2024 03:00:00 -0800

Enterprise IT for the last couple of years has grown disappointed in the economics — not to mention the cybersecurity and compliance impact — of corporate clouds. In general, with a few exceptions, enterprises have done little about it; most saw the scalability and efficiencies too seductive.

Might that change in 2024 and 2025?

Apple has begun talking about efforts to add higher-end compute capabilities to its chip, following similar efforts from Intel and NVIDIA. Although those new capabilities are aimed at enabling more large language model (LLM) capabilities on-device, anything that can deliver that level of data-crunching and analytics can also handle almost every other enterprise IT task. 

To read this article in full, please click here

Read more
ComputerWorld Independent 

How to securely erase your Android device in 3 simple steps

0 Comments , , , , ,

It’s an inevitable moment in the smartphone-owning cycle: the point at which a newer, shinier model comes along and your trusty old device is no longer needed.

Maybe your company bought you a new Android phone. Maybe your old one was getting too slow. Or maybe you just love electronics and couldn’t resist the lure of whatever eye-catching new Android gizmo your favorite manufacturer started selling.

Whatever the case, it’s common nowadays to find yourself with an extra phone. And while there are plenty of practical uses for an old Android device, there’s also a time when the best choice is to sell, donate, or otherwise pass it along.

To read this article in full, please click here

Read more
ComputerWorld Independent 

The top 10 tech stories of 2023

0 Comments , , , , , , ,

The top technology stories of 2023 highlight fundamental changes in culture and geopolitics as well as tech itself: It’s clear that generative AI will affect all aspects of technology and society, while geopolitical tensions are sparking cybersecurity attacks globally. General unease about the dominance of big tech, meanwhile, is pushing regulators to get tougher on mopolistic business practices and multibillion-dollar mergers.

Fired! Rehired! Sam Altman’s ouster and return to OpenAI

sam altman openai Shutterstock

The ouster of Sam Altman as CEO of OpenAI, which sparked the modern era of generative AI when it launched ChatGPT a year earlier, was the tech industry shocker of the year. After the board issued a mysterious statement on November 17 saying that it had fired Altman for not being “consistently candid,” Microsoft announced that it would hire Altman and any other OpenAI employees who wanted to follow him out the door — which turned out to be almost all of them. OpenAI backed down and rehired Altman.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Choosing a genAI partner: Trust, but verify

0 Comments , , ,

Credit to Author: eschuman@thecontentfirm.com| Date: Tue, 19 Dec 2023 10:03:00 -0800

Enterprise executives, still enthralled by the possibilities of generative artificial intelligence (genAI), more often than not are insisting that their IT departments figure out how to make the technology work. 

Let’s set aside the usual concerns about genAI, such as the hallucinations and other errors that make it essential to check every single line it generates (and obliterate any hoped-for efficiency boosts). Or that data leakage is inevitable and will be next to impossible to detect until it is too late. (OWASP has put together an impressive list of the biggest IT threats from genAI and LLMs in general.) 

To read this article in full, please click here

Read more
ComputerWorld Independent 

For December, an exceptionally light Patch Tuesday

0 Comments , , ,

Over the past year, we’ve seen Microsoft make radical improvements in its browser stability and significant positive changes to its Windows update communication and telemetry strategies.  And this month’s Patch Tuesday release brings with it an incredibly light set of updates — maybe the fewest number of updates I have ever seen.

There are no zero-days, which is a great finish to 2023, though Windows gets three critical updates and Visual Studio will require immediate attention due to several re-releases of past critical application patches.

The team at Readiness has created a helpful infographic to outline the risks associated with each update in this last release of 2023. One note of caution: we have seen several potential updates to older patches (October/November) potentially coming down the release pipeline from Microsoft. It might be worth checking in during the upcoming holiday break to see whether there are any out-of-band patches for the Windows ecosystem.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Internet traffic soars in 2023, with generative AI a standout trend: Report

0 Comments , ,

This year saw a 25% rise in global internet traffic, reflecting an increasing reliance on online services, according to a new report by cloud performance and security company Cloudflare.

In its annual Year in Review reports, Cloudflare offers an overview of online trends and security issues. This year, Cloudflare said, Google retained its position as the most popular internet site,  followed by Facebook, Apple, and TikTok. Facebook surpassed 2022’s leader, TikTok, in social media, with Instagram and Twitter/X also ranking highly.

The emerging category of generative AI services saw OpenAI in the lead, followed by Character AI, Quillbot, and Hugging Face.

To read this article in full, please click here

Read more
ComputerWorld Independent 

What is Stolen Device Protection for iPhone and how does it work?

0 Comments , , , ,

Take that, iPhone thieves — Apple is about to make it even more difficult to use its smartphones when you have no right to do so. In the upcoming iOS 17.3, it is testing out a new security system called “Stolen Device Protection.”

Here’s a look at what this is, and what it does.

Stolen Device Protection explained

Apple’s beta notes explain: “Stolen Device Protection adds an additional layer of security in the unlikely case that someone has stolen your iPhone and also obtained your passcode.”

The company explains the features this way:

  • Accessing your saved passwords requires Face/Touch ID to be sure it’s you.
  • Changing sensitive settings like your Apple ID password is protected by a security delay.
  • No delay is required when iPhone is at familiar locations such as home and work.

The idea is that Stolen Device Protection introduces another obstacle that makes it difficult for thieves to gain access to your data, erase it, or delete the device to factory fresh status for resale.

To read this article in full, please click here

Read more