small and medium business – Page 8 – PossibleThreat Articles

How Microsoft is helping Ukraine’s cyberwar against Russia

January 24, 2023 0 Comments Microsoft, Security, small and medium business, Windows

One of the big surprises in Russia’s war against Ukraine has been how well Ukraine has fended off Russian cyberattacks. Ad hoc groups of white-hat hackers have helped, as have a number of nations and the US government.

Less well known is that tech companies, including Microsoft, are part of the effort. That aid ranges from giving advice to identifying attacks, offering fixes for them, and providing Ukraine with free tech and security services.

Microsoft isn’t just trying to help defend a country under siege from an aggressive, more-powerful neighbor. Russian cyberattacks against Ukraine can also get loose in the wild and do damage to enterprises and organizations that rely on Microsoft technology. (Russia could also deliberately target private companies with those attacks.)

To read this article in full, please click here

ComputerWorld Independent

Patch now to address critical Windows zero-day flaw

January 13, 2023 0 Comments Microsoft, Microsoft Office, Security, small and medium business, Windows

The first Patch Tuesday of the year from Microsoft addresses 98 security vulnerabilities, with 10 classified as critical for Windows. One vulnerability (CVE-2023-21674) in a core section of Windows code is a zero-day that requires immediate attention. And Adobe has returned with a critical update, paired with a few low-profile patches for the Microsoft Edge browser.

We have added the Windows and Adobe updates to our “Patch Now” list, recognizing that this month’s patch deployments will require significant testing and engineering effort. The team at Application Readiness has provided a helpful infographic that outlines the risks associated with each of the updates for this January update cycle.

To read this article in full, please click here

ComputerWorld Independent

Why enterprises should embrace remote work in 2023

December 22, 2022 0 Comments Apple, Mobile, remote work, Security, small and medium business

Many businesses are looking to cut costs as economies face recession, but some enterprises may be ignoring one of the most effective ways to trim the fat while boosting productivity — by embracing remote working.

The power is in your hands

We know Macs, iPhones, and iPads have been seeing increased deployment across the enterprise. We also know (because IBM, SAP and so many companies tell us) that businesses that embrace Apple kit also see reduced overall cost of ownership and lower tech support costs. Employee choice delivers big benefits.

To read this article in full, please click here

ComputerWorld Independent

As China pushes its digital currency plans, the US falls behind

December 21, 2022 0 Comments Financial Services Industry, Government IT, Mobile, Security, small and medium business

China’s digital Yuan project, a blockchain-based cryptocurrency for consumer and commercial finance, can no longer be considered a pilot. That’s the assessment by economic and cryptocurrency experts.

Those experts have been monitoring efforts in China and other countries developing and piloting central bank digital currencies (CBDCs) with the aim of establishing a blockchain-based virtual cash that is cheaper to use and faster to exchange, both at home and across international borders.

To date, the People’s Bank of China has distributed the digital yuan, called e-CNY, to 15 of China’s 23 provinces, and it has been used in more than 360 million transactions totaling north of 100 billion yuan, or $13.9 billion. The country has literally given away millions of dollars worth of digital yuan through lotteries, and its central bank has also participated in cross-border exchanges with several nations.

To read this article in full, please click here

ComputerWorld Independent

The trials and tribulations of Microsoft’s KB5012170 patch

December 19, 2022 0 Comments Microsoft, Security, small and medium business, Windows

KB5012170 is many things to many Windows users. First, it’s a patch that either installs with no problems or leads to a blue screen of death (BSOD). It can also be an indicator we have a problem getting updated drivers on our systems. It can demonstrate how users don’t keep up with Bios updates. And it shows that some OEMs enable Bitlocker on the systems they sell (not necessarily in a good way).

In short, it’s a problematic patch that just keeps rearing its head.

Also known as “Security Update for Secure Boot DBX,” KB5012170 was released earlier this year and makes improvements to the Secure Boot Forbidden Signature Database (DBX). Windows devices that have Unified Extensible Firmware Interface (UEFI)-based firmware have Secure Boot enabled. It ensures only trusted software can be loaded and executed on during the boot process by using cryptographic signatures to verify the integrity of the process and the software being loaded.

To read this article in full, please click here

ComputerWorld Independent

Patch Tuesday: Two zero-day flaws in Windows need immediate attention

December 16, 2022 0 Comments Microsoft, Security, small and medium business, Windows

Microsoft’s December Patch Tuesday updated delivers 59 fixes, including two zero-days (CVE-2022-44698 and CVE-2022-44710) that require immediate attention on the Windows platform. This is a network focused update (TCP/IP and RDP) that will require significant testing with an emphasis on ODBC connections, Hyper-V systems, Kerberos authentication, and printing (both local and remote).

Microsoft also published an urgent out-of-band update (CVE-2022-37966) to address serious Kerberos authentication issues. (The team at Readiness has provided a helpful infographic that outlines the risks associated with each of these updates.)

To read this article in full, please click here

ComputerWorld Independent

Patch Tuesday: Two zero-day flaws in Windows zero-days immediate attention

December 16, 2022 0 Comments Microsoft, Security, small and medium business, Windows

To read this article in full, please click here

ComputerWorld Independent

Microsoft calls time out on Apple Watch Authenticator

December 15, 2022 0 Comments Apple, Microsoft, Mobile, Security, small and medium business

Using an Apple Watch as a device to authenticate access to enterprise sites and services using Microsoft Authenticator is a convenience that’s about to go away. Microsoft says the feature will stop working after an Authenticator update scheduled for next month.

Apple Watch auth out

Microsoft Authenticator makes it easy to sign into Microsoft accounts, supported apps or services using two-step verification. Authenticator also generates one-time use codes, so you needn’t wait for text messages or calls to access your accounts.

To read this article in full, please click here

ComputerWorld Independent

Biometrics are even less accurate than we thought

December 5, 2022 0 Comments Android, iOS, Mobile, Security, small and medium business

Credit to Author: eschuman@thecontentfirm.com| Date: Mon, 05 Dec 2022 09:43:00 -0800

Biometrics is supposed to be one of the underpinnings of a modern authentication system. But many biometric implementations (whether that be fingerprint scanes or face recognition) can be wildly inaccurate, and the only universally positive thing to say about them is they’re better than nothing.

Also — and this may prove critical — the fact that biometrics are falsely seen as being very accurate may be sufficient to dissuade some fraud attempts.

There are a variety of practical reasons biometrics don’t work well in the real world, and a recent post by a cybersecurity specialist at KnowBe4, a security awareness training vendor, adds a new layer of complexity to the biometrics issue.

To read this article in full, please click here

ComputerWorld Independent

AWS brings Verified Access security to the Apple enterprise

November 30, 2022 0 Comments amazon.com, Apple, Mobile, mobile device management, Security, small and medium business

Amazon is introducing its next-gen AWS Verified Access security technology. At its annual AWS re: Invent show, the company confirmed the tech will be made available to enterprises running Apple products thanks to partnerships with Jamf, JumpCloud, and other device management vendors in the space.

To read this article in full, please click here