Security

Microsoft Defender has come in last in two separate tests of Windows 11 security software. It's a surprise result given it generally did well on Windows 10. There's some comfort for Microsoft, however, as the nature of the testing means many users ... won't notice that much difference in practice. That's important given Microsoft Defender (previously Windows Defender) is built-in to Windows 11. The first rankings came from AV-Test, which describes itself as "The Independent IT-Security Institute." It ran a series of tests on 19 products using "realistic test scenarios" and "real-world threats." ( ... (view more)

Android users have been urged to check their phone has the latest security patches. It follows a researcher accidentally uncovering a significant flaw in the screen lock. The researcher discovered the problem on a Google Pixel 6 and replicated it on ... a Pixel 5. The problem appears to affect phones running Android 10 or later that use a SIM card, not just those made by Google. However, some reports suggest it doesn't affect Samsung handsets. The problem is with the personal unblocking key (PUK). That's a way to regain access to a handset that's been locked after forgetting the phone's passcode ... (view more)

"Password" and "123456" continue to battle it out for the worst password choice according to two annual studies. While this tells us very little about why users continue to use such weak passwords, there's some mixed news elsewhere. Several ... companies chase headlines each year by publishing lists of the worst passwords, meaning the ones that appear most frequently. The data source is usually a collection of stolen website login databases published online. Sometimes these are stored in plain text while sometimes cyber criminals have successfully cracked decryption. The ... (view more)

A government plans to scan every Internet-connected device in the country for vulnerabilities. The agency concerned insists it won't compromise privacy. The scan is the work of the United Kingdom's National Cyber Security Centre (NCSC). It says its ... looking for zero-day vulnerabilities, meaning security holes that hackers are actively exploiting before a fix is available. The NCSC says it will regularly scan all Internet connected devices based in the UK. It doesn't intend to access any data on devices but instead simply make a connection request. The scanning software will then log any ... (view more)

Adobe is charging an additional monthly fee to use particular colors in Photoshop. Some users have even seen parts of existing images turn black. The seemingly bizarre policy is all to do with Adobe's commercial agreement with Pantone, a company ... that offers services helping businesses create a consistent color scheme, such as branding. Historically, Adobe included more than 2,000 specific colors that are part of Pantone's "Color Matching Scheme". The idea of the scheme is to use a common reference that means any two uses of the color will look the same, no matter the origin or ... (view more)

A new study suggests Microsoft Defender's effectiveness varies dramatically on the setting. It's one of the best for online-based threats, but among the worst performers for offline-based threats. The study is from AV Comparatives, which runs ... regular tests on more than a dozen leading cyber security tools. (Source: av-comparatives.org ) The results for Microsoft Defender are particular noteworthy for two reasons. First, it's the default, built-in tool for modern versions of Windows, meaning hundreds of millions of people use it. Second, it's often argued that Defender does a good enough job ... (view more)

Researchers say a thermal imaging camera could help crack passwords. It's not exactly a looming threat for the average user, though the study does reinforce the important of longer passwords. The research from the University of Glasgow appears to ... have been inspired by noticing that thermal-imaging cameras are becoming more affordable (less than $220 in some cases) and wondering how they could combine with machine learning. The researchers say they same idea may have struck would-be criminals, so it was worth trying to get one step ahead of them. (Source: zdnet.com ) The project followed a ... (view more)

Microsoft has added a new feature to warn users when they type their Windows password into a scam site. It's particularly aimed at people who reuse passwords, a particularly risky approach. "Enhanced Phishing Protection" is available to both ... consumer and business users who've installed 22H2, the first major update for Windows 11. However, it's not yet switched on by default and instead users must enable it in settings menus. The relevant menus are Start, Settings, Privacy ... (view more)

A popular malware-fighting tool left users unable to access Google and YouTube after a blunder. It's the second time Google has been hit by false positives in the past few weeks. This problem affected Malwarebytes, one of the more popular security ... tools other than those built in to operating systems. Specifically, the problem was with the premium version of Malwarebytes that integrates with web browsers, checks links the user might visit, and blocks the link if it points to a domain believed to pose a security risk. Such risks can include look-alike sites used for phishing scams to try to ... (view more)

A former diplomat says the amount of data shared and sold in the US puts the country at security risk. Karen Kornbluh said businesses gathering data on a large scale created a "national security loophole." She also points to a recent warning that ... China was attempting to gather data, both legally and illegally, about US citizens' health. The country is thought to be looking for blackmail material, for example on people in positions of power who have been treated for mental illness or embarrassing physical complaints. (Source: dni.gov ) Kornbluh previously held senior roles at the Federal ... (view more)