security

Fri
23
Feb
John Lister's picture

Patch Tuesday a Must Install This Month

Microsoft has fixed two bugs which bypassed Windows security measures. Both were actively exploited before the fix, making it vital to install the updates. The fixes come in this month's "Patch Tuesday" update, the main monthly security update that ... Microsoft officially calls the "B update". It should download and install without further action for anyone with automatic updates switched on, but may need a reboot to complete. Both bugs affect most supported versions of Windows, including 10, 11 and Windows Server. Microsoft rates the two bugs as "important" and "moderate" respectively, though ... (view more)

Mon
18
Dec
John Lister's picture

iPhones Get Extra Security Measure

Apple is beefing up security measures to reduce the damage caused by iPhone thefts. The new "Stolen Device Protection" feature is opt-in, possibly because it comes at the expense of convenience. The feature is designed for cases when somebody steals ... a device and successfully enters the passcode. That could happen when a thief spots somebody typing in the passcode before they steal the handset. It could also happen if the thief knows some details about the victim and they have a predictable passcode such as a birth date. Anyone who unlocks a phone will still be able to use it and access apps ... (view more)

Mon
11
Dec
John Lister's picture

New Law Demands Five Years Of Security Patches

Tougher rules mean digital device and software manufacturers will have to report security breaches more quickly. They'll also have to offer security patches for at least five years. The rules come from the European Union. They technically only cover ... products sold in EU member countries, though in many such cases manufacturers change their behavior worldwide to comply with the rules. The financial penalties for breaking the rules take into account global turnover. The rules, which will become the Cyber Resilience Act, cover "products with digital elements." These include smart and connected ... (view more)

Mon
14
Aug
John Lister's picture

Google Admits Play Store Security Loophole

Google says malware creators are using a simple workaround to bypass security on the official Play Store for Android apps. The problem is that the simplest fix would undermine one of the key differences between Android and closed systems such as ... Apple. In theory, all apps in the Play Store are vetted for security, including malware checks. That's one of the reasons Google recommends only using the Play Store, while still giving users the choice to get and install Android software from other sources. The problem is that scammers are using an extremely simply workaround called "versioning". ... (view more)

Thu
03
Aug
John Lister's picture

Google: 0-Day Bugs Down, But Risk Still High

The number of 0-day bugs, which give hackers a dangerous advantage, fell in 2022 according to Google. However, the company warns this may risk misleading complacency that forgets other factors. The figures come from Google's Threat Analysis Group, ... which aims to track, identify and report security bugs, regardless of the software or hardware concerned. The logic is that the better Internet security is overall, the better it is for an Internet-dependent business such as Google. For the past nine years, it's put together an annual tally of 0-day bugs. While definitions vary, Google classes them ... (view more)

Tue
25
Jul
John Lister's picture

Google to Block Internet for Some Employees

Google will stop some of its employees accessing the Internet. It's a bold experiment to see if it can reduce security threats without affecting performance. The idea is reduce the risk of hackers getting access to employee machines, either to get ... hold of data on those machines or to use them as an entry point into Google's network. Perhaps unsurprisingly, Google's internal data is particularly attractive to attackers, whether they are seeking financial gain, political or commercial advantage, or plain old mischief making. For example, attackers being able to find out how Google ranks ... (view more)

Tue
11
Jul
John Lister's picture

Windows 95 and 98 Get Updates Again

Users of Windows versions dating right back to Windows 95 can now get updates for their system. It's thanks to an enthusiast project and is absolutely not meant to be a sensible alternative to using modern version of Windows. The Windows Update ... Restored site aims to recreate the official Microsoft web pages for getting feature and security updates for older versions of Windows. Those pages were used by people who chose to manually download and install updates rather than use automatic updates. Understandably, Microsoft has long since taken down the pages for updating many Windows versions ... (view more)

Thu
01
Jun
John Lister's picture

Amazon Hit By $30 Million Privacy Penalty

Amazon has agreed to pay a total of $30 million in penalties for privacy violations related to its Ring and Alexa devices, according to an announcement by the Federal Trade Commission (FTC). The penalties consist of $25 million for allegedly ... retaining children's data without deletion and $5.8 million for failing to limit employee and contractor access to Ring security videos. (Source: cnet.com ) The settlements do not require Amazon to make any admission of legal wrongdoing. (Source: theguardian.com ) Amazon Accused of Retaining Kid's Data The FTC accused Amazon of preventing parents from ... (view more)

Tue
16
May
John Lister's picture

Windows 10 Gets Forced Update

Microsoft is to forcibly upgrade computers running a version of Windows 10 that's about to stop being supported. It's billed as a way to keep users "protected and productive." The update will cover consumer devices plus "non-managed business ... devices" running Windows 10 version 21H2. That was the version with the major feature update in the second half of 2021. (Source: theregister.com ) The move should only affect users who have switched off automatic updates, which is why the forced update won't be to everyone's taste. The chances are that many people in this position have deliberately ... (view more)

Thu
20
Apr
John Lister's picture

Quantum Computing to Boost Security using Random Numbers

Quantum computers could produce genuinely random numbers according to new research. It could boost security, an ironic effect given fears over the ways cyber criminals could use quantum computing. In extremely simplified terms, a quantum computer ... uses quantum physics in which something can exist in more than one state at a time. That's in contrast to traditional computing where data is stored in bits that represent either a 0 or a 1 at any given time. To date, the main claimed advantage of quantum computing has been processing speed. The same "bit" representing multiple states removes a ... (view more)

Pages

Subscribe to RSS - security