For March's Patch Tuesday, no zero-day flaws

Microsoft this week pushed out 61 Patch Tuesday updates with no reports of public disclosures or other zero-days affecting the larger ecosystem (Windows, Office, .NET). Though there are three updated packages from February, they’re just informational changes with no further action is required.

The team at Readiness has crafted this helpful infographic outlining the risks associated with each of the March updates.

To read this article in full, please click here

Read more

A call for digital-privacy regulation 'with teeth' at the federal level

Credit to Author: scot.finnie@gmail.com| Date: Wed, 13 Mar 2024 03:00:00 -0700

How did we get to the point where the tech industry is in the user-data business instead of the tech business?

Every day, Google collects data on billions of people worldwide, according to The Regulatory Review. The dodge that users gain some benefit from ad targeting is fallacy. For example, if Google’s search were decoupled from its advertising, there would be less chance for users to be misled by ignored search terms and seemingly hard-wired results.

There’s nothing beneficial to the user about Google’s sponsored search results. That’s also true of  the adjacent Google ads that follow you around from site to site.

To read this article in full, please click here

Read more

EC's use of Microsoft 365 violates data-privacy rules, watchdog group says

The European Commission (EC) has violated several key data protection rules in its use of Microsoft 365 regarding the transfer of people’s personal data from Europe to other regions not covered by EU data-protection laws, a key European privacy watchdog found.

The European Data Protection Supervisor (EDPS) on Tuesday chastized the EC after finding it did not take proper protective measures when sending personal data outside the EU and European Economic Area (EEA) when using the cloud-based app.

To read this article in full, please click here

Read more

Researchers, legal experts want AI firms to open up for safety checks

More than 150 leading artificial intelligence (AI) researchers, ethicists and others have signed an open letter calling on generative AI (genAI) companies to submit to independent evaluations of their systems, the lack of which has led to concerns about basic protections.

The letter, drafted by researchers from MIT, Princeton, and Stanford University, called for legal and technical protections for good-faith research on genAI models, which they said is hampering safety measures that could help protect the public.

To read this article in full, please click here

Read more

EC to grill Meta on Facebook ‘subscription for no ads’ plan

The European Commission (EC) on Friday said it needs more information from Facebook and Instagram parent company Meta to assess its compliance with applicable privacy and security laws in the European Union (EU).

The EC, in a statement, said Meta also needs to speed up its responses to requests in December for information, which centered on election information, terrorism and the protection of minors. The company has until March 15 to provide that information, with the new info about Meta’s pay-to-opt-out-of-tracking program due March 22.

To read this article in full, please click here

Read more

Apple warns of increased iPhone security risks

Apple is telling European customers that new EU competition laws will make iPhones less safe once the company is forced to open up its platforms to third-party App Stores. The company, not exactly happy about this, has published a 32-page white paper where it spells out the risks arising from the EU’s big experiment.

The EU’s formal adoption of the Digital Markets Act (DMA) means Apple must make several changes to its App Store and business models. Changes include the introduction of support for third-party app stores, opening up to payment systems other than Apple Pay, and more.

To read this article in full, please click here

Read more

Eight European consumer watchdogs file complaints over Meta’s data processing

Eight European consumer organizations have filed complaints against Facebook parent Meta accusing it of breaching the EU’s General Data Protection Regulation (GDPR) with its so-called “pay-or-consent” policy and opaque internal policies.

The organizations are all members of BEUC, the European Consumer Organization.  Their complaints, publicized Thursday, argue that the large-scale consumer data collection practiced by Meta violates the GDPR, and that the company has abused its dominant market position to essentially coerce customers into accepting its terms. Each of the eight groups filed their complaints with their national data protection authorities, as there is no pan-European office to accept such complaints.

To read this article in full, please click here

Read more

Download: UEM vendor comparison chart 2024

Credit to Author: ,| Date: Wed, 28 Feb 2024 03:00:00 -0800

Unified endpoint management (UEM) is a strategic IT approach that consolidates how enterprises secure and manage an array of deployed devices including phones, tablets, PCs, and even IoT devices.

As remote and hybrid work models have become the norm over the past two years, “mobility management” has come to mean management of not just mobile devices, but all devices used by mobile employees wherever they are. UEM tools incorporate existing enterprise mobility management (EMM) technologies, such as mobile device management (MDM) and mobile application management (MAM), with tools used to manage desktop PCs and laptops.

To read this article in full, please click here

Read more

Enterprise mobility 2024: Welcome, genAI

Generative artificial intelligence (genAI) has become a focal point for many organizations over the past year, so it should come as no surprise that the technology is moving into the enterprise mobility space, including unified endpoint management (UEM).

“Generative AI is the latest trend to impact the UEM space,” says Andrew Hewitt, principal analyst, Forrester. “This has been the main topic of interest in the last year. We see generative AI having impacts in multiple areas, such as script creation, knowledge-based article creation, NLP [natural language processing]-based querying of endpoint data, and help desk chatbots. All of these are considerations for inclusion within the UEM stack.”

To read this article in full, please click here

Read more

Microsoft, OpenAI move to fend off genAI-aided hackers — for now

Of all the potential nightmares about the dangerous effects of generative AI (genAI) tools like OpenAI’s ChatGPT and Microsoft’s Copilot, one is near the top of the list: their use by hackers to craft hard-to-detect malicious code. Even worse is the fear that genAI could help rogue states like Russia, Iran, and North Korea unleash unstoppable cyberattacks against the US and its allies.

The bad news: nation states have already begun using genAI to attack the US and its friends. The good news: so far, the attacks haven’t been particularly dangerous or especially effective. Even better news: Microsoft and OpenAI are taking the threat seriously. They’re being transparent about it, openly describing the attacks and sharing what can be done about them.

To read this article in full, please click here

Read more