ComputerWorld – Page 26 – PossibleThreat Articles

Credit to Author: Greg Lambert| Date: Sat, 13 Aug 2022 04:58:00 -0700

Microsoft’s August Patch Tuesday release addresses 123 security issues in Microsoft Windows, Office, Exchange (it’s back!) and Visual Studio — and unfortunately, we have two zero-days with reports of active exploitation in the wild. Since this is a broad update, it will require planning and testing before deployment.

The first (CVE-2022-34713) occurs in the Windows diagnostic tools and the second (CVE-2022-30134) affects Microsoft Exchange. Basically, the holidays are over and it’s time to pay attention to Microsoft updates again. We have made “Patch Now” recommendations for Windows, Exchange and Adobe for this month.

To read this article in full, please click here

ComputerWorld Independent

Microsoft urges Windows users to run patch for DogWalk zero-day exploit

August 10, 2022 0 Comments Security, small and medium business, Windows

Credit to Author: Charlotte Trueman| Date: Wed, 10 Aug 2022 07:37:00 -0700

Microsoft has confirmed that a high-severity, zero-day security vulnerability is actively being exploited by threat actors and is advising all Windows and Windows Server users to apply its latest monthly Patch Tuesday update as soon as possible.

The vulnerability, known as CVE-2022-34713 or DogWalk, allows attackers to exploit a weakness in the Windows Microsoft Support Diagnostic Tool (MSDT). By using social engineering or phishing, attackers can trick users into visiting a fake website or opening a malicious document or file and ultimately gain remote code execution on compromised systems.

To read this article in full, please click here

ComputerWorld Independent

Banks face a WhatsApp reckoning as regulators clamp down on messaging apps

August 8, 2022 0 Comments Data privacy, Financial Services Industry, mobile apps

Credit to Author: Matthew Finnegan| Date: Mon, 08 Aug 2022 03:01:00 -0700

As regulators hand out hundreds of millions of dollars in fines for record-keeping failures related to the use of social messaging platforms such as WhatsApp, the finance industry faces a choice: properly enforce bans on the use of these apps or find ways to make them compliant.

“The explosion of new electronic communications channels — and the pervasive use of these — raises lots of red flags for the regulators,” said Anthony Diana, a partner at law firm Reed Smith’s Tech & Data Group. “The fear is that, if bad things are happening, they’re happening on these personal apps, not on the sanctioned communication channels that are surveilled.”

Anthony Diana, a partner at law firm Reed Smith’s Tech & Data Group.
To read this article in full, please click here

ComputerWorld Independent

Microsoft boosts threat intelligence with new Defender programs

August 4, 2022 0 Comments Threat and Vulnerability Management

Credit to Author: Shweta Sharma| Date: Thu, 04 Aug 2022 08:39:00 -0700

Drawing from its acquisition of RiskIQ, Microsoft is releasing Defender External Attack Surface Management and Defender Threat Intelligence.

ComputerWorld Independent

Microsoft bolsters threat intelligence security portfolio with two new products

August 4, 2022 0 Comments Threat and Vulnerability Management

Credit to Author: Shweta Sharma| Date: Thu, 04 Aug 2022 08:39:00 -0700

Drawing from its acquisition of RiskIQ, Microsoft is releasing Defender External Attack Surface Management and Defender External Attack Surface Management.

ComputerWorld Independent

5 best practices for secure collaboration

August 3, 2022 0 Comments collaboration software, communications security, security practices, small and medium business, Video

Credit to Author: CSO staff| Date: Wed, 03 Aug 2022 02:00:00 -0700

How successful companies are facing the challenges of securing emerging communication technologies.

ComputerWorld Independent

How to protect Windows 10 and 11 PCs from ransomware

August 2, 2022 0 Comments Security, small and medium business, Windows, Windows 10, windows 11

Credit to Author: Preston Gralla| Date: Tue, 02 Aug 2022 03:00:00 -0700

CryptoLocker. WannaCry. DarkSide. Conti. MedusaLocker. The ransomware threat isn’t going away anytime soon; the news brings constant reports of new waves of this pernicious type of malware washing across the world. It’s popular in large part because of the immediate financial payoff for attackers: It works by encrypting the files on your hard disk, then demands that you pay a ransom, frequently in Bitcoin or other cryptocurrency, to decrypt them.

But you needn’t be a victim. There’s plenty that Windows 10 and 11 users can do to protect themselves against it. In this article, I’ll show you how to keep yourself safe, including how to use an anti-ransomware tool built into Windows.

To read this article in full, please click here

ComputerWorld Independent

Apple's latest controversy: Expanded App Store advertising

August 1, 2022 0 Comments Apple, Mobile, mobile apps, Privacy, small and medium business

Credit to Author: Jonny Evans| Date: Mon, 01 Aug 2022 09:03:00 -0700

Depending on how you look at it, Apple may be ramping up ways developers can reach out durectly to customers via its App Store – or building its own business at others’ expense.

What Apple is doing

Apple has had an advertising business of its own ever since Apple’s then CEO, Steve Jobs, introduced us to iAds in 2010. The scale of that offer was always limited to Apple’s platform, but the service arguably failed, with its technology living on in the form of ad slots in Apple News and the App Store.

Apple’s App Store currently hosts just two ad slots, one in the search tab and the other in Search results. You can tell when you are looking at an ad from the blue shade behind the graphic and a small blue badge that says “ad” – these ads are hard to mistake for content.

To read this article in full, please click here

ComputerWorld Independent

For SMBs, Microsoft offers a new layer of server protection

July 25, 2022 0 Comments Microsoft, Security, small and medium business, Windows

Credit to Author: Susan Bradley| Date: Mon, 25 Jul 2022 09:00:00 -0700

Do you run a small business with on-premises servers?

Chances are, you rely on technology that includes servers, whether they’re Windows- or Linux-based. With that in mind, Microsoft recently announced it’s previewing “server protection for small business” — bundling the offering with Microsoft Defender for Business.

This is noteworthy because until now, most Endpoint Detection and Response (EDR) solutions have been expensive and typically only deployed by larger enterprises. (EDR is an integrated, layered approach to endpoint protection that combines real-time continuous monitoring and endpoint data analytics with rule-based automated response.)

To read this article in full, please click here

ComputerWorld Independent

Zoom expands end-to-end encryption for Phone and breakout rooms

July 22, 2022 0 Comments communications security, encryption, videoconferencing, zoom video communications

Credit to Author: Charlotte Trueman| Date: Fri, 22 Jul 2022 03:44:00 -0700

Zoom has announced it is expanding end-to-end encryption (E2EE) capabilities to Zoom Phone, with breakout rooms to be given the same level of encryption in the near future.

Zoom Phone customers now have the option to upgrade to E2EE during one-on-one Zoom Phone calls between users on the same Zoom account that occur via the Zoom client.

During a call, when users select “More” they will see an option to change the session to an end-to-end encrypted phone call. When enabled, Zoom encrypts the call by using cryptographic keys known only to the devices of the caller and receiver. Users will also have the option to verify E2EE status by providing a unique security code to one another.

To read this article in full, please click here