ComputerWorld – Page 35 – PossibleThreat Articles

Windows is in Moscow’s crosshairs, too

February 25, 2022 0 Comments Security, small and medium business, Windows

Credit to Author: Preston Gralla| Date: Fri, 25 Feb 2022 03:00:00 -0800

Russia telegraphed its intentions to invade Ukraine well ahead of this week’s attack by massing nearly 200,000 soldiers along Ukraine’s borders, and by Vladimir Putin’s increasingly belligerent threats.

Behind the scenes, Russia was doing more than that, including dangerous cyberattacks launched against Ukraine. And as is typically the case in such attacks, Windows was the attack vector.

“We’ve observed destructive malware in systems belonging to several Ukrainian government agencies and organizations that work closely with the Ukrainian government, Tom Burt, Microsoft corporate vice president for customer security and trust, wrote in a blog post in mid-January. “The malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system inoperable.” In a related technical post detailing how the malware works, Microsoft added: “These systems [under cyberattack] span multiple government, non-profit, and information technology organizations, all based in Ukraine.”

To read this article in full, please click here

ComputerWorld Independent

Take your time testing these February Patch Tuesday updates

February 11, 2022 0 Comments Microsoft, Microsoft Office, Security, small and medium business, Windows

Credit to Author: Greg Lambert| Date: Fri, 11 Feb 2022 12:21:00 -0800

There are (as of now) 51 patches to the Windows ecosystem for February, but no critical updates and no “Patch Now” recommendations from the Readiness team. I’m hoping that with this month’s list of Patch Tuesday updates, we can enjoy the quiet after the storm. January was tough for a lot of folks. And, with this month’s very light release from Microsoft, corporate security and systems administrators can take the time needed to test their applications and desktop/server builds. It’s also important to invest in their testing methodologies, release practices, and how their applications may be affected by OS-level updates and patches.

To read this article in full, please click here

ComputerWorld Independent

Addigy talks up Apple-in-the-enterprise tech show

February 7, 2022 0 Comments Apple, iPhone, MacOS, mobile device management, Security

Credit to Author: Jonny Evans| Date: Mon, 07 Feb 2022 04:13:00 -0800

Apple’s continuing enterprise momentum means it’s grabbing a growing slice of the business ecosystem, and the expansion is driving growth across the Apple device management ecosystem.

Addigy Innovate 2022

Reflecting this, Addigy recently announced plans to hold its annual Innovate 2022 conference later this month. I spoke with Jason Dettbarn, founder and CEO, who says the event will include keynotes and product presentations, including one hosted by The Ethical Hacker author Ralph Echemendia.

To read this article in full, please click here

ComputerWorld Independent

Q&A: CISO sees 'enterprise' browser as easier way to monitor employee web use

February 4, 2022 0 Comments Browsers, chrome, Security

Credit to Author: Lucas Mearian| Date: Fri, 04 Feb 2022 03:00:00 -0800

Over the past several years, Ashland Specialty Chemicals, a global specialty materials and chemical company with about 4,200 employees, has been downsizing. It shuttered its physical datacenter and adopted more of a software-as-a-service strategy for business apps such as Salesforce and Workday. With the shift to the cloud, the company also had to address keeping web traffic secure as its hybrid workforce accessed sensitive data online.

While the company continues to use more traditional, and costly, firewalls such as Cloud Access Security Brokers (CASB) and Secure Access Service Edge (SASE) to secure web gateways, it has also been testing an enterprise-specific browser from a start-up company named Island.

To read this article in full, please click here

ComputerWorld Independent

Second Israeli firm accused of undermining iPhones, like NSO Group

February 3, 2022 0 Comments Apple, iPhone, Mobile, Security, small and medium business

Credit to Author: Jonny Evans| Date: Thu, 03 Feb 2022 09:08:00 -0800

As if recent revelations about NSO Group weren’t bad enough, yet another Israeli firm — QuaDream — has now been accused of using the same hack to undermine iPhone security.

QuaDream also used the hack, Reuters claims

A Reuters report has the details:

QuaDream made use of the same flaw to commit similar attacks against iPhones.
The company is smaller than NSO Group, but also sells smartphone hacking tools to governments.
Both companies used the same highly sophisticated “zero-click” ForcedEntry attack, which enabled them to remotely break into iPhones without an owner needing to click a malicious link.
Once deployed, attackers using the software could access messages, intercept calls, and use the device as a remote listening device. They also gained access to the camera and more.
Apple closed this vulnerability in September 2021.
It is believed NSO Group software was used to target the family of murdered Saudi journalist Jamal Khashoggi.

The news follows the revelation that the FBI also obtained NSO’s Pegasus spyware, but claims it did not use it. That also follows another recent claim that NSO Group offered “bags of cash” in exchange for access to US cellular networks via the SS7 network.

To read this article in full, please click here

ComputerWorld Independent

Start-up emerges with an ‘enterprise browser'

February 2, 2022 0 Comments Browsers, Google, Internet, Microsoft, Microsoft Edge, Security

Credit to Author: Lucas Mearian| Date: Wed, 02 Feb 2022 04:00:00 -0800

A start-up has emerged from stealth mode to announce what it describes as one of the world’s first enterprise-specific browsers, capable of governing how users interact with all SaaS and web applications.

The new Island web browser is based on the widely used Chromium open-source platform. Launched by a company with the same name, Island offers users a familiar online experience while governing what sites they can visit, the data they can view, and what files they can download or upload. Restrictions can be dialed up or down and can be specific to a user’s role in an organization.

For example, a user could be surfing the web with the standard Chrome, Edge, or Safari browsers, but if they try to access a site that’s off-limits based on the Island settings, they’d be blocked and told to use their secure browser. The Island browser can even stop an employee from taking screenshots of sensitive data, depending on the settings IT admins choose to implement.

To read this article in full, please click here

ComputerWorld Independent

Why Apple’s improved 2FA protection matters to business

February 2, 2022 0 Comments Apple, iOS, MacOS, Mobile, Security, small and medium business

Credit to Author: Jonny Evans| Date: Tue, 01 Feb 2022 06:01:00 -0800

Apple has introduced a new layer of protection to its existing two-factor authentication (2FA) system, making it a little harder for phishing attacks to successfully steal valuable authentication credentials.

Given that Apple, PayPal, and Amazon were the top three brands used for successful phishing attacks last year, according to a recent Jamf report, this matters.

Phishing costs billions and is bad for business

Phishing is a huge problem. The scale of these attacks shot up during the pandemic. The FBI Internet Crime Report 2020 revealed that phishing attacks affected 241,342 victims in 2020, up from 114,702 in 2019, with adjusted losses of more than $54 billion. Verizon’s 2021 Data Breach Investigations Report confirmed that 36% of data breaches that year involved phishing.

To read this article in full, please click here

ComputerWorld Independent

Jamf CEO weighs in on Apple deployments and enterprise security

February 2, 2022 0 Comments Apple, MacOS, Mobile, Security, small and medium business

Credit to Author: Jonny Evans| Date: Thu, 27 Jan 2022 08:34:00 -0800

“Apple will become the number one device ecosystem in the enterprise by the end of this decade,” Jamf CEO Dean Hager told me while introducing an in-depth enterprise security trends report that enterprises should look at.

Apple continues to see incredible growth

The nature of enterprise IT is rapidly becoming multiplatform. Jamf recently shared some details concerning the rapid growth in Apple device deployments it is seeing in business. For example, it now has 60,000 active customers, up from 36,000 two years before that – and believes new services such as Apple Business Essentials will help maintain this growth.

To read this article in full, please click here

ComputerWorld Independent

Test your outrage over Google's new Topics advertising system

February 2, 2022 0 Comments Data privacy, Google, Internet, Privacy

Credit to Author: JR Raphael| Date: Thu, 27 Jan 2022 04:00:00 -0800

Google sure has taken an awful lot of heat over its advertising practices lately.

But why, exactly? Today, I’d like to explore that. I’ve concocted a four-question quiz that’ll gauge your rage and help determine whether it’s aimed at the right source or perhaps misplaced. But first, we need to catch up on what exactly is happening right now and how we reached this point.

The whole recent Google advertising debacle started with the crumbling state of the digital cookie, y’see — the pressure for Google to move away from its age-old practice of using tiny (and rather tasty-sounding) tidbits of data provided by websites to see what sort of stuff you’re interested in and then show you ads that match those subjects.

To read this article in full, please click here

ComputerWorld Independent

Will World War III begin in cyberspace?

February 2, 2022 0 Comments Government, Microsoft, Security

Credit to Author: Steven J. Vaughan-Nichols| Date: Tue, 25 Jan 2022 03:00:00 -0800

People die because of cyber wars, even if no bullets are ever fired. Instead, they die in emergency rooms that no longer have power, from broken medical communication networks, and from riots. All of this has happened before. It will happen again. And now, with Russia poised to invade Ukraine and Russian cyberattacks already in motion, we can only hope and pray that what promises to be the first major European war since World War II doesn’t spark the next World War.

If it does, I fear the proximate cause won’t be Russian T-90 main battle tanks trying to smash their way into Ukraine’s capital, Kyiv. It will be the Russian GRU Sandworm hacking group launching a cyberattack that perhaps wrecks the European Union power grid; or knocks out major US internet sites such as Google, Facebook, and Microsoft; or stops 4G and 5G cellular services in their tracks.

To read this article in full, please click here