How to move users to the Outlook app with Intune
Microsoft is turning off basic authentication, so it’s wise to move mobile users to the Outlook app to better protect them from attackers.
ComputerWorld
Microsoft releases emergency IE patches inside 'optional, non-security' cumulative updates
Credit to Author: Woody Leonhard| Date: Tue, 24 Sep 2019 12:13:00 -0700
I’ve seen a lot of confusion about the security hole known as CVE-2019-1367 and what normal Windows customers should do about it. Part of the reason for the confusion is the way the fix was distributed – the patching files were released on Monday, Sept. 23, but only via manual download from the Microsoft Update Catalog.
On a Monday.
In the past few hours, Microsoft released a hodge-podge of patches that seem to tackle the problem. They’re “optional non-security” and “Monthly Rollup preview” patches, so you won’t get them unless you specifically go looking for them.
Microsoft delivers emergency security update for antiquated IE
Credit to Author: Gregg Keizer| Date: Tue, 24 Sep 2019 03:00:00 -0700
Microsoft on Monday released an emergency security update to patch a vulnerability in Internet Explorer (IE), the legacy browser predominantly used by commercial customers.
The flaw, which was reported to Microsoft by Clement Lecigne, a security engineer with Google’s Threat Analysis Group (TAG), has already been exploited by attackers, making it a classic “zero-day,” a vulnerability actively in use before a patch is in place.
In the security bulletin that accompanied the release of the IE patch, Microsoft labeled the bug a remote code vulnerability, meaning that a hacker could, by exploiting the bug, introduce malicious code into the browser. Remote code vulnerabilities, also called remote code execution, or RCE, flaws, are among the most serious. That seriousness, as well as the fact that criminals are already leveraging the vulnerability, was reflected in Microsoft’s decision to go “out of band,” or off the usual patching cycle, to plug the hole.
iOS 13: Apple's big BYOD improvements help enterprise pros
Credit to Author: Jonny Evans| Date: Mon, 23 Sep 2019 07:56:00 -0700
Apple may place much of its focus on Apple Arcade and consumer-friendly iPad/iPhone features, but there are numerous enterprise-focused enhancements wrapped up inside iOS 13.
The BYOD enterprise
The company’s latest operating systems introduce a host of productivity-enhancing upgrades, particularly for the iPad.
Yet the biggest improvements specifically for enterprise users aim to make a more robust division between personal and enterprise data for Bring Your Own Device (BYOD) deployments, solving one of the big challenges in the space.
Change these 4 new security settings in iOS 13 now
Credit to Author: Jonny Evans| Date: Fri, 20 Sep 2019 05:29:00 -0700
If you’ve (successfully) upgraded to iOS 13 or just got hold of a new iPhone 11 or 11 Pro, there are new security settings in Apple’s latest operating system you need to learn and use. Here’s what’s important to understand.
Fight back against robocalls
There were 26.3 billion robocalls in the U.S. in 2018. It’s a a sickness.
You can stop the contagion thanks to a new in iOS 13 feature that directs incoming calls from unknown numbers (ie. those you don’t have in your Contacts book) to voicemail. It’s a useful feature that isn’t enabled by default.
Throwback Thursday: Ultimatum
Credit to Author: Sharky| Date: Thu, 19 Sep 2019 03:00:00 -0700
It’s 1977, and this pilot fish’s company is moving to a new data center. “The old facility was in the basement of the headquarters building,” says fish. “Access was via an ancient magnetic strip reader with no special capabilities. You either got in or you didn’t.
The new facility has state-of-the-art card readers, supported by a small midrange system. It has lots of capabilities — which can be a bit of trouble when you have a security department that’s paranoid about access to the facility.
And trouble does arrive, about a month after the move to the new building, when the security department programs the system to allow admission only during scheduled working hours.
Why France and Germany fear Facebook’s cryptocurrency – and plan to block it
Credit to Author: Lucas Mearian| Date: Wed, 18 Sep 2019 03:00:00 -0700
Facebook’s plans to launch its own Libra cryptocurrency next year is getting resistance from France and Germany who have promised to block it and plan to create their own national cryptocurrencies.
Last week, the two nations said Libra could threaten the Euro’s value and unlawfully privatize money. Last year, the Reserve Bank of India (RBI), the country’s central bank, announced a ban on the use of cryptocurrencies by any regulated financial entity because of risks associated with it.
Wayback Wednesday: When you said ‘gone for good,’ I only heard ‘good’
Credit to Author: Sharky| Date: Wed, 18 Sep 2019 03:00:00 -0700
User comes to this support pilot fish complaining that his PC is acting strangely.
“It turns out he had gotten his computer so jammed up with spyware and Trojans that it was basically nonfunctional,” says fish. “We had to rebuild the computer from scratch.” They were able to recover much of user’s work and files, but some were irretrievably damaged — or just plain gone .
Fish explains what happened and points out the probable infection vectors. And he explains that they had recovered as much as they could, but some stuff was simply gone for good. There would be no way to get anything more.
“Two days later, he called to ask when I’m going to bring him the rest of his missing files.”
How to monitor Windows to prevent credential theft attacks
Attackers are now enabling WDigest credential caching to allow them to harvest credentials. Here’s how to spot it.
Mozilla first reveals, then conceals, paid support plan for Firefox
Credit to Author: Gregg Keizer| Date: Tue, 17 Sep 2019 10:56:00 -0700
Mozilla earlier this month quietly outlined paid support for enterprise users of Firefox, but last week scrubbed the reference from its website, saying that it is “still exploring that option.”
The offering – labeled “Mozilla Enterprise Client Support” – was to start at $10 per “supported installation,” which likely referred to per-device, not per-user, pricing. It’s unclear whether that was an annual or monthly fee, and Mozilla declined to say which it was when asked.
In return for the fee, Mozilla said on the now-absent Firefox enterprise site – still visible through the Internet Archive’s Wayback Machine – customers would be able to privately report bugs via a new web portal and receive fixes on a timeline dependent on the impact and urgency of the problem. Customers would also be able to file requests for help with Firefox’s installation and deployment, management policies, functionality and customization.