PossibleThreat Articles

Articles for the experts…

Microsoft

Independent Krebs Security 

How Phishers Are Slinking Their Links Into LinkedIn

0 Comments , , , , , , , , , , , ,

Credit to Author: BrianKrebs| Date: Thu, 03 Feb 2022 18:49:38 +0000

If you received a link to LinkedIn.com via email, SMS or instant message, would you click it? Spammers, phishers and other ne’er-do-wells are hoping you will, because they’ve long taken advantage of a marketing feature on the business networking site which lets them create a LinkedIn.com link that bounces your browser to other websites, such as phishing pages that mimic top online brands (but chiefly Linkedin’s parent firm Microsoft).

Read more
ComputerWorld Independent 

Start-up emerges with an ‘enterprise browser'

0 Comments , , , , ,

Credit to Author: Lucas Mearian| Date: Wed, 02 Feb 2022 04:00:00 -0800

A start-up has emerged from stealth mode to announce what it describes as one of the world’s first enterprise-specific browsers, capable of governing how users interact with all SaaS and web applications.

The new Island web browser is based on the widely used Chromium open-source platform. Launched by a company with the same name, Island offers users a familiar online experience while governing what sites they can visit, the data they can view, and what files they can download or upload. Restrictions can be dialed up or down and can be specific to a user’s role in an organization.

For example, a user could be surfing the web with the standard Chrome, Edge, or Safari browsers, but if they try to access a site that’s off-limits based on the Island settings, they’d be blocked and told to use their secure browser. The Island browser can even stop an employee from taking screenshots of sensitive data, depending on the settings IT admins choose to implement.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Will World War III begin in cyberspace?

0 Comments , ,

Credit to Author: Steven J. Vaughan-Nichols| Date: Tue, 25 Jan 2022 03:00:00 -0800

People die because of cyber wars, even if no bullets are ever fired. Instead, they die in emergency rooms that no longer have power, from broken medical communication networks, and from riots. All of this has happened before. It will happen again. And now, with Russia poised to invade Ukraine and Russian cyberattacks already in motion, we can only hope and pray that what promises to be the first major European war since World War II doesn’t spark the next World War.

If it does, I fear the proximate cause won’t be Russian T-90 main battle tanks trying to smash their way into Ukraine’s capital, Kyiv. It will be the Russian GRU Sandworm hacking group launching a cyberattack that perhaps wrecks the European Union power grid; or knocks out major US internet sites such as Google, Facebook, and Microsoft; or stops 4G and 5G cellular services in their tracks.

To read this article in full, please click here

Read more
ComputerWorld Independent 

VPNs and browsers — staying secure while online

0 Comments , ,

Credit to Author: Susan Bradley| Date: Mon, 24 Jan 2022 09:08:00 -0800

In business, we’ve used Virtual Private Networks (VPNs) for years. But I’m now seeing recommendations that consumers use VPN software to make internet connections more private so sites can’t snoop on your surfing and other communications. As someone who runs a website that uses IP address reputation as a guide to know who is and is not reputable on my site, I can tell you that using a VPN often assigns you an IP address that’s less than stellar. As a result, if you attempt to access sites that check for reputation, such as your bank, you may find yourself blocked.

I’m not against the concept of consumer-based VPN software, but I’m not convinced it’s the security panacea many think it is. Users think it’s keeping sites from tracking them, or keeping them safe when surfing on coffee shop Wi-Fi. They think it keeps prying eyes from reviewing our web traffic. But all VPN software is not created equal. I recently read new research from Consumer Reports that tested various VPN platforms; I was surprised to find that the top VPN providers included vendors I’ve not even heard of.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Microsoft beefs up Edge's security against zero-day attacks

0 Comments , ,

Credit to Author: Lucas Mearian| Date: Thu, 20 Jan 2022 13:16:00 -0800

In the latest release of its Edge beta, Microsoft introduced a new way for IT admins to better secure the Chromium-based browser against web-based attacks.

The release notes for Microsoft Edge Beta Channel describe the new security features as employing several techniques to guard against so-called zero-day exploits; Zero-day exploits are software or network vulnerabilities developers are unaware of, and so they’ve not been patched.

Imagine if the keylock mechanism on your home’s backdoor was faulty and jiggling the doorknob released the latch. Burglars could walk door to door looking for that particular vulnerability and jiggle doorknobs until one opened. Zero days are the same concept, but in cyberspace.

To read this article in full, please click here

Read more
ComputerWorld Independent 

20 years after Gates’ call for trustworthy computing, we’re still not there

0 Comments , , , ,

Credit to Author: Susan Bradley| Date: Mon, 17 Jan 2022 03:42:00 -0800

Do you feel more secure? Is your computing experience more trustworthy these days?

Seriously — you’re reading this article on a computer or phone, connecting to this site on an internet shared with your Grandma as well as Russian hackers, North Korean attackers, and lots of teenagers  looking at TikTok videos. It’s been 20 years since then-Microsoft CEO Bill Gates wrote his Trustworthy Computing memo where he emphasized security in the company’s products.

So are we actually more secure now?

I’m going to keep in mind the side effects from last week’s Patch Tuesday security updates and consider them in my answer. First, the good news: I don’t see major side effects occurring on PCs not connected to active directory domains (and I haven’t seen any showstoppers in testing my hardware at home). I can still print to my local HP and Brother printers. I can surf and access files. So, while I’m not ready yet to give an all-clear to install the January updates, when I do, I doubt you’ll see side effects.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Patch Tuesday gets off to a busy start for January

0 Comments , , , , ,

Credit to Author: Greg Lambert| Date: Fri, 14 Jan 2022 12:10:00 -0800

For this week’s Patch Tuesday, the first of the year, Microsoft addressed 97 security issues, six of them rated critical. Though six vulnerabilities have been publicly reported, I do not classify them as zero-days. Microsoft has fixed a lot of security related issues and is aware of several known issues that may have inadvertently caused significant server issues including:

  • Hyper-V, which no longer starts with the message, “Virtual machine xxx could not be started because the hypervisor is not running.”
  • ReFS (Resilient) file systems that are no longer accessible (which is kind of ironic).
  • And Windows domain controller boot loops.

There are a variety of known issues this month, and I’m not sure whether we’ll see more issues reported with the January server patches. You can find more information on the risk of deploying these latest updates with our helpful infographic.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Microsoft touts first PCs to ship natively with secure Pluton chip

0 Comments , , , , , ,

Credit to Author: Lucas Mearian| Date: Wed, 12 Jan 2022 03:00:00 -0800

As organizations continue to wrestle with how to manage a hybrid workforce, security outside the corporate firewall continues to play a huge role in day-to-day IT operations.

Following the October release of Windows 11, which boasted features aimed at enabling hybrid work, Microsoft last week announced the first PCs with its Pluton chip-to-cloud security technology. The technology is aimed at securing the computers of remote workers and others.

At CES, Microsoft announced that Lenovo and chipmaker AMD have launched the first laptops — the ThinkPad Z13 and ThankPad Z16 — that come natively with the Pluton security chips. Pricing for the ThinkPad Z13 starts at $1,549, pricing for the ThinkPad Z16 starts at $2,099. Both laptops will be available in May and Lenovo said there is no additional cost associated with the Pluton chip inside.

To read this article in full, please click here

Read more
MalwareBytes Security 

Apply those updates now: CVE bypass offers up admin privileges for Windows 10

0 Comments , , , , , , , , ,

Credit to Author: Malwarebytes Labs| Date: Tue, 01 Feb 2022 11:07:29 +0000

A CVE bypass offers up the possibility of admin privileges on Windows 10 machines. Find out what’s happened, and how you can avoid it.

Categories: Malwarebytes news

Tags:

(Read more…)

The post Apply those updates now: CVE bypass offers up admin privileges for Windows 10 appeared first on Malwarebytes Labs.

Read more
QuickHeal Security 

Quick Heal Supports Windows 10 November 2021 Update (version 21H2)

0 Comments , , , , , , , ,

Credit to Author: Quickheal| Date: Wed, 17 Nov 2021 10:15:05 +0000

Microsoft has recently developed a new update for Windows 10 PCs, called Windows 10 November 2021 update, version…

The post Quick Heal Supports Windows 10 November 2021 Update (version 21H2) appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

Read more