Credit to Author: John E Dunn| Date: Wed, 12 Feb 2020 16:13:57 +0000
From March, the Firefox, Chrome, Safari and Edge browsers will show warnings when users visit websites that only support TLS versions 1.0 or 1.1.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/3oMQ9dp5jKA” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Woody Leonhard| Date: Wed, 12 Feb 2020 05:43:00 -0800
I’m hearing lots of complaints from people who spent good money to get Win7 Extended Security Updates, but don’t see this month’s patches. There’s a reason why. Microsoft didn’t bother to tell us that you need a new patch, released yesterday, in order to start receiving Win7 ESU updates. You have to download the new patch, KB 4538483, from the Microsoft Catalog, and install it manually before the updates even appear.
Folks who spent money to get the February and later patches are livid.
Yesterday, after releasing the February updates, Microsoft modified its ESU Procedure page to add this step:
Credit to Author: SophosLabs Offensive Security| Date: Tue, 11 Feb 2020 20:50:22 +0000
For this second Patch Tuesday of 2020, Microsoft has released a hundred patches to Windows and other Microsoft software, including 12 vulnerabilities flagged as Critical, and 87 flagged as Important. In addition, Adobe also published updates for its Flash Player, Acrobat, Framemaker, Experience Manager, and Digital Editions products in notifications timed to coincide with Microsoft’s […]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/zpsWY9HeJhU” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Woody Leonhard| Date: Mon, 10 Feb 2020 12:13:00 -0800
Remember the frenzy after last month’s Patch Tuesday? How everybody and his twice-removed cousin — even the N forkin’ SA — told you to get patched immediately because of this big, spooky Crypto API security hole that was supposed to bring down Windows As We Know It, like, right now?
Guess what. It never materialized.
Credit to Author: Woody Leonhard| Date: Mon, 10 Feb 2020 12:13:00 -0800
Remember the frenzy after last month’s Patch Tuesday? How everybody and his twice-removed cousin — even the N forkin’ SA — told you to get patched immediately because of this big, spooky Crypto API security hole that was supposed to bring down Windows As We Know It, like, right now?
Guess what. It never materialized.
Credit to Author: Woody Leonhard| Date: Wed, 05 Feb 2020 04:42:00 -0800
Worried about the future of your Win7 machine? Welcome to the family.
Right now, we have a promise that Microsoft will fix the “Stretch” wallpaper bug it rolled out last month, and there’s some hope that it will fix the Internet Explorer JScript engine security hole CVE-2020-0674 noted last month in Security Advisory ADV200001. We don’t know how/when the fix(es) will be distributed, or if Microsoft will soften its “no free Win7 patches after January 14” edict in some other way.
Credit to Author: David Ruiz| Date: Tue, 04 Feb 2020 16:35:25 +0000
 | |
| The Washington Privacy Act would extend new data rights of access, correction, and deletion to Washington residents, with new rules on facial recognition. Categories: Tags: 2019 Washington Privacy Act2020 Washington Privacy ActCalifornia Consumer Privacy ActCCPAConsumer Reportsdata portabilitydata privacy lawdata privacy lawsdata privacy legislationfacial recognitionFuture of Privacy ForumgdprGeneral Data Protection Regulationmicrosoftpersonal dataright to accessright to correctright to deleteSenator Reuven Carlylesensitive dataWashington Privacy ActWashington Privacy Act 2019Washington Privacy Act 2020WPA |
The post Washington Privacy Act welcomed by corporate and nonprofit actors appeared first on Malwarebytes Labs.
Read more
Credit to Author: John E Dunn| Date: Mon, 03 Feb 2020 12:54:31 +0000
Apple thinks it’s come up with a simple way to make SMS two-factor authentication (2FA) one-time codes less susceptible to phishing attacks.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/EmuD8lIFjiU” height=”1″ width=”1″ alt=””/>
Read more
Credit to Author: Woody Leonhard| Date: Thu, 30 Jan 2020 10:14:00 -0800
Time and again we see the same drama play out. Microsoft releases a security patch and scary warnings appear from every corner. When your local news broadcast tells you that you better patch Windows right now…, more temperate advice should prevail.
A little over two weeks ago, on Patch Tuesday, Microsoft released a patch for a security hole known as CVE-2020-0601 – the Crypt32.dll vulnerability also called ChainOfFools or CurveBall.
Credit to Author: BrianKrebs| Date: Wed, 29 Jan 2020 19:02:56 +0000
Fresh on the heels of a disclosure that Microsoft Corp. leaked internal customer support data to the Internet, mobile provider Sprint has addressed a mix-up in which posts to a private customer support community were exposed to the Web.
Read more