Microsoft – Page 31 – PossibleThreat Articles

Seattle tries out mobile voting

January 28, 2020 0 Comments Amazon web services, Blockchain, Cloud Computing, Emerging Technology, Government, Government IT, Microsoft, Security

Credit to Author: Lucas Mearian| Date: Tue, 28 Jan 2020 03:00:00 -0800

About 1.2 million Seattle area voters will be able to use their smartphone, laptop or a computer at their local library to vote in a current election this year.

This will be the first-time online voting is available to all eligible registered voters of a district, according to a foundation behind the initiative.

The King Conservation District in Washington State is the third region in the U.S. to partner with the non-profit Tusk Philanthropies on a national effort to expand mobile voting, and Washington is the fifth state to pilot mobile voting in general. The King Conservation District is a state environmental agency that includes Seattle and 33 other cities, but it is separate from the King County Elections agency and operates under a different budget.

To read this article in full, please click here

ComputerWorld Independent

Google and Microsoft have gone too far

January 24, 2020 0 Comments Browsers, Google, Microsoft, Privacy, search, Security, Technology Industry

Credit to Author: Mike Elgan| Date: Fri, 24 Jan 2020 13:55:00 -0800

Google and Microsoft are using dark pattern design to trick or force users to do things they never intended. Is it time to switch to more ethical browsers? (We list 10 alternatives.)

ComputerWorld Independent

Get the January 2020 Patch Tuesday patches installed

January 24, 2020 0 Comments Microsoft, Security, Windows

Credit to Author: Woody Leonhard| Date: Fri, 24 Jan 2020 13:27:00 -0800

This month has seen a whole lotta hand waving and sky-is-falling-caliber rhetoric, but the reality is much more prosaic. If you aren’t running a major network (and thus aren’t susceptible to the imminent problems with Remote Desktop Gateway, the Citrix network bugs or the whopping 334 patches in Oracle), there’s been little reason to install this month’s updates.

To read this article in full, please click here

ComputerWorld Independent

Microsoft Patch Alert: January 2020 patches look relatively benign

January 23, 2020 0 Comments Microsoft, Microsoft Office, PCs, Security, Windows

Credit to Author: Woody Leonhard| Date: Thu, 23 Jan 2020 07:17:00 -0800

The big patching problems this month fell at the feet of admins who had to deal with an unholy mess of pressing exposures: Fixing the holes in Microsoft’s RD Gateway (CVE-2020-0610; see Susan Bradley’s Patch Watch, paywalled); dealing with Server 2008 R2 systems that booted to Recovery mode after installing the January patches; scrambling to pick up after breaches in Citrix networking products; or the 334 Oracle security patches. They all took a toll.

To read this article in full, please click here

Security Sophos

Big Microsoft data breach – 250 million records exposed

January 22, 2020 0 Comments data breach, elastic search, Microsoft

Credit to Author: Paul Ducklin| Date: Wed, 22 Jan 2020 17:42:47 +0000

Microsoft has today announced a data breach that affected one of its customer databases.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/Cst7PO49oB0″ height=”1″ width=”1″ alt=””/>

Security Sophos

Microsoft corrige errores críticos en CryptoAPI, RD Gateway y .NET

January 22, 2020 0 Comments actualidad, actualizacion, Adobe, Microsoft

Credit to Author: Naked Security| Date: Fri, 17 Jan 2020 10:06:22 +0000

El error criptográfico CryptoAPI del que Microsoft informó el martes de parches de esta semana fue tan importante que justificó su propia historia. Aquí, desvelamos algunos de los otros problemas que arregló Microsoft. Entre los errores más graves se encuentran los defectos de ejecución remota de código (RCE) que afectan a Windows Remote Desktop Gateway, […]<img src=”http://feeds.feedburner.com/~r/sophos/dgdY/~4/aH7nHIo3Qso” height=”1″ width=”1″ alt=””/>

MalwareBytes Security

WOOF locker: Unmasking the browser locker behind a stealthy tech support scam operation

January 22, 2020 0 Comments 404browlock, 404error, browlock, browlocks, browser guard, browser locker, chrome, Edge, firefox, malvertising, malvertising campaigns, Microsoft, scams, Social engineering, steganography, tech support, Tech support scams, Threat analysis, tss, woof

Credit to Author: Jérôme Segura| Date: Wed, 22 Jan 2020 16:00:00 +0000

We reveal the inner workings of WOOF locker, the most sophisticated browser locker campaign we’ve seen to date. Learn how this tech support scam evades researchers and ensnares users by hiding in plain sight.

Categories:

Threat analysis

Tags: 404Browlock 404error browlock browlocks Browser guard browser locker chrome Edge firefox malvertising malvertising campaigns microsoft scams Social Engineering steganography tech support tech support scams TSS WOOF

ComputerWorld Independent

Don’t worry about CurveBall just yet — get your Citrix systems patched

January 21, 2020 0 Comments Microsoft, Security, Windows

Credit to Author: Woody Leonhard| Date: Tue, 21 Jan 2020 08:03:00 -0800

Hey, admins! It’s been an exciting week, eh?

Most of you have been inundated with requests — demands — that you patch all of your systems immediately to protect them from the highly publicized CVE-2020-0601 Crypt32.dll security hole, known as “Chain Of Fools” or “CurveBall.”

While you were scrambling to comply with the NSA’s unique advertising, abetted by almost every security expert on the planet, a funny thing happened. There are no in-the-wild exploits for the ol’ CurveBall. But there are lots and lots of Citrix ADC and Citrix Gateway systems under attack, using a security hole announced in December called CVE-2019-19781.

To read this article in full, please click here

ComputerWorld Independent

Worried about an NSA ChainOfFools/CurveBall attack? There are lots of moving parts. Test your system.

January 17, 2020 0 Comments Microsoft, Security, Windows

Credit to Author: Woody Leonhard| Date: Fri, 17 Jan 2020 06:42:00 -0800

If you want to install the January Patch Tuesday patches, by all means, go right ahead. That said, I continue to recommend that you hold off installing the January Microsoft patches until we get a clearer reading on potential bugs.

The pro-patch-now argument generally goes something like this: Everybody is recommending that you install the patches to protect against the Crypto bug — almost all of the major security folks, the researchers, the big online sites, your local news station, your congresscritter, your neighbor’s nine-year-old, even the bleeping NSA. It’s a little patch. Why not just install it and be done with it?

To read this article in full, please click here

Security Sophos

NSA and Github ‘rickrolled’ using Windows CryptoAPI bug

January 16, 2020 0 Comments cryptoapi, Cryptography, cve-2020-0601, Exploit, Microsoft, NSA, rickroll, vulnerability, Windows

Credit to Author: Paul Ducklin| Date: Thu, 16 Jan 2020 17:42:09 +0000

We said, “Assume that someone will find out how to do it pretty soon,” and that’s exactly what happened.<img src=”http://feeds.feedburner.com/~r/nakedsecurity/~4/XhJpjHyVCqc” height=”1″ width=”1″ alt=””/>