Credit to Author: WIRED Staff| Date: Sat, 24 Dec 2022 14:00:00 +0000
Plus: An offensive US hacking operation, swatters hacking Ring cameras, a Netflix password-sharing crackdown, and more.
Read more
Many businesses are looking to cut costs as economies face recession, but some enterprises may be ignoring one of the most effective ways to trim the fat while boosting productivity — by embracing remote working.
We know Macs, iPhones, and iPads have been seeing increased deployment across the enterprise. We also know (because IBM, SAP and so many companies tell us) that businesses that embrace Apple kit also see reduced overall cost of ownership and lower tech support costs. Employee choice delivers big benefits.
Credit to Author: Dhruv Mehrotra| Date: Thu, 22 Dec 2022 12:00:00 +0000
Don’t be fooled by its fun name and Tamagotchi-like interface—this do-everything gadget is trouble waiting to happen and a whole lot more.
Read more
Credit to Author: Lily Hay Newman| Date: Wed, 21 Dec 2022 13:00:00 +0000
A new US State Department assessment highlights the stark economic toll of Tehran’s recent shutdowns and platform control.
Read more
China’s digital Yuan project, a blockchain-based cryptocurrency for consumer and commercial finance, can no longer be considered a pilot. That’s the assessment by economic and cryptocurrency experts.
Those experts have been monitoring efforts in China and other countries developing and piloting central bank digital currencies (CBDCs) with the aim of establishing a blockchain-based virtual cash that is cheaper to use and faster to exchange, both at home and across international borders.
To date, the People’s Bank of China has distributed the digital yuan, called e-CNY, to 15 of China’s 23 provinces, and it has been used in more than 360 million transactions totaling north of 100 billion yuan, or $13.9 billion. The country has literally given away millions of dollars worth of digital yuan through lotteries, and its central bank has also participated in cross-border exchanges with several nations.
Credit to Author: Justin Ling| Date: Tue, 20 Dec 2022 12:00:00 +0000
Elon Musk claims plane-tracking data is a risky privacy violation. But the world loses a lot if this information disappears—and that’s already happening.
Read moreCredit to Author: Microsoft Security Threat Intelligence| Date: Mon, 19 Dec 2022 18:00:00 +0000
Microsoft discovered a vulnerability in macOS, referred to as “Achilles”, allowing attackers to bypass application execution restrictions enforced by the Gatekeeper security mechanism.
The post Gatekeeper’s Achilles heel: Unearthing a macOS vulnerability appeared first on Microsoft Security Blog.
Read more
KB5012170 is many things to many Windows users. First, it’s a patch that either installs with no problems or leads to a blue screen of death (BSOD). It can also be an indicator we have a problem getting updated drivers on our systems. It can demonstrate how users don’t keep up with Bios updates. And it shows that some OEMs enable Bitlocker on the systems they sell (not necessarily in a good way).
In short, it’s a problematic patch that just keeps rearing its head.
Also known as “Security Update for Secure Boot DBX,” KB5012170 was released earlier this year and makes improvements to the Secure Boot Forbidden Signature Database (DBX). Windows devices that have Unified Extensible Firmware Interface (UEFI)-based firmware have Secure Boot enabled. It ensures only trusted software can be loaded and executed on during the boot process by using cryptographic signatures to verify the integrity of the process and the software being loaded.
Credit to Author: Lily Hay Newman| Date: Sat, 17 Dec 2022 14:00:00 +0000
Plus: An FBI platform got hacked, an ex-Twitter employee is sentenced for espionage, malicious Windows 10 installers circulate in Ukraine, and more.
Read more
Microsoft’s December Patch Tuesday updated delivers 59 fixes, including two zero-days (CVE-2022-44698 and CVE-2022-44710) that require immediate attention on the Windows platform. This is a network focused update (TCP/IP and RDP) that will require significant testing with an emphasis on ODBC connections, Hyper-V systems, Kerberos authentication, and printing (both local and remote).
Microsoft also published an urgent out-of-band update (CVE-2022-37966) to address serious Kerberos authentication issues. (The team at Readiness has provided a helpful infographic that outlines the risks associated with each of these updates.)