Saturday, January 19, 2019

Windows 10 October 2018 Update is at last being pushed automatically

Enlarge / Who doesn't love some new Windows? (credit: Peter Bright / Flickr) The ill-fated Windows 10 October 2018 Update has hitherto been offered only to those Windows users that manually sought it, either by using the dedicated...

Windows 7 enters its final year of free support

Enlarge / Licensing and support lifecycles are not really the easiest topics to illustrate. (credit: Peter Bright) Windows 7's five years of extended support will expire on January 14, 2020: exactly one year from today. After this date,...

Latest Windows 10 build makes setup quieter, passwords optional

The latest Insider build of Windows 10, 18309, expands the use of a thing that Microsoft has recently introduced: passwordless Microsoft accounts. It's now possible to create a Microsoft account that uses a one-time code delivered over SMS as...

Bay Area: Join us 1/9 to talk about personal data security in 2019

Enlarge / Askhan Soltani has worked with the FTC and as an independent researcher, exploring data privacy issues. Recently, he testified about Facebook's privacy policies before the US and UK governments. (credit: Ashkan Soltani) The Cambridge Analytica scandal....

Cryptography failure leads to easy hacking for PlayStation Classic

Enlarge / The PlayStation Classic's internal USB, removed and picked at as part of the hacking effort. (credit: Yifan Lu / Twitter) In the days since the PlayStation Classic's official release, hackers have already made great progress in...

Marriott breach leaves 500 million exposed with passport, card numbers stolen

Enlarge / Marriott Hotel brands like the W hotel were breached between 2014 and 2018. (credit: Craig Warga/Bloomberg via Getty Images) On Friday, Marriott International announced a system breach that has affected approximately 500 million customers,...

Now it’s Office’s turn to have a load of patches pulled

Enlarge (credit: Benjamin) After endless difficulties with the Windows 10 October 2018 update—finally re-released this month with the data-loss bug fixed—it seems that now it's the Office team's turn to release some updates that need to be un-released. On...

Spectre, Meltdown researchers unveil 7 more speculative execution attacks

Enlarge (credit: Aurich Lawson / Getty Images) Back at the start of the year, a set of attacks that leveraged the speculative execution capabilities of modern high-performance processors was revealed, with the names Meltdown and Spectre. Since then,...

Windows 10 October 2018 Update is back, this time without deleting your data

Enlarge / This message, shown during Windows upgrades, is going to be salt in the wound. Just over a month since its initial release, Microsoft is making the Windows 10 October 2018 Update widely available today. The...

Another Windows 0-day flaw has been published on Twitter

https://t.co/1Of8EsOW8z Here's a low quality bug that is a pain to exploit.. still unpatched. I'm done with all this anyway. Probably going to get into problems because of being broke now.. but whatever. — SandboxEscaper (@SandboxEscaper) October 23, 2018 SandboxEscaper, a...

Election security in the age of bots, operatives, and digital attacks

Video by Chris Schodt, production by Justin Wolfson (video link) In our latest episode of Ars Technica Live, we talk about election security. My guest was Alex Stamos, a researcher at Stanford who just happened to be the CSO...

Meet Helm, the startup taking on Gmail with a server that runs in your home

Enlarge (credit: Helm) There’s no doubt that Gmail has changed the way we consume email. It’s free, it gives most of us all the storage we’ll ever need, and it does a better job than most in weeding...

Browser vendors unite to end support for 20-year-old TLS 1.0

Enlarge (credit: Indigo girl / Flickr) Apple, Google, Microsoft, and Mozilla have announced a unified plan to deprecate the use of TLS 1.0 and 1.1 early in 2020. TLS (Transport Layer Security) is used to secure connections on the...

Already facing an uphill misinformation fight, Facebook loses to scammers, too

Enlarge / A partial screenshot of one of the scam profiles pushing an adult dating scam on Facebook. Responding to critics in the US Congress and elsewhere who say Facebook isn’t doing enough to stop the flow...

Apple to Congress: Chinese spy-chip story is “simply wrong”

Enlarge / Apple CEO Tim Cook. (credit: Drew Angerer/Getty Images) Apple isn't relenting in its attacks on last week's Bloomberg story claiming that tiny Chinese chips had compromised the security of Apple and Amazon data centers. In a...
ZDNet

Websites can steal browser data via extensions APIs

Researcher finds nearly 200 Chrome, Firefox, and Opera extensions vulnerable to attacks from malicious sites.
Security Affairs

6 Reasons We Need to Boost Cybersecurity Focus in 2019

Paying attention to cybersecurity is more important than ever in 2019. But, some companies are still unwilling to devote the necessary resources to securing their infrastructures against cyberattacks, and naive individuals think they’re immune to the tactics of cybercriminals,...
isBuzz

Fortnite Vulnerabilities Allow Hackers To Take Over Gamers’ Accounts, Data And In-Game Currency

Cybersecurity researchers today shared details of vulnerabilities that could have affected any player of the hugely popular online battle game, Fortnite. If exploited, the vulnerability would have given an attacker full access to a user’s account and their personal information  as well...

DNC Accuses Russia, ACLU Sues ICE, and More Security News This Week

Trump dominated security headlines this week, but there's plenty of other news to catch up on.
SecurityWeek

Bulgaria Extradites Russian Hacker to US: Embassy

Bulgaria has extradited a Russian indicted by a US court for mounting a complex hacking scheme to the United States, the Russian embassy in Washington said Saturday. read more