Thursday, July 19, 2018

Mingis on Tech: The blockchain evolution moves from services…to smartphones?

If 2017 was the year many tech firms suddenly looked around and realized they needed to be part of the blockchain craze, this is the year companies in a variety of industries have begun actively experimenting with the distributed...

Stung by a festering pile of bugs on Patch Tuesday, MS releases 27 more patches

In what is becoming a common occurrence, Microsoft’s Patch Tuesday brought along so many bugs that they necessitated a remediation round. This month, unusually, it took only six days to get the exterminators out. Since these fixes are aimed...

Microsoft yanks buggy Office 2016 patch KB 4018385, republishes all of this month’s patch downloads

As I reported yesterday, the July 2018 Windows and Office patches teem with bugs. We’re just beginning to see the fallout.The July 3 non-security Office 2016 patch KB 4018385 is officially yanked. If you don’t recall KB 4018385 —...

Here come the first blockchain smartphones: What you need to know

After months of speculation, Taiwanese electronics company Huawei Technologies Ltd. (HTC) has confirmed it will be releasing a blockchain-enabled smartphone this year that will allow users to securely store cryptocurrency offline and act as a compute node in a...

Google flips switch on Chrome’s newest defensive technology

Google has switched on a defensive technology in Chrome that will make it much more difficult for Spectra-like attacks to steal information such as log-on credentials.Called "Site Isolation," the new security technology has a decade-long history. But most recently...

Patch Tuesday problems abound, Server 2016 crashes, and a .Net patch goes down in flames

You know it’s going to be an Alice in Wonderland month when some sites report that Microsoft plugged 54 vulnerabilities on Patch Tuesday, while others report 53. Fact is, patching has become so brutal — and so banal —...

The difference between red team engagements and vulnerability assessments | Salted Hash Ep 34

In this episode, host Steve Ragan talks with Phil Grimes, Professional Services Lead at RedLegg, about the challenges of educating customers — and building a partnership with them — to create successful red team engagements.

Get the Microsoft June patches applied, but watch out for Win7 NICs and old antivirus

Windows 7 customers should be on the lookout for a couple of, uh, challenges this month, as the Win10 1803 trail of tears continues and Win10 1709 finally looks pretty solid.The Win7/Server 2008R2 network card bugs continue First, the good...

BlackBerry’s Android upgrade track record should give anyone pause

Hey, look: A new BlackBerry phone is here! And no, you didn't just wake up from a 12-year coma. I promise you, it is still 2018.The new BlackBerry Key2, however, is aimed squarely at those who miss the glory...

Microsoft Patch Alert: Some bugs in Win 10 (1803) fixed, others persist

Microsoft's patches in June took on some unexpected twists.Windows 7 owners with older, 2002-era Pentium III machines got their patching privileges revoked without warning or explanation (and a documentation cover-up to boot), but there’s little sympathy in the blogosphere...

Supreme Court: Your digital location is protected by the Constitution

The U.S. Supreme Court on Friday ruled that access to historical cell-site records of a person's location based on their mobile phone will require law enforcement to obtain a warrant before searching a person's historical location records.This is the...

Big Win10 1709 patch reinforces twice-a-month patching pace but, oddly, nothing new for 1803

Microsoft’s Windows 10 patching pace is so fast at this point that one Patch Tuesday doesn’t cover all the bases. Instead, we’re seeing one massive Cumulative Update on Patch Tuesday, and a second — typically large — grab bag...

Apple pushes privacy theme in Safari for iOS 12, ‘Mojave’

Apple upgrades its Safari browser on macOS and iOS just once a year, making the refresh more strategic than most of its rivals, notably Google, which last year had eight separate opportunities to add features or functionality to Chrome.The...

Throwback Thursday: Get the picture?

IT director pilot fish at a daily newspaper is reworking the company's entire network. Why? "There is no security," sighs fish. "None, with about 90 users in a peer-to-peer Mac and PC environment."One night he gets a call from...

Okta Acquires Access Control Startup ScaleFT

Enterprise identity management firm Okta this week announced that it has acquired ScaleFT, a company that offers a Zero Trust access control platform. read more

Suing South Carolina Because Its Election Machines Are Insecure

A group called Protect Democracy is suing South Carolina because its insecure voting machines are effectively denying people the right to vote. Note: I am an advisor to Protect Democracy on its work related to election cybersecurity, and submitted a...

Why the Best Defense Is a Good Offensive Security Strategy

When many people think about offensive security, they picture a mysterious figure wearing a hoodie, sitting behind a black-and-green terminal, diligently typing away as he probes enterprise networks. But the cybersecurity world has evolved well beyond this Hollywood hacker...

Google hit with $5.1b fine in EU’s Android antitrust case

This could mean the end of free Android. In the meantime, Google plans to appeal.

Privacy Advocates Say Kelsey Smith Act Gives Police Too Much Power

This bill making its way through Congress would allow law enforcement to more easily uncover location data for cell phones from mobile carriers in an emergency.