Private browsing. Incognito. Privacy mode.
Web browser functions like those trace their roots back more than a decade, and the feature — first found in a top browser in 2005 — spread quickly as one copied another, made tweaks and minor improvements.
But privacy-promising labels can be treacherous. Simply put, going “incognito” is as effective in guarding online privacy as witchcraft is in warding off a common cold.
Credit to Author: BrianKrebs| Date: Tue, 28 Nov 2023 15:57:38 +0000
One of the cybercrime underground’s more active sellers of Social Security numbers, background and credit reports has been pulling data from hacked accounts at the U.S. consumer data broker USinfoSearch, KrebsOnSecurity has learned.
Read more
Many business professionals require highly secure messaging solutions, particularly when they travel. Apple’s iMessage will soon offer a new secure identity verification system enterprise professionals might find useful. It’s called Contact Key Verification.
Apple actually announced the system in 2022. It is now expected to go live across the Apple ecosystem with the release of iOS 17.2 and updates for Macs and iPads.
We are now in the third decade of Microsoft’s monthly Patch Tuesday releases, which deliver fewer critical updates to browsers and Windows platforms — and much more reliable updates to Microsoft Office — than in the early days of patching. But this month, the company rolled out 63 updates (including fixes for three zero-days in Windows and Office).
Updates to Microsoft Exchange and Visual Studio can be included in standard patch release cycles, while Adobe needs to be included in your “Patch Now” releases for third-party applications.
The team at Readiness has provided a detailed infographic that outlines the risks associated with each of the updates for November.
Credit to Author: BrianKrebs| Date: Thu, 16 Nov 2023 19:59:14 +0000
Prosecutors in Finland this week commenced their criminal trial against Julius Kivimäki, a 26-year-old Finnish man charged with extorting a once popular and now-bankrupt online psychotherapy practice and thousands of its patients. In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.
Read more
Credit to Author: BrianKrebs| Date: Tue, 14 Nov 2023 23:00:59 +0000
Microsoft today released updates to fix more than five dozen security holes in its Windows operating systems and related software, including three “zero day” vulnerabilities that Microsoft warns are already being exploited in active attacks.
Read more
Credit to Author: BrianKrebs| Date: Sat, 11 Nov 2023 17:59:07 +0000
In the summer of 2022, KrebsOnSecurity documented the plight of several readers who had their accounts at big-three consumer credit reporting bureau Experian hijacked after identity thieves simply re-registered the accounts using a different email address. Sixteen months later, Experian clearly has not addressed this gaping lack of security. I know that because my account at Experian was recently hijacked, and the only way I could recover access was by recreating the account.
Read more
Microsoft is trying to get rid of that sticky note that you see taped to everyone’s office monitor. You know, the one with the password on it. The one with all of the old passwords crossed off one by one, each one subtly different from the last — an exclamation point turning into an ampersand, a one into a two.
Enterprises have really done this to themselves. The passwords that most organizations require — which have to be complex, with long strings of numbers and specially cased phrases with some (but not all! heavens no, not the one you want) symbols — are difficult to remember. There’s no hope except to write them down. Then you have to reset them every so often. Then they get recycled. And on and on the cycle goes.