Tuesday, November 26, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Independent

ComputerWorld Independent 

Apple beefs up enterprise identity, device management

admin , ,

Last week at WWDC, Apple introduced new capabilities related to Managed Apple IDs and to user identity overall.

Managed Apple IDs have been around for some time. They handle many of the same tasks as personal Apple IDs, but are owned by an organization rather than the end user and are typically created alongside a user’s enterprise identity through federated authentication with a company’s identity provider. 

Managed IDs allow a user to activate and use an Apple device — whether company owned or personal BYOD— and create a business profile on employee devices. Additionally, they provide Apple services including some core iCloud functionality such as backing up the work-related content on the device and syncing app data from Mail, Calendar, Contacts, and Notes. They also allow IT to manage what resources and devices a user can access, reset passwords, and help with Apple device management.

To read this article in full, please click here

Read more
ComputerWorld Independent 

June's Patch Tuesday updates focus on Windows, Office

admin , , , ,

Microsoft released 73 updates to its Windows, Office, and Visual Studio platforms on Patch Tuesday, with many of them dealing with core, but not urgent, security vulnerabilities. That’s a welcome respite from the previous six months of urgent zero-days and public disclosures. With that in mind, the Readiness testing team suggests a focus on printing and backup/recovery processes to make sure they’re not affected by this update cycle.

For the first time, we see a (non-Adobe) third-party vendor added to a Patch Tuesday release, with three minor plugin updates to Visual Studio for AutoDesk. Expect to see more such vendors added to Microsoft’s updates in the near future. The team at Readiness has created a useful infographic that outlines the risks associated with each of the updates.

To read this article in full, please click here

Read more
ComputerWorld Independent 

How and why to use FIDO Security Keys for Apple ID

admin , , , , , ,

In a world that needs Apple’s recently-improved Lockdown Mode to protect good people against bad ones, high-risk individuals should consider using physical security keys to protect their Apple ID.

What are Security Keys and what do they do?

Security keys are small devices that look a little like thumb drives. Apple at WWDC 2020 confirmed plans to support FIDO authentication beginning with iOS 14 and macOS 11; now, with the release of iOS 16.3, iPadOS 16.3, and macOS Ventura 13.2, Apple lets you use them to verify your Apple ID, replacing a passcode. They become one of the two forms of identification you require with two-factor authentication (2FA).

To read this article in full, please click here

Read more
Independent Krebs 

CISA Order Highlights Persistent Risk at Network Edge

admin , , , , , , , , , , , , , , ,

Credit to Author: BrianKrebs| Date: Thu, 15 Jun 2023 15:40:09 +0000

The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal civilian agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.

Read more
Independent Krebs 

Microsoft Patch Tuesday, June 2023 Edition

admin , , , , , , , , , , ,

Credit to Author: BrianKrebs| Date: Tue, 13 Jun 2023 20:44:28 +0000

Microsoft Corp. today released software updates to fix dozens of security vulnerabilities in its Windows operating systems and other software. This month’s relatively light patch load has another added bonus for system administrators everywhere: It appears to be the first Patch Tuesday since March 2022 that isn’t marred by the active exploitation of a zero-day vulnerability in Microsoft’s products.

Read more
Independent Krebs 

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

admin , , , , , , , , ,

Credit to Author: BrianKrebs| Date: Thu, 08 Jun 2023 20:17:06 +0000

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely updated with software fixes.

Read more
ComputerWorld Independent 

WWDC: 18+ ways Apple plans to make you more secure

admin , , , ,

Vision Pro, Apple Silicon, Macs, new enterprise tools — and privacy protection were all among the many WWDC announcements Apple made this week.

Introducing these protections, Craig Federighi, Apple’s senior vice president for  software engineering said: “We are focused on keeping our users in the driver’s seat when it comes to their data by continuing to provide industry-leading privacy features and the best data security in the world.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Cisco brings generative AI to Webex and Cisco Security Cloud

admin , , ,

Cisco is adding new generative AI capabilities to its Webex collaboration platform, aimed at increasing productivity through automated meeting and conversation summaries.

The new offerings, announced at the Cisco Live! customer event in Las Vegas on Wednesday, include summarization capabilities that allow users to catch up on missed meetings or focus on the most important action items from a call. The capabilities also extend to Cisco’s asynchronous Vidcast tool and the Webex Contact Center.

To read this article in full, please click here

Read more