Friday, November 22, 2024
Latest:

Computer Security Articles

RSS Reader for Computer Security Articles

Browsers

ComputerWorld Independent 

Mozilla patches Firefox zero-day as attackers exploit flaw

admin ,

Credit to Author: Gregg Keizer| Date: Thu, 09 Jan 2020 11:46:00 -0800

Just one day after releasing Firefox 72, Mozilla updated the browser with a fix to shut down active attacks, the company acknowledged.

On Wednesday, Mozilla issued Firefox 72.0.1, which included one change: A patch for the vulnerability identified as CVE-2019-17026. “We are aware of targeted attacks in the wild abusing this flaw,” Mozilla said in the short description of the flaw, signaling that criminals were already leveraging the zero-day vulnerability, the term applied because there no time elapses between patching and exploitation.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Security lessons from a Mac-only fintech company

admin , , ,

Credit to Author: Jonny Evans| Date: Wed, 20 Nov 2019 07:43:00 -0800

Apple remains a highly secure choice for enterprise professionals, but security threats remain and the environment requires sophisticated endpoint management tools, confirmed Build America Mutual (BAM) CTO, David McIntyre.

The Mac only bank

BAM is one of the leading U.S. municipal bond insurers and has insured over $65 billion since launch in 2012. It also has the rare distinction of being a fintech firm that is completely based on Macs.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Patch Tuesday arrives with Access error, 1909 in tow, and a promise of no more 'optional' patches this year

admin , , ,

Credit to Author: Woody Leonhard| Date: Wed, 13 Nov 2019 07:59:00 -0800

The patches haven’t yet been out for 24 hours and already we’re seeing a lot of activity. Here’s where we stand with the initial wave of problems.

Malicious Software Removal Tool installation error 800B0109 

Many early patchers found that the MSRT, KB 890830, kept installing itself over and over again. Poster IndyPilot80 says:

It sits at “Installing: 0%” for a couple minutes then goes away. When I hit “Check for Updates” it shows up again and does the same thing.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Duck Duck Go offers Mac users even more privacy

admin , , , , , ,

Credit to Author: Jonny Evans| Date: Thu, 07 Nov 2019 06:20:00 -0800

People are finally waking up to the importance of privacy and the risk of entities over whom we have no control hoovering up the details of our digital lives, and that’s why the latest news from Duck Duck Go is so worthwhile.

Apple’s good privacy just got better

We know Apple is working to protect privacy – its newly updated privacy website shares a huge amount of information on its efforts, while the newly-published Safari white paper confirms the browser’s privacy protections include (among other things):

To read this article in full, please click here

Read more
ComputerWorld Independent 

Google strengthens Chrome's site isolation to protect browser against its own vulnerabilities

admin ,

Credit to Author: Gregg Keizer| Date: Thu, 31 Oct 2019 04:49:00 -0700

Google is telling Chrome users that it has extended an advanced defensive technology to protect against attacks exploiting vulnerabilities in the browser’s Blink rendering engine.

Chrome 77, which launched in September but was supplanted by Chrome 78 on Oct. 22, received the beefed-up site isolation, wrote Alex Moshchuk and Łukasz Anforowicz, two Google software engineers, in an Oct. 17 post to a company blog. “Site Isolation in Chrome 77 now helps defend against significantly stronger attacks,” the two said. “Site Isolation can now handle even severe attacks where the renderer process is fully compromised via a security bug, such as memory corruption bugs or Universal Cross-Site Scripting (UXSS) logic errors.”

To read this article in full, please click here

Read more
ComputerWorld Independent 

A Chrome security setting you shouldn't overlook

admin , , ,

Credit to Author: JR Raphael| Date: Thu, 10 Oct 2019 09:09:00 -0700

We spend tons o’ time talking about Android security settings — like the added Android 10 option to limit how and when apps are able to access your location. Often lost in the shuffle, though, is the fact that the Chrome desktop browser has some significant security options of its own, and they’re just as critical to consider.

In fact, Chrome has an easily overlooked setting that’s somewhat similar to that new location control feature in Android. It’s attached to every Chrome extension you install, as of not that long ago, and it lets you decide exactly when an extension should be able to see what you’re doing on the web and be made privy to all the details (yes, even those details) of your browsing activity.

To read this article in full, please click here

Read more
ComputerWorld Independent 

Google launches leaked-password checker, will bake it into Chrome in December

admin , , , ,

Credit to Author: Gregg Keizer| Date: Fri, 04 Oct 2019 04:06:00 -0700

Google has launched a web-based hacked-password checker, part of its efforts to bake an alert system into Chrome.

Called “Password Checker,” the service examines the username-password combinations stored in Chrome’s own password manager and reports back on those authentication pairings that have been exposed in publicly-known data breaches.

The web version can be found at passwords.google.com<>, the umbrella site for Chrome users who run the browser after logging in with their Google account, then use that to synchronize data – including passwords – between copies of Chrome on different devices.

To read this article in full, please click here

Read more